urlscan.io logo urlscan.io
SecurityTrails logo

www.msn.com Open in urlscan Pro
131.253.33.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?o...
Effective URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?o...
Submission: On April 12 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 51 IPs in 5 countries across 34 domains to perform 292 HTTP transactions. The main IP is 131.253.33.203, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.msn.com. The Cisco Umbrella rank of the primary domain is 1164.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 22nd 2021. Valid for: a year.
This is the only time www.msn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 131.253.33.203 8075 (MICROSOFT...)
66 23.36.163.97 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2a00:1288:80:... 203220 (YAHOO-DEB)
27 204.79.197.203 8068 (MICROSOFT...)
37 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 31 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 108.157.4.15 16509 (AMAZON-02)
8 13.89.178.26 8075 (MICROSOFT...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 69.192.161.85 16625 (AKAMAI-AS)
1 3 52.203.165.149 14618 (AMAZON-AES)
1 2600:9000:215... 16509 (AMAZON-02)
1 130.211.23.194 15169 (GOOGLE)
5 34.252.25.105 16509 (AMAZON-02)
1 1 20.190.160.8 8075 (MICROSOFT...)
3 2620:1ec:49::45 8075 (MICROSOFT...)
10 151.101.1.44 54113 (FASTLY)
10 151.101.193.44 54113 (FASTLY)
6 2a00:1288:80:... 203220 (YAHOO-DEB)
1 152.195.51.15 15133 (EDGECAST)
1 212.82.100.182 34010 (YAHOO-IRD)
2 18.214.246.74 14618 (AMAZON-AES)
3 3.126.56.137 16509 (AMAZON-02)
5 40.77.226.250 8075 (MICROSOFT...)
2 35.157.246.167 16509 (AMAZON-02)
2 3 216.58.212.134 15169 (GOOGLE)
1 3.120.51.47 16509 (AMAZON-02)
2 70.42.32.31 13789 (INTERNAP-...)
1 64.202.112.159 22075 (AS-OUTBRAIN)
2 151.101.14.132 54113 (FASTLY)
1 52.59.128.211 16509 (AMAZON-02)
4 108.157.4.109 16509 (AMAZON-02)
1 35.158.141.195 16509 (AMAZON-02)
1 3.123.202.125 16509 (AMAZON-02)
3 13 76.223.111.18 16509 (AMAZON-02)
3 74.121.143.241 30419 (MEDIAMATH...)
1 15.197.193.217 16509 (AMAZON-02)
3 172.217.16.130 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 52.29.122.153 16509 (AMAZON-02)
1 2 52.46.130.91 16509 (AMAZON-02)
1 1 64.74.236.223 22075 (AS-OUTBRAIN)
1 23.35.229.181 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.35.228.210 16625 (AKAMAI-AS)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
292 51
4    131.253.33.203 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.dc-msedge.net
www.msn.com
66    23.36.163.97 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-97.deploy.static.akamaitechnologies.com
assets.msn.com
1    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
6    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
jill.fc.yahoo.com
jac.yahoosandbox.com
27    204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net
api.msn.com
srtb.msn.com
37    2a02:26f0:3500:7::17d8:4dc9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.msn.com
31    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
www.bing.com
2    108.157.4.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-15.dus51.r.cloudfront.net
sb.scorecardresearch.com
8    13.89.178.26 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.msn.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    2606:4700::6810:a20d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
3    69.192.161.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-85.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
3    52.203.165.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-165-149.compute-1.amazonaws.com
www138.civicscience.com
www.civicscience.com
1    2600:9000:2156:2c00:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2zqfs55y95cft.cloudfront.net
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
5    34.252.25.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-25-105.eu-west-1.compute.amazonaws.com
api.viglink.com
1    20.190.160.8 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
3    2620:1ec:49::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mem.gfx.ms
10    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
am-api.taboola.com
10    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
images.archive-digger.com
6    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
26.at.atwola.com
cdn.js7k.com
1    152.195.51.15 (United States)

ASN15133 (EDGECAST, US)
tag.idsync.analytics.yahoo.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    18.214.246.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-246-74.compute-1.amazonaws.com
www.civicscience.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
service.idsync.analytics.yahoo.com
5    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
2    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
web.ssp.yahoo.com
3    216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net
ad.doubleclick.net
1    3.120.51.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-51-47.eu-central-1.compute.amazonaws.com
d.agkn.com
2    70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1-nydc1.zemanta.com
mcdp-nydc1.outbrain.com
1    64.202.112.159 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1t-nydc1.zemanta.com
2    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
odb.outbrain.com
1    52.59.128.211 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-128-211.eu-central-1.compute.amazonaws.com
prod-m-node-3113.ssp.yahoo.com
4    108.157.4.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-109.dus51.r.cloudfront.net
ib.3lift.com
1    35.158.141.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-141-195.eu-central-1.compute.amazonaws.com
prod-m-node-3113.ssp.advertising.com
1    3.123.202.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-202-125.eu-central-1.compute.amazonaws.com
tlx.3lift.com
13    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    74.121.143.241 (United States)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
cm.g.doubleclick.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a05:d018:d29:3605:a6cd:bbc5:ba08:db41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    52.29.122.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-122-153.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    64.74.236.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
3    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    23.35.228.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-210.deploy.static.akamaitechnologies.com
pixel.mathtag.com
6    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
107 msn.com
www.msn.com — Cisco Umbrella Rank: 1164
assets.msn.com — Cisco Umbrella Rank: 182
api.msn.com — Cisco Umbrella Rank: 113
c.msn.com — Cisco Umbrella Rank: 552
browser.events.data.msn.com — Cisco Umbrella Rank: 829
srtb.msn.com — Cisco Umbrella Rank: 787
2 MB
37 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 362
129 KB
31 bing.com
c.bing.com — Cisco Umbrella Rank: 234
www.bing.com — Cisco Umbrella Rank: 93
489 KB
18 3lift.com
ib.3lift.com — Cisco Umbrella Rank: 1160
tlx.3lift.com — Cisco Umbrella Rank: 569
eb2.3lift.com — Cisco Umbrella Rank: 400
97 KB
12 yahoo.com
jill.fc.yahoo.com — Cisco Umbrella Rank: 2411
tag.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 2379
cms.analytics.yahoo.com — Cisco Umbrella Rank: 883
service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 826
web.ssp.yahoo.com — Cisco Umbrella Rank: 2382
prod-m-node-3113.ssp.yahoo.com — Cisco Umbrella Rank: 16254
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
19 KB
10 archive-digger.com
images.archive-digger.com
165 KB
10 taboola.com
am-api.taboola.com — Cisco Umbrella Rank: 15440
883 B
8 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293
28 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
41 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
187 KB
6 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 4106
api.viglink.com — Cisco Umbrella Rank: 4473
31 KB
5 microsoft.com
web.vortex.data.microsoft.com — Cisco Umbrella Rank: 1613
3 KB
5 civicscience.com
www138.civicscience.com — Cisco Umbrella Rank: 5674
www.civicscience.com — Cisco Umbrella Rank: 5647
624 B
5 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1340
widget-pixels.outbrain.com — Cisco Umbrella Rank: 1633
odb.outbrain.com — Cisco Umbrella Rank: 1512
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5662
74 KB
4 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 2919
pixel.mathtag.com — Cisco Umbrella Rank: 1233
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
63 KB
3 zemanta.com
b1-nydc1.zemanta.com — Cisco Umbrella Rank: 7112
b1t-nydc1.zemanta.com — Cisco Umbrella Rank: 6269
b1sync.zemanta.com — Cisco Umbrella Rank: 593
503 B
3 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 3602
54 KB
3 yahoosandbox.com
jac.yahoosandbox.com — Cisco Umbrella Rank: 3807
119 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 281
706 B
2 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 843
33 KB
2 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 4162
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4320
27 KB
2 atwola.com
26.at.atwola.com — Cisco Umbrella Rank: 105887
340 B
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 420
151 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1307
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 137
722 B
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1133
api.btloader.com — Cisco Umbrella Rank: 1274
5 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 289
220 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 482
706 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 355
265 B
1 advertising.com
prod-m-node-3113.ssp.advertising.com — Cisco Umbrella Rank: 17602
176 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 550
650 B
1 live.com
login.live.com — Cisco Umbrella Rank: 85
933 B
1 cloudfront.net
d2zqfs55y95cft.cloudfront.net
36 KB
292 34
Domain Requested by
66 assets.msn.com www.msn.com
assets.msn.com
web.ssp.yahoo.com
37 img-s-msn-com.akamaized.net assets.msn.com
29 www.bing.com assets.msn.com
21 srtb.msn.com assets.msn.com
13 eb2.3lift.com 3 redirects www.msn.com
ib.3lift.com
eb2.3lift.com
10 images.archive-digger.com
10 am-api.taboola.com
8 browser.events.data.msn.com assets.msn.com
6 s0.2mdn.net www.msn.com
s0.2mdn.net
6 api.msn.com assets.msn.com
5 web.vortex.data.microsoft.com mem.gfx.ms
5 api.viglink.com cdn.viglink.com
4 pagead2.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 ib.3lift.com web.ssp.yahoo.com
ib.3lift.com
www.msn.com
4 www.civicscience.com www138.civicscience.com
4 www.msn.com www.msn.com
assets.msn.com
3 www.googletagservices.com tags.mathtag.com
www.googletagservices.com
s0.2mdn.net
3 cm.g.doubleclick.net eb2.3lift.com
3 tags.mathtag.com www.msn.com
tags.mathtag.com
3 ad.doubleclick.net 2 redirects www.googletagservices.com
3 service.idsync.analytics.yahoo.com tag.idsync.analytics.yahoo.com
web.ssp.yahoo.com
3 mem.gfx.ms assets.msn.com
mem.gfx.ms
3 jac.yahoosandbox.com jill.fc.yahoo.com
jac.yahoosandbox.com
3 jill.fc.yahoo.com assets.msn.com
jac.yahoosandbox.com
2 googleads4.g.doubleclick.net www.msn.com
2 tpc.googlesyndication.com www.msn.com
tpc.googlesyndication.com
2 s.amazon-adsystem.com 1 redirects eb2.3lift.com
2 cdn.js7k.com web.ssp.yahoo.com
2 26.at.atwola.com www.msn.com
2 web.ssp.yahoo.com www.msn.com
2 s.yimg.com
2 widgets.outbrain.com assets.msn.com
widgets.outbrain.com
2 ad-delivery.net
2 sb.scorecardresearch.com 1 redirects
2 c.bing.com 1 redirects eb2.3lift.com
2 c.msn.com 1 redirects
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 odb.outbrain.com widgets.outbrain.com
1 pixel.mathtag.com tags.mathtag.com
1 widget-pixels.outbrain.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 b1sync.zemanta.com 1 redirects
1 x.bidswitch.net eb2.3lift.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com eb2.3lift.com
1 match.adsrvr.org eb2.3lift.com
1 tlx.3lift.com www.msn.com
1 prod-m-node-3113.ssp.advertising.com web.ssp.yahoo.com
1 prod-m-node-3113.ssp.yahoo.com web.ssp.yahoo.com
1 zem.outbrainimg.com
1 b1t-nydc1.zemanta.com
1 b1-nydc1.zemanta.com
1 d.agkn.com
1 cms.analytics.yahoo.com
1 tag.idsync.analytics.yahoo.com jac.yahoosandbox.com
1 login.live.com 1 redirects
1 api.btloader.com btloader.com
1 d2zqfs55y95cft.cloudfront.net
1 www138.civicscience.com 1 redirects
1 cdn.viglink.com assets.msn.com
1 btloader.com assets.msn.com
292 61

This site contains links to these domains. Also see Links.

Domain
login.live.com
www.techradar.com
www.bleepingcomputer.com
go.microsoft.com
Subject Issuer Validity Valid
*.msn.com
Microsoft RSA TLS CA 01		 2021-09-22 -
2022-09-22		 a year crt.sh
assets.msn.com
Microsoft RSA TLS CA 02		 2021-09-23 -
2022-09-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-05 -
2022-09-04		 a year crt.sh
secure.ace.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-12-08 -
2022-05-25		 6 months crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 06		 2022-03-02 -
2023-02-25		 a year crt.sh
ssl1029306.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-12 -
2022-06-30		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2022-02-23 -
2022-05-24		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
viglink.com
Amazon		 2021-11-13 -
2022-12-11		 a year crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-21 -
2022-05-11		 2 months crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 01		 2022-02-15 -
2023-02-10		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.archive-digger.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-28 -
2022-12-31		 9 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-14 -
2022-05-04		 2 months crt.sh
*.idsync.analytics.yahoo.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-02		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
*.civicscience.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-09 -
2022-05-10		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.vortex.data.microsoft.com
Microsoft RSA TLS CA 01		 2022-04-03 -
2023-04-03		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
jp.techcrunch.com
DigiCert SHA2 High Assurance Server CA		 2022-03-30 -
2022-06-29		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-08-29		 a year crt.sh
*.outbrainimg.com
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-02-02 -
2022-05-04		 3 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2022-04-22		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-03-28 -
2022-09-28		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Frame ID: A9716792B6B2B2D53E0ED2AEA35B63A3
Requests: 229 HTTP requests in this frame

Frame: https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
Frame ID: 15FCE9451FEC63DD57B3707C5BF85563
Requests: 1 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Frame ID: 4C4B8A596696BE82951F8421F407C68E
Requests: 2 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/jac.js
Frame ID: 8D1FC5C0A86B4ECB0C75BD0A4C2D9D07
Requests: 12 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/jac.js
Frame ID: 77020E403561A4DF32D338DD5F4FA4E9
Requests: 17 HTTP requests in this frame

Frame: data://truncated
Frame ID: E2AB10BACDF4D44D54C69972241FC952
Requests: 1 HTTP requests in this frame

Frame: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTW1SallqQmhNMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMjI5OTQ3Mjg3MzE3NTc0MjUvMTA1NjU4NjYvMTEzMjAwMTUvNjIvLVg5UWtlZ1NjTTR4U21sV1Rla3otSmk3ZFFqcDQtLVNEUTJHZTIzeGhSay8yLzQ0OTgxMi8wLzAvMTg1NDM4My8zMTE3NzgzOTczLzIzMTkzOS8xMTI5NTc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvNDQ5ODEyLzAvMC81MTIyOTk0NzI4NzMxNzU3NDI1L2Ftcy8wLzM3MDAvMzgvOTk5LzMyMi8xODUuMjEzLjE1NS4wLzAuMDAwLzE2NDk3ODc3OTIvMTY0OTgwMDM5Mi82Mi8xMDA0NC8/T3NSp-nEMaI73HC0QmknJdxaa1E&nodeid=522&group=cdg&auctionid=5122994728731757425&shardkey=5122994728731757425&sid=11320015&cid=10565866&price=3.74&bp=d_heaaaa&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.96
Frame ID: F01B23B67BDC43A8563FEB7D4D3CCED7
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Frame ID: ED93B08C3E0F0F6E299C2E21AC6F9E93
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FA7A667245DE5C5EDBE3946625EA29A7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/18221727850899315298/index.html
Frame ID: E2243684EFBE81DBD98A958EB56268BD
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Qbot malware found smuggled inside Windows Installer packagesmsn_logo

Page URL History Show full URLs

  1. http://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-p... HTTP 307
    https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js

Page Statistics

292
Requests

97 %
HTTPS

28 %
IPv6

34
Domains

61
Subdomains

51
IPs

5
Countries

3990 kB
Transfer

11200 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz HTTP 307
    https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://c.msn.com/c.gif?rnd=1649787790973&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&cvs=Browser&di=17930&st.dpt=technology&st.sdpt=&subcvs=news&lng=en-us&rid=9575a236a39a457e86ca3f8969170291&activityId=9575a236a39a457e86ca3f8969170291&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0 HTTP 302
  • https://c.bing.com/c.gif?rnd=1649787790973&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&cvs=Browser&di=17930&st.dpt=technology&st.sdpt=&subcvs=news&lng=en-us&rid=9575a236a39a457e86ca3f8969170291&activityId=9575a236a39a457e86ca3f8969170291&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=FD1AD9559E084ED7AF0CC16699DD7635&RedC=c.msn.com&MXFR=135751EF468C6B243AC9406B473E6A3F HTTP 302
  • https://c.msn.com/c.gif?rnd=1649787790973&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&cvs=Browser&di=17930&st.dpt=technology&st.sdpt=&subcvs=news&lng=en-us&rid=9575a236a39a457e86ca3f8969170291&activityId=9575a236a39a457e86ca3f8969170291&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=FD1AD9559E084ED7AF0CC16699DD7635&MUID=135751EF468C6B243AC9406B473E6A3F
Request Chain 25
  • https://sb.scorecardresearch.com/b?rn=1649787790973&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%26content%3D1%26mkt%3Den-us&c8=Qbot+malware+found+smuggled+inside+Windows+Installer+packages&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?rn=1649787790973&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%26content%3D1%26mkt%3Den-us&c8=Qbot+malware+found+smuggled+inside+Windows+Installer+packages&c9=
Request Chain 31
  • https://www138.civicscience.com/jspoll/4/civicscience-widget.js HTTP 302
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Request Chain 70
  • https://login.live.com/login.srf?wa=wsignin1.0&checkda=1&wp=MBI_SSL&mkt=en-us&wreply=https%3A%2F%2Fapi.msn.com%2Fauth%2Fcookie%2Fsilentpassport%3Fapikey%3D0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM%26ocid%3DPeregrine%26pwo%3Dhttps%253A%252F%252Fwww.msn.com%26secure%3Dtrue HTTP 302
  • https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
Request Chain 175
  • https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;sz=1x1;ord=2022-04-12+18%3A23%3A12;dc_ref=msn.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D HTTP 302
  • https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;dc_pre=CJjy3bqSj_cCFU0EiwodsSoHdg;sz=1x1;ord=2022-04-12+18%3A23%3A12;dc_ref=msn.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D HTTP 302
  • https://d.agkn.com/pixel/10690/?che=3158673239&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=
Request Chain 252
  • https://eb2.3lift.com/sync?max=10&cb=48073 HTTP 302
  • https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Request Chain 255
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxMzMwOTk3MDI5ODQ0NDQ0NjA2NA%3D%3D
Request Chain 257
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxMzMwOTk3MDI5ODQ0NDQ0NjA2NA%3D%3D
Request Chain 259
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2613309970298444446064?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.dYp52BE2oQXDEM6_O.dvvol3Z4.9Zb6muePrMXHXg--~A&dongle=0883
Request Chain 262
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2613309970298444446064 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2613309970298444446064&dcc=t
Request Chain 263
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

292 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ar-AAW83WP
www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/
Redirect Chain
  • http://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
  • https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
24 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/
Resource Hash
84083067614c12898c1ee006b7a7d674379b8a87f4ef20b8da529a2cd2997d07
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;worker-src 'self' https: blob:;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods
HEAD,GET,OPTIONS
cache-control
no-store, no-cache
content-security-policy
block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;worker-src 'self' https: blob:;
content-type
text/html; charset=utf-8
date
Tue, 12 Apr 2022 18:23:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
pragma
no-cache
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
strict-transport-security
max-age=1209600; includeSubDomains; preload
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-fabric-cluster
pmeprodneu
x-frame-options
SAMEORIGIN
x-msedge-ref
Ref A: 9575A236A39A457E86CA3F8969170291 Ref B: VIEEDGE1506 Ref C: 2022-04-12T18:23:10Z
x-ua-compatible
IE=Edge;chrome=1
x-xss-protection
1

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Non-Authoritative-Reason
HSTS
vendors.257f65bf01aa2d3ba051.js
assets.msn.com/bundles/v1/views/latest/ 		283 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b899c96f6bd8de4ddc433b15a8c6e0dbfa81bc346d1f32fde1b52acdd6864327

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
QfPWyN3y7DCfxA1Nb9sc0g==
server-timing
5
content-length
85608
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50DABC76D
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
780d391f-401e-0090-6dde-4aeaef000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c98b7c
microsoft.a379e9d9132a4c4f494a.js
assets.msn.com/bundles/v1/views/latest/ 		387 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
054da3e71adbd20784a49844f803131f28b80679b1448eb070ee255498171edc

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
ifEg7t63TTDQvPd8NIscyQ==
server-timing
5
content-length
105358
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50DE915B1
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
93a563d8-f01e-00eb-12de-4a3df8000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c98b85
common.e2e3aad9bbc39d7b2314.js
assets.msn.com/bundles/v1/views/latest/ 		835 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
07952001ef2d38d6b78acce58cdd217806d1934990613b684fff570493fe51c2

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
0EcA4delzhlMAChvu5jTiQ==
server-timing
5
content-length
234198
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:09:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C105F66F92F
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
87a682d6-501e-00b5-7af9-4dfcd6000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c98b8a
experience.b08f5edeb11bdea43079.js
assets.msn.com/bundles/v1/views/latest/ 		104 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7ef08b374b98dd05adf277f227f8af9c2f6a8ebcbdb365c3957b05b310eb1154

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
m3ifTWz/8+AQt6snsX0Diw==
server-timing
5
content-length
38135
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C1067ED5ADA
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
72a2a072-601e-00ae-15f9-4d69e3000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c98b91
web-worker.0ea543821ed818f62c38.js
www.msn.com/bundles/v1/views/latest/ 		108 KB
32 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/bundles/v1/views/latest/web-worker.0ea543821ed818f62c38.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e6a106879082345d475326c840dfbe62f90ce4e4e6bbe10e016e53d502ddddbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
ARvhynHV88S/OETlBqBQ4A==
x-cache
TCP_HIT
server-timing
19
content-length
32033
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: C7EE5D98EAE445BDB933277CA355CFFC Ref B: VIEEDGE1506 Ref C: 2022-04-12T18:23:10Z
etag
0x8DA18F52605E0D2
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-ms-request-id
adc35d6a-801e-00a0-48de-4acbfe000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
84.53.185.157
x-ms-version
2009-09-19
akamai-request-id
1049eaa0
x-cid
7
x-ccc
US
eb-garamond-v14-latin-regular.woff2
assets.msn.com/statics/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/eb-garamond-v14-latin-regular.woff2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing
5
content-length
29088
last-modified
Thu, 01 Oct 2020 00:43:17 GMT
server
AkamaiNetStorage
etag
"6fbb1cf13dfeff58538dddd9e2ad485c:1601512997.736101"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
23.36.161.69
accept-ranges
bytes
timing-allow-origin
*
akamai-request-id
96c98f2e
access-control-allow-credentials
true
/
www.msn.com/resolver/api/resolve/v3/config/ 		118 KB
34 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/resolver/api/resolve/v3/config/?expType=AppConfig&expInstance=default&apptype=views&v=20220411.376&targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browserType%22:%22chrome%22,%22version%22:%22100%22,%22ismobile%22:%22false%22},%22deviceFormFactor%22:%22desktop%22,%22domain%22:%22www.msn.com%22,%22locale%22:{%22content%22:{%22language%22:%22en%22,%22market%22:%22us%22},%22display%22:{%22language%22:%22en%22,%22market%22:%22us%22}},%22ocid%22:%22iehp%22,%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22article%22,%22pageExperiments%22:[%22prg-1s1-cryptc%22,%22prg-1sw-3dcrsl2%22,%22prg-1sw-accu10%22,%22prg-1sw-acrlc%22,%22prg-1sw-akaxap%22,%22prg-1sw-camera-v2-1%22,%22prg-1sw-ccurr%22,%22prg-1sw-gevte%22,%22prg-1sw-grevtt%22,%22prg-1sw-hdukr%22,%22prg-1sw-ms-cloud%22,%22prg-1sw-mscloudn%22,%22prg-1sw-multifc%22,%22prg-1sw-nen3di%22,%22prg-1sw-newsflp%22,%22prg-1sw-newsskip%22,%22prg-1sw-pbpf1%22,%22prg-1sw-pcfc%22,%22prg-1sw-pr2fuz%22,%22prg-1sw-pr2fuzdf%22,%22prg-1sw-pr2fzdfe%22,%22prg-1sw-pr2tp%22,%22prg-1sw-pr2tpent%22,%22prg-1sw-rih-revamp3%22,%22prg-1sw-rndw%22,%22prg-1sw-sp5mats%22,%22prg-1sw-sphn2msncf%22,%22prg-1sw-splog%22,%22prg-1sw-tsrgbt%22,%22prg-adspeek%22,%22prg-contslct-t1a%22,%22prg-ctr-pnpc%22,%22prg-hprewflyout-t%22,%22prg-ias%22,%22prg-magiccc%22,%22prg-ms-cloud%22,%22prg-ndauthrf2%22,%22prg-nodualauth%22,%22prg-psovhighctl%22,%22prg-rsum-ctrl%22,%22prg-sh-adcn%22,%22prg-sh-adp%22,%22prg-sh-adp2%22,%22prg-sh-synadnc%22,%22prg-sh-synadpt%22,%22prg-url-buildw%22,%22prg-wea-skipauth%22]}
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
Kestrel /
Resource Hash
7e1dacebac327d4678565051a9a021e9040b455ad2621c4eafce2824dd17d6db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
etag
"qQKhlLlkUmmwYm5YhUm40KftBfw"
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache
TCP_HIT
content-length
34543
x-crs-env
Production
server
Kestrel
x-msedge-ref
Ref A: C77748407E754DBCA5D31CF53331A9D2 Ref B: VIEEDGE1506 Ref C: 2022-04-12T18:23:10Z
x-crs-buildversion
20220404.5_master
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
public, max-age=604800, immutable
x-fabric-cluster
pmeprodneu
x-cid
7
x-ccc
US
/
www.msn.com/resolver/api/resolve/v3/config/ 		272 KB
55 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/resolver/api/resolve/v3/config/?expType=CommonHeader&expInstance=default&sharedNs=msn-ns&apptype=views&v=20220411.376&targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browserType%22:%22chrome%22,%22version%22:%22100%22,%22ismobile%22:%22false%22},%22deviceFormFactor%22:%22desktop%22,%22domain%22:%22www.msn.com%22,%22locale%22:{%22content%22:{%22language%22:%22en%22,%22market%22:%22us%22},%22display%22:{%22language%22:%22en%22,%22market%22:%22us%22}},%22ocid%22:%22iehp%22,%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22article%22,%22pageExperiments%22:[%22prg-1s1-cryptc%22,%22prg-1sw-3dcrsl2%22,%22prg-1sw-accu10%22,%22prg-1sw-acrlc%22,%22prg-1sw-akaxap%22,%22prg-1sw-camera-v2-1%22,%22prg-1sw-ccurr%22,%22prg-1sw-gevte%22,%22prg-1sw-grevtt%22,%22prg-1sw-hdukr%22,%22prg-1sw-ms-cloud%22,%22prg-1sw-mscloudn%22,%22prg-1sw-multifc%22,%22prg-1sw-nen3di%22,%22prg-1sw-newsflp%22,%22prg-1sw-newsskip%22,%22prg-1sw-pbpf1%22,%22prg-1sw-pcfc%22,%22prg-1sw-pr2fuz%22,%22prg-1sw-pr2fuzdf%22,%22prg-1sw-pr2fzdfe%22,%22prg-1sw-pr2tp%22,%22prg-1sw-pr2tpent%22,%22prg-1sw-rih-revamp3%22,%22prg-1sw-rndw%22,%22prg-1sw-sp5mats%22,%22prg-1sw-sphn2msncf%22,%22prg-1sw-splog%22,%22prg-1sw-tsrgbt%22,%22prg-adspeek%22,%22prg-contslct-t1a%22,%22prg-ctr-pnpc%22,%22prg-hprewflyout-t%22,%22prg-ias%22,%22prg-magiccc%22,%22prg-ms-cloud%22,%22prg-ndauthrf2%22,%22prg-nodualauth%22,%22prg-psovhighctl%22,%22prg-rsum-ctrl%22,%22prg-sh-adcn%22,%22prg-sh-adp%22,%22prg-sh-adp2%22,%22prg-sh-synadnc%22,%22prg-sh-synadpt%22,%22prg-url-buildw%22,%22prg-wea-skipauth%22]}
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
Kestrel /
Resource Hash
685c7415f6f7c0721846958972e68d49790ad487f6151eae6748c6ed0509427e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
etag
"SZKSrvp857xFzz54ZjecUqIZE1o"
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache
TCP_MISS
content-length
56575
x-crs-env
Production
server
Kestrel
x-msedge-ref
Ref A: 83F3B83FC38A41499F710E5A6009BA07 Ref B: VIEEDGE1506 Ref C: 2022-04-12T18:23:10Z
x-crs-buildversion
20220404.5_master
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
public, max-age=604800, immutable
x-fabric-cluster
pmeprodneu
x-cid
7
x-ccc
US
viewspage
assets.msn.com/service/news/feed/pages/ 		15 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/news/feed/pages/viewspage?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=winp1&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&contentId=AAW83WP
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc2d106fb289df806db11b2ab1d5240efe85a916fe3595d21344bc5dc87ca71b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
4/12/2022 6:23:10 PM
x-msedge-ref
Ref A: 18D93CBFD9684D6AB5B633028A9B738A Ref B: FRA31EDGE0610 Ref C: 2022-04-12T18:23:10Z
ddd-strategyexecutionlatency
00:00:00.3218110
server-timing
5
ddd-servername
B47EAD6DFDFE
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
322
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
322
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:23:11 GMT
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
News_PageFeedReadStrategy
ddd-usertype
AnonymousMuid
ddd-tmpl
PageViewCount0;XFeed;RR:0
content-length
4256
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset
0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:wAAA;
ddd-activityid
e3f0f862-2072-47eb-81fa-92fcb749d9b6
ddd-storeexecutionlatency
00:00:00.3217814
ddd-datastore
News_PageFeedDataStore
access-control-allow-credentials
true
akamai-request-id
96c99068
article-page.3524a5090e71d2c312be.js
assets.msn.com/bundles/v1/views/latest/ 		326 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/article-page.3524a5090e71d2c312be.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a36190bae6654b1f22cfbed41d29271069f4f2d6338cc374be020965d43285b0

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
C1mkeBvPVVoAUbFF1mw7pA==
server-timing
5
content-length
91366
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:44 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C1081A2D070
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
87a684ea-501e-00b5-5bf9-4dfcd6000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99287
base-header.f0e4509fc45345ffc62c.js
assets.msn.com/bundles/v1/views/latest/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/base-header.f0e4509fc45345ffc62c.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f7ba0e8a42a5a05be5e686414b17bf84d5d7ee7b592198627b99b87faece827d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
5l/8gymC9WYYTy3HGCuDng==
server-timing
9
content-length
1313
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5274007E7
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
52332b3f-d01e-00bd-2fc1-4da4c7000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c9938c
AAW83WP
assets.msn.com/content/view/v2/Detail/en-us/ 		8 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/view/v2/Detail/en-us/AAW83WP
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1defec92beb6fab7405907cf2e49cf87fa9e64cf6c4bfcce9e79cf1b8325bbf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
ddd-usertype
AnonymousMuid
akamai-request-id
96c99392
server-timing
9
content-length
3871
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
ddd-authenticatedwithjwtflow
False
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
public, max-age=1800
akamai-server-ip
23.36.161.69
x-msedge-responseinfo
74
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
74
x-as-suppresssetcookie
1
access-control-allow-credentials
true
header-navigation-logo.c8cc89245661c9c548ac.js
assets.msn.com/bundles/v1/views/latest/ 		130 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/header-navigation-logo.c8cc89245661c9c548ac.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f43b46276227834afda76346240a4276885e66328c05471bc5165cebd1da6a52

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
7cukStmJKlJ+ub54NUHuJw==
server-timing
9
content-length
39342
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F510AC3BA6
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
414e2788-201e-00ba-38c1-4d75c9000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c9942c
pivots-nav.f0d98b0f2e8ab79f9970.js
assets.msn.com/bundles/v1/views/latest/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/pivots-nav.f0d98b0f2e8ab79f9970.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e4af51011f2b5302f586c624c6cd57492c527e03ae1dc983c7da4b8ed2b2906e

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
dUgHm4iR6l+Dp64jSQ2Nlw==
server-timing
9
content-length
15878
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50A17661C
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
414e0278-201e-00ba-0bc1-4d75c9000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99435
AAd4FLD
assets.msn.com/content/view/v2/provider/en-us/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/view/v2/provider/en-us/AAd4FLD
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5de753670b70aa985276277a94539389f9365cb2023435ab5866eafca1ab2b95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
ddd-usertype
Unknown
akamai-request-id
96c99489
server-timing
6
content-length
738
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
ddd-authenticatedwithjwtflow
False
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
public, max-age=1800
akamai-server-ip
23.36.161.69
x-msedge-responseinfo
0
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
0
x-as-suppresssetcookie
1
access-control-allow-credentials
true
rewards
assets.msn.com/service/news/users/me/ 		563 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/news/users/me/rewards?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&version=2&muid=135751EF468C6B243AC9406B473E6A3F&scn=MSNRPSAuth
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/article-page.3524a5090e71d2c312be.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
96b0a163f389a3db88daf7574b38d8eb4cf51594ec3801ccbbb153b57048c369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-activityid
a75ba67f-5c03-4bd3-8c3a-a8278566b3b4
ddd-strategyid
News_RewardsReadStrategy
ddd-usertype
AnonymousMuid
ddd-strategyexecutionlatency
00:00:00.0108487
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
server-timing
5
content-length
380
x-msedge-responseinfo
11
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
x-fd-detection-corpnet
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
akamai-server-ip
23.36.161.69
x-msedge-ref
Ref A: 6B20299F6F244C4080ED6296E76B14E6 Ref B: FRA31EDGE0215 Ref C: 2022-04-12T18:23:10Z
akamai-request-id
96c99482
onewebservicelatency
11
x-as-suppresssetcookie
1
access-control-allow-credentials
true
expires
Tue, 12 Apr 2022 18:23:11 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/png
tag
btloader.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=6208086025961472&upapi=true
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaee490ae7ac3af767857d876df43b3ff5bf7833a11eecc2c35de435c0ea947e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

cf-ray
6fadfddda9b89c10-FRA
date
Tue, 12 Apr 2022 18:23:10 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Tue, 12 Apr 2022 10:19:53 GMT
server
cloudflare
age
162
etag
W/"743c2fa6390ba42f7bbc7a4aed1a88e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x63bfHVgxXb%2BvvB8T4Nfg0PkwuNBZgzMv7UvSoFFOPnqNfci8L%2BE4SsnqeBQKaoHHGOyb%2BWzaTaf8TWdmFKcdPaJTCq5z950ELwt4Cuy1bUItyMTUgEpGwVkOaEdzEwT0PBuG5K%2BDEMEUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
SegoeUI-Roman-VF-subset_web.woff2
assets.msn.com/statics/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/SegoeUI-Roman-VF-subset_web.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing
5
content-length
41006
last-modified
Thu, 04 Jul 2019 01:04:35 GMT
server
AkamaiNetStorage
etag
"72d13803e728b0ef3dfb6da311001643:1562269510.048951"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
23.36.161.69
accept-ranges
bytes
timing-allow-origin
*
akamai-request-id
96c9968e
access-control-allow-credentials
true
roboto-v20-latin-regular.woff2
assets.msn.com/statics/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/roboto-v20-latin-regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing
5
content-length
15759
last-modified
Thu, 01 Oct 2020 00:44:24 GMT
server
AkamaiNetStorage
etag
"479970ffb74f2117317f9d24d9e317fe:1601513064.007103"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
23.36.161.69
accept-ranges
bytes
timing-allow-origin
*
akamai-request-id
96c99696
access-control-allow-credentials
true
js
jill.fc.yahoo.com/v1/client/msft/ 		359 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v1/client/msft/js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
a795b260ee6de68d124410b7912d1a6bdc1bc1e7e96bf5df13b68dcc9a994bf0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:21:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105
vary
Accept-Encoding
content-length
265
x-xss-protection
1; mode=block
x-request-id
2798ebc92f842a8865e12bfcca26f513cc1925
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=900
x-robots-tag
noindex, noarchive, nosnippet, nofollow
LiveRampObjectStoreCaller
api.msn.com/segments/recoitems/ 		36 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
br
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
04/12/2022 18:23:10,4/12/2022 6:23:10 PM
ddd-strategyid
Segments_SingleSegmentReadStrategy
ddd-usertype
AnonymousMuid
ddd-strategyexecutionlatency
00:00:00.0290581
x-cache
CONFIG_NOCACHE
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-servername
8A6DFF324651
x-fd-detection-corpnet
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DE84D99D41C74342A0DA097BB52332AE Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:10Z
ddd-authenticatedwithjwtflow
False
vary
Accept-Encoding
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
ddd-activityid
81eeec50-f2d5-439c-8d52-c59a0460c866
ddd-storeexecutionlatency
00:00:00.0289370,00:00:00.0289380
ddd-datastore
Segments_SegmentAggregateDataStore,Segments_SegmentAggregateDataStore
x-msedge-responseinfo
29
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
29
access-control-allow-credentials
true
BBsDH6t.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBsDH6t.img?w=36&h=36&q=60&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c83ec98b99c73cdb0e974ed35e079e22d48347e20271057ddbca123a5186b3a0
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:11 GMT
last-modified
Fri, 08 Apr 2022 04:35:23 GMT
x-datacenter
northeu
x-source-length
16004
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=36742
x-activityid
6306828a-8cfc-44aa-a451-39988ffdfd21
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBsDH6t?w=36&h=36&q=60&m=6&f=png&u=t
content-length
1936
expires
Wed, 13 Apr 2022 04:35:33 GMT
c.gif
c.msn.com/
Redirect Chain
  • https://c.msn.com/c.gif?rnd=1649787790973&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-...
  • https://c.bing.com/c.gif?rnd=1649787790973&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside...
  • https://c.msn.com/c.gif?rnd=1649787790973&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-...
42 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.msn.com/c.gif?rnd=1649787790973&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&cvs=Browser&di=17930&st.dpt=technology&st.sdpt=&subcvs=news&lng=en-us&rid=9575a236a39a457e86ca3f8969170291&activityId=9575a236a39a457e86ca3f8969170291&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=FD1AD9559E084ED7AF0CC16699DD7635&MUID=135751EF468C6B243AC9406B473E6A3F
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:10 GMT
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8120eaf0ff3ad81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8D15027EF94844F0A37CF8968EF2CF8F Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:11Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.msn.com/c.gif?rnd=1649787790973&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&cvs=Browser&di=17930&st.dpt=technology&st.sdpt=&subcvs=news&lng=en-us&rid=9575a236a39a457e86ca3f8969170291&activityId=9575a236a39a457e86ca3f8969170291&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=FD1AD9559E084ED7AF0CC16699DD7635&MUID=135751EF468C6B243AC9406B473E6A3F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?rn=1649787790973&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-package...
  • https://sb.scorecardresearch.com/b2?rn=1649787790973&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packag...
0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?rn=1649787790973&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%26content%3D1%26mkt%3Den-us&c8=Qbot+malware+found+smuggled+inside+Windows+Installer+packages&c9=
Protocol
H2
Server
108.157.4.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-15.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
via
1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
hJdKNWaX95xMqp1-gTKBnBgQZmYGoZvK0UHekhRPtOblrwe3XVhsnw==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?rn=1649787790973&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%26content%3D1%26mkt%3Den-us&c8=Qbot+malware+found+smuggled+inside+Windows+Installer+packages&c9=
date
Tue, 12 Apr 2022 18:23:11 GMT
via
1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-length
0
x-amz-cf-id
FMIfpfzPbpBvpQgVtVdaAiL2G0srM-GKjJ7KqFe6Jzk_kAglXAaV8w==
x-cache
Miss from cloudfront
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1004 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787790976&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
aa5d34e8098dcdd1f97b5b9f3043c76960fe9fb3140a621503086aaf70fc9f02

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:10 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
456
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
px.gif
ad-delivery.net/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Tue, 12 Apr 2022 18:23:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1044477
x-guploader-uploadid
ADPycdse5asXrTV7KacSC9CsVztbGifpfcI6HXD5NFRC92fSV5W61ivFGwJk37iqGf4-ggDWX2avzgvGTkaPSVRKMm_cm9ss_g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6eZetrl3GhJqPNyS3Ikh8Hbwa%2FCpf06iDp2MTI4QqaOOtEKMHfNLwOfOqC7ySwsJ0zRVukgGS%2FUP8LzpAvjUpSkDMhKmg%2BaDfY0cWC6wbyQahxIrasGTCuN1sFPvhtz0UX0QXBOQrVAommdojw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6fadfdde0cd79b5e-FRA
expires
Thu, 31 Mar 2022 16:28:40 GMT
px.gif
ad-delivery.net/ 		43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7459238494513021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Tue, 12 Apr 2022 18:23:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1044477
x-guploader-uploadid
ADPycdse5asXrTV7KacSC9CsVztbGifpfcI6HXD5NFRC92fSV5W61ivFGwJk37iqGf4-ggDWX2avzgvGTkaPSVRKMm_cm9ss_g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJxjbUNTczZEYwrQVqgAhNDZk3B0uUfY7Sw67jcpkVemJbaGLg7TpPSbVoxQTcIidtLLomUTYVKkqHYiesfSfiZvMI%2Bp7GXe6aEW0Hiaymd1swy2Axi3gSOwyYX5Jutp%2B3rbR5mDSdLXs3E3iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
6fadfdde0cda9b5e-FRA
expires
Thu, 31 Mar 2022 16:28:40 GMT
vglnk.js
cdn.viglink.com/api/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/article-page.3524a5090e71d2c312be.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1303550
cf-ray
6fadfdde58b69164-FRA
content-length
28567
x-amz-id-2
ML7jYK3BxGj/JlwxYFocqq50fHVEbr3Hj8dv8lJVemjO+aFbcE49XVyTuQwCPc7T6FiRz1Q/2hg=
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
cloudflare
etag
"072eaf64a771815874455704fca9301b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
096RS0EE98N86N58
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 19 Apr 2022 18:23:11 GMT
MSNOBVideo.js
widgets.outbrain.com/external/publishers/msn/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/external/publishers/msn/MSNOBVideo.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/article-page.3524a5090e71d2c312be.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
58effe6d65ad7f3a507140d5dac108bcead9e8fadb4ba495567356276d242614

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 08:29:08 GMT
server
AkamaiNetStorage
etag
"be074f7993928049615e39354149f4e8:1645014614.171368"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
3144
expires
Tue, 12 Apr 2022 19:23:11 GMT
csw-polyfills.js
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain
  • https://www138.civicscience.com/jspoll/4/civicscience-widget.js
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
112 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Protocol
H2
Server
2600:9000:2156:2c00:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19e3a90b0ba228aa92871d864d4bae3bd650a41322e63d0bcf56d631a308436b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 13:04:30 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 17:56:12 GMT
server
AmazonS3
age
19122
etag
W/"a447e05213d4affbde5462797da6e9a0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
NYQXYxR9RcP4FnN_Zvl0YjVhlccUzbWiyRdhZSZykWfj5BiWf0u0tQ==

Redirect headers

location
https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date
Tue, 12 Apr 2022 18:23:11 GMT
server
awselb/2.0
content-length
110
content-type
text/html
AAOtxfp.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAOtxfp.img?w=634&h=400&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b924ad39a82784eb8194c5219e78c56beaf373e12d9d82168134d1319993bce5
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:11 GMT
last-modified
Tue, 12 Apr 2022 12:09:20 GMT
x-datacenter
northeu
x-source-length
492228
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=409560
x-activityid
58ce5e6d-debb-43fc-ad10-23820053ec2d
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAOtxfp?w=634&h=400&q=60&m=6&f=jpg&u=t
content-length
39962
expires
Sun, 17 Apr 2022 12:09:11 GMT
breaking-news.20a11f027137ab1f52d4.js
assets.msn.com/bundles/v1/views/latest/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/breaking-news.20a11f027137ab1f52d4.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d315fa85ab77a755b2b573010b3dc4b268945ced696b0495a95712132c30757c

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
aq3Xp6OKcMFgkph9Evqiig==
server-timing
5
content-length
3070
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F529EE224E
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
5232cf7a-d01e-00bd-59c0-4da4c7000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c999a4
modern-right-rail.5986f182bb6e5fdd69b5.js
assets.msn.com/bundles/v1/views/latest/ 		157 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.5986f182bb6e5fdd69b5.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c74c78b4212d6e9496bd73b856ab1c80a69a85acc63df051eae6f5b5334e0110

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
RfgwiTCbTJpw0Z/jO4zRuw==
server-timing
5
content-length
41701
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C1081F7E84D
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
87a686c2-501e-00b5-21f9-4dfcd6000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c999b2
content-sharing-toolbar.785413a240a2f0e0a2f3.js
assets.msn.com/bundles/v1/views/latest/ 		191 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/content-sharing-toolbar.785413a240a2f0e0a2f3.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f13b2a0429d2b9b6f339a88926e9d1c8726d9ddb7be4beafe9dc4f84ed92e91e

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
hV04xkQgU2tJFry70TwkDA==
server-timing
5
content-length
54137
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5276D52DF
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
ee89013d-d01e-0081-08de-4a71cf000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c999c7
feedback-link.222152698c1af1199fc1.js
assets.msn.com/bundles/v1/views/latest/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/feedback-link.222152698c1af1199fc1.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
24dbe7fc0b738f2f19e4dfc184a425e45e5addb3e6f980b66555c1620bc4a6c0

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
Y4qdvBWAKVYhe3/K/Z9P/w==
server-timing
5
content-length
3435
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F52A527ADD
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
52330aa6-d01e-00bd-6bc0-4da4c7000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c999d3
one-footer.c88903799420beeb18ce.js
assets.msn.com/bundles/v1/views/latest/ 		141 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/one-footer.c88903799420beeb18ce.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1f1cd89bc86dad3a473b1b89f83fb4df78604ddf4c5b10d2da3b263844750d24

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
mb098+SvVlwIZiuoPe9LRg==
server-timing
5
content-length
40378
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F520675572
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
780d4de7-401e-0090-53de-4aeaef000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c999df
social.4e1c5ea8f3ba1530f009.js
assets.msn.com/bundles/v1/views/latest/ 		474 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social.4e1c5ea8f3ba1530f009.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
47effbf21c3af4550e6906fa5faf81935fc3a8c8d8c4145d9b69dab40157e494

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
0r6Ew9fL9pdixK5zEwzuxg==
server-timing
5
content-length
132538
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50F7743EC
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
acc0f8ad-b01e-007b-66de-4ada8f000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c999e3
toast.aded51fc22bfc9fce234.js
assets.msn.com/bundles/v1/views/latest/ 		136 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/toast.aded51fc22bfc9fce234.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cfb49753dd3733aa626638d8850d695d44df13c1cc58f5922ee95a1803e0d33e

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
f9hSni2rLQYxlCz+jSIi8A==
server-timing
5
content-length
38727
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 23:51:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA169609739962
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
0646633e-d01e-0101-0e7f-487946000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c999ee
bingWebSSO.905b3a28ff5a99b845e3.js
assets.msn.com/bundles/v1/views/latest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/bingWebSSO.905b3a28ff5a99b845e3.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3960bab1341fe97dc7d8cb89e4b4e6ab0dbaf256e60993cbbb5ca2d33c4b647c

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
ynY6sl/AZX7BN+uWcOqB/A==
server-timing
5
content-length
1639
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5151003C6
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
4dace464-a01e-0062-20c1-4d19be000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c999f1
searchHistoryCommon.a9f5ad7e13c2e0ba9830.js
assets.msn.com/bundles/v1/views/latest/ 		184 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/searchHistoryCommon.a9f5ad7e13c2e0ba9830.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bccbdefad6797dd13860d99d3a4879c7345ec7ec982755bfe34dee8639f0302b

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
lHVFw2GFAOv4EcoMAFVh5A==
server-timing
5
content-length
50816
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F51E66EDFB
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
ee8c0911-d01e-0081-26de-4a71cf000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c999f9
msnSettingMenu.843f365bd5b991ed1f4b.js
assets.msn.com/bundles/v1/views/latest/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/msnSettingMenu.843f365bd5b991ed1f4b.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6dfc832ff4bac20a488712ad02af7dcecca7cdc7de58ffa1ca15518f2317ab40

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
xH2ytFPyX5tbR2F0BH6XRw==
server-timing
5
content-length
6559
x-ms-lease-status
unlocked
last-modified
Wed, 30 Mar 2022 23:19:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA12A3C2E14E15
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
812e3f62-601e-0016-248d-4447b6000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c999fd
social-subscription-banner.8da7d1d2a24732f096c6.js
assets.msn.com/bundles/v1/views/latest/ 		64 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-subscription-banner.8da7d1d2a24732f096c6.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1a355720643bcde13843f0a20d2301328d828ba2505b25df41f447338f2af84d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
X8Bp2m+PflGi0GypibVSKA==
server-timing
5
content-length
16346
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50CC09F3E
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
9ebe297f-301e-00f7-59de-4a79c3000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99a04
social-subscription-overlay.931fe9df9e8fdf1d1dc2.js
assets.msn.com/bundles/v1/views/latest/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-subscription-overlay.931fe9df9e8fdf1d1dc2.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cb9c9a4aa94639811b9a26c22273d5a7950fec602a3c3df19b557124200c1d8d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
AFLpXtTclQXAdpgk11wLjg==
server-timing
5
content-length
15666
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5172E9D3C
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
2a690259-601e-00fa-3ade-4aa6d8000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99a07
social-subscription-notification.3744bfec3922622ee450.js
assets.msn.com/bundles/v1/views/latest/ 		67 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-subscription-notification.3744bfec3922622ee450.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5eb7a9f9adc35ddb7d8f67c20f4d337c64d6ce894cd6bacd9d8b72f5eb03853c

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
Xgk0N54F7tKdxYucrZznGg==
server-timing
5
content-length
16015
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50ABEFF70
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
780e618b-401e-0090-34de-4aeaef000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99a0c
social-support-result.1904108aac2b63e703a0.js
assets.msn.com/bundles/v1/views/latest/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-support-result.1904108aac2b63e703a0.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
42736024c56912c10fd3c7761c9d57f37e5bf5f87f74bfafc763059a2ff632d2

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
hAWROxzKewJt4WyURM+uqg==
server-timing
5
content-length
21331
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 23:51:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA169604D6C9CB
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
6d86964c-701e-005b-527f-484bbc000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99a1c
views-native-mon.484e6578e33ce87095e7.js
assets.msn.com/bundles/v1/views/latest/ 		362 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/views-native-mon.484e6578e33ce87095e7.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
377f60fa87d345d11b3485794b590184900f0ccc90a20ca6fec401a4649da1ee

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
cnb3a7LsD1XOhoe/AKha9g==
server-timing
7
content-length
83173
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C1082175264
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
72a2a4d2-601e-00ae-75f9-4d69e3000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99a21
libs_feed-layout_dist_FeedLayoutCard_js-libs_feed-layout_dist_card-templates_index_js-libs_on-c3bb45.abcaa90efa0298124b31.js
assets.msn.com/bundles/v1/views/latest/ 		1 MB
318 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/libs_feed-layout_dist_FeedLayoutCard_js-libs_feed-layout_dist_card-templates_index_js-libs_on-c3bb45.abcaa90efa0298124b31.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0b2e162e74af088df0fe79756114b8724f5d7ce842e43ebf23db53c6757010e2

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
Gdf3lzWvxA2xTszWoXdsMA==
server-timing
6
content-length
323920
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:30 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C10792C236E
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
8e3835af-501e-0031-5bf9-4d078b000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99a34
desktop-feed-views.1af1c40b1c92fd1bdb84.js
assets.msn.com/bundles/v1/views/latest/ 		788 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/desktop-feed-views.1af1c40b1c92fd1bdb84.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
30f5d4a286d6f8f2d6dd5a62e1e52f55f000c3c418796d48c5072332e5a806c4

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
jx/a9FSV+puRedqtWxrIiw==
server-timing
6
content-length
130436
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C106729B393
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
87a68700-501e-00b5-4df9-4dfcd6000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99a3c
upnext-paddle.da8d0af488faebf2f040.js
assets.msn.com/bundles/v1/views/latest/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/upnext-paddle.da8d0af488faebf2f040.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c9d83bc5aae933a6ad1a842c7db73a8c89dfcea8419fd95401fdffb87242050c

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
3tbzs0nXl0IGiVWqD3lKKw==
server-timing
6
content-length
11933
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:09:45 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C105E79B045
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
77df61b6-001e-00c0-2bf9-4d89dc000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99a42
social-tip-promotion.34cb96a46a12938f0710.js
assets.msn.com/bundles/v1/views/latest/ 		66 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-tip-promotion.34cb96a46a12938f0710.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
380a4673a245b7c6dfb8726c2fa2a82440da54cddb456abdf038b649589f9b98

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
d68nW6L48xRhTGbqiAkXFg==
server-timing
6
content-length
16907
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50B0155F3
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
ee8a04d2-d01e-0081-57de-4a71cf000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99a44
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1004 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787791071&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
244ab59f2e2aea327bbd681a9e544a78849f69c785be3cfcf049253b700357b2

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:11 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
421
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
pv
api.btloader.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=79ZqrjVQg&w=5671737388695552&o=6208086025961472&cv=2.9.157-1-g9c0fea6&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=6208086025961472&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 12 Apr 2022 18:23:11 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
clear
via
1.1 google
feedback-dialog.2a4201b7141780bb80fc.js
assets.msn.com/bundles/v1/views/latest/ 		98 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/feedback-dialog.2a4201b7141780bb80fc.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f869867a1bff18643cf3323cad20211e29fb941240b1a68fb8231ba0da4bd28d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
JI3ZESnGd2RlyzYHVY4gig==
server-timing
6
content-length
24165
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F50CAB459C
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
780d4e4a-401e-0090-1bde-4aeaef000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99af9
publisher-carousel.529cb7f86c82c0d77eb8.js
assets.msn.com/bundles/v1/views/latest/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/publisher-carousel.529cb7f86c82c0d77eb8.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e254c1e85858af67585ec49e2f9daaa2e66561f4adb5b9335c74c7d7af7b3afc

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
e3VNXduVtYSBdX6SgWNcFg==
server-timing
7
content-length
13890
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 23:51:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA16960511323B
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
3bb6d9d7-c01e-0088-157f-4802dc000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99b6e
msnhomepagehistory.aspx
www.bing.com/ 		2 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/msnhomepagehistory.aspx
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/searchHistoryCommon.a9f5ad7e13c2e0ba9830.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:10 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 783749C364A94257A8A6EEE86626CAE4 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:11Z
x-snr-routing
1
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
access-control-allow-origin
https://www.msn.com
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
content-length
6
expires
-1
AA157JY
assets.msn.com/breakingnews/v1/cms/api/amp/article/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/breakingnews/v1/cms/api/amp/article/AA157JY
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/breaking-news.20a11f027137ab1f52d4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
cd78847f0bdfa8f0a81eb00ae51b2485f7a4e03875ca8d36830f83bdb414c9df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

appex-activity-id
925e309a-5cd0-4305-9e20-8433bda855d6
content-encoding
gzip
etag
W/"36941"
access-control-allow-origin
https://www.msn.com
x-cms-tenant
amp
x-cms-servicelocation
eastus:0
x-cms-type
article
x-cms-documentid
AA157JY
server-timing
7
ms-cv
wJxrUUeA0UKhdXHZHorOng.0
content-length
2585
x-trace-context
{"ActivityId":"925e309a-5cd0-4305-9e20-8433bda855d6"}
x-cms-version
10889
last-modified
Tue, 12 Apr 2022 17:11:22 GMT
server
Microsoft-HTTPAPI/2.0
date
Tue, 12 Apr 2022 18:23:11 GMT
vary
Origin
content-type
application/json; charset=utf-8
x-cms-executiontimeinmilliseconds
11
access-control-expose-headers
X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control
max-age=30
akamai-server-ip
23.36.161.69
akamai-request-id
96c99bc0
x-cms-documentstoragetier
Cache
x-cms-state
Published
feedback-data-connector.07fffa19c38bdc96a8b6.js
assets.msn.com/bundles/v1/views/latest/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/feedback-data-connector.07fffa19c38bdc96a8b6.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
62fab6266a1f0a3b62122b1098c1633e6b5757afb3ede43d238234b14f06940d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
WTt3RNTaimxTlMBE8+DOyA==
server-timing
7
content-length
693
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5279A9DE4
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
1808da65-401e-00f8-66c0-4df0dc000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99be4
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
Access-Control-Request-Method
POST
Origin
https://www.msn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
access-control-allow-origin
https://www.msn.com
access-control-max-age
86400
content-length
0
date
Tue, 12 Apr 2022 18:23:11 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 4C25F53C735949A2A1AA5E1FAB67108F Ref B: FRAEDGE1511 Ref C: 2022-04-12T18:23:11Z
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
Access-Control-Request-Method
POST
Origin
https://www.msn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
access-control-allow-origin
https://www.msn.com
access-control-max-age
86400
content-length
0
date
Tue, 12 Apr 2022 18:23:11 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: DA6FCDE906464EB78A8696BD56AED15B Ref B: FRAEDGE1511 Ref C: 2022-04-12T18:23:11Z
BBI4MeJ
assets.msn.com/content/v1/cms/api/amp/Document/ 		14 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/v1/cms/api/amp/Document/BBI4MeJ
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.5986f182bb6e5fdd69b5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95405cf836edcf3baab68f01740b77a349ce131ee39b9cbe07d66c03ab539354
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-state
Published
appex-activity-id
c0888296-c21f-44e0-9e4d-b0ea5291eab0
content-encoding
gzip
etag
W/"15303"
access-control-allow-origin
https://www.msn.com
x-cms-tenant
amp
x-cms-servicelocation
eastus:1
x-cms-type
list
x-cms-documentid
BBI4MeJ
server-timing
12
ms-cv
m0qSz0QOH0S2iT1isPAKUw.0
content-length
4138
x-trace-context
{"ActivityId":"c0888296-c21f-44e0-9e4d-b0ea5291eab0"}
x-cms-version
3296
last-modified
Tue, 12 Apr 2022 13:46:53 GMT
x-frame-options
deny
date
Tue, 12 Apr 2022 18:23:11 GMT
vary
Origin
content-type
application/json; charset=utf-8
x-cms-executiontimeinmilliseconds
5
access-control-expose-headers
X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control
max-age=900
akamai-server-ip
23.36.161.69
akamai-request-id
96c99dc1
x-cms-documentstoragetier
Cache
expires
Tue, 12 Apr 2022 18:38:11 GMT
BBI4MeJ
assets.msn.com/content/v1/cms/api/amp/Document/ 		14 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/v1/cms/api/amp/Document/BBI4MeJ
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.5986f182bb6e5fdd69b5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95405cf836edcf3baab68f01740b77a349ce131ee39b9cbe07d66c03ab539354
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-state
Published
appex-activity-id
c0888296-c21f-44e0-9e4d-b0ea5291eab0
content-encoding
gzip
etag
W/"15303"
access-control-allow-origin
https://www.msn.com
x-cms-tenant
amp
x-cms-servicelocation
eastus:1
x-cms-type
list
x-cms-documentid
BBI4MeJ
server-timing
12
ms-cv
m0qSz0QOH0S2iT1isPAKUw.0
content-length
4138
x-trace-context
{"ActivityId":"c0888296-c21f-44e0-9e4d-b0ea5291eab0"}
x-cms-version
3296
last-modified
Tue, 12 Apr 2022 13:46:53 GMT
x-frame-options
deny
date
Tue, 12 Apr 2022 18:23:11 GMT
vary
Origin
content-type
application/json; charset=utf-8
x-cms-executiontimeinmilliseconds
5
access-control-expose-headers
X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control
max-age=900
akamai-server-ip
23.36.161.69
akamai-request-id
96c99dc7
x-cms-documentstoragetier
Cache
expires
Tue, 12 Apr 2022 18:38:11 GMT
auction
srtb.msn.com/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
08cb02212ee2567f424d8f2d657435eebe24d92ff2ba0825423c04f28363732d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-MSEdge-ClientID
135751EF468C6B243AC9406B473E6A3F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-tsrgbt,preprg-1sw-gc,prg-rsum-ctrl,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,traffic-cam2-u,prg-1sw-camera-v2-1,csmoney4cf,csmoney5cf,prg-adspeek,prg-magiccc,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskip,1s-fcrypt,prg-psovhighctl,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
Content-Type
application/json
Cache-Control
no-cache
Referer
https://www.msn.com/
X-MSEdge-Market
en-us

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2D9B964804DB4E12A446630BAFFB1B4D Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:11Z
vary
Origin,Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
server-timing
total;dur=277
timing-allow-origin
https://www.msn.com
auction
srtb.msn.com/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
0e8ded87108d6f5ba395cd6919f4f6186eaf01e4d4ea0ee093b142a5327d4038
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-MSEdge-ClientID
135751EF468C6B243AC9406B473E6A3F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-tsrgbt,preprg-1sw-gc,prg-rsum-ctrl,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,traffic-cam2-u,prg-1sw-camera-v2-1,csmoney4cf,csmoney5cf,prg-adspeek,prg-magiccc,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskip,1s-fcrypt,prg-psovhighctl,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
Content-Type
application/json
Cache-Control
no-cache
Referer
https://www.msn.com/
X-MSEdge-Market
en-us

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9322B14171554F72944E4461FCF77174 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:11Z
vary
Origin,Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
server-timing
total;dur=300
timing-allow-origin
https://www.msn.com
me
assets.msn.com/service/MSN/Feed/ 		93 KB
31 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/MSN/Feed/me?$top=30&DisableTypeSerialization=true&activityId=9575A236-A39A-457E-86CA-3F8969170291&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&contentType=article,video,slideshow,webcontent&fdhead=msnallexpusers,muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-tsrgbt,preprg-1sw-gc,prg-rsum-ctrl,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,traffic-cam2-u,prg-1sw-camera-v2-1,csmoney4cf,csmoney5cf,prg-adspeek,prg-magiccc,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskip,1s-fcrypt,prg-psovhighctl,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2&infopaneCount=10&location=50.1109|8.6795&market=en-us&ocid=windows-windowshp-feeds&queryType=myfeed&responseSchema=cardview&timeOut=1000&user=m-135751EF468C6B243AC9406B473E6A3F&wrapodata=false
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
35b1e563047823fa8073363318b3ad3d7b51dd86fe09a81e2149ef6004bf004d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
04/12/2022 18:23:11,4/12/2022 6:23:11 PM
x-msedge-ref
Ref A: 9CDE11E896CD479B8784EDBC49D9C04F Ref B: FRA31EDGE0619 Ref C: 2022-04-12T18:23:11Z
ddd-strategyexecutionlatency
00:00:00.4840833
ddd-feedfeatures
0101010001010101010000000000000000
ddd-servername
2287A71AADAA
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
485
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
485
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:23:11 GMT
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
MSN_FeedsNoCacheReadStrategy
ddd-usertype
AnonymousMuid
ddd-tmpl
MyFeed;Static:1;PageViewCount0;TSv3:50;0;98;ULatLon50.11:8.68;SageUser:0;SageUserStatus:0_0_0_0;TileID:u0yj;RR:0
server-timing
10
content-length
27548
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset
0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:2wAA;
ddd-activityid
d6f98dcd-9f1b-479c-803f-35f97737c5c6
ddd-storeexecutionlatency
00:00:00.4821399,00:00:00.4821439
ddd-datastore
MSN_ContentFeedDataStore,MSN_ContentFeedDataStore
access-control-allow-credentials
true
akamai-request-id
96c99dfe
social-data-connector.97a5321fe592e425ecbf.js
assets.msn.com/bundles/v1/views/latest/ 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-data-connector.97a5321fe592e425ecbf.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
aca63519ae5b1990c00048e5901c025161073426f2858185da42c784274e8dbb

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
sM0zRc7wyr90rkZMNlTiLg==
server-timing
10
content-length
14805
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 23:51:07 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1695FCA6AB76
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
94c1895c-801e-00d8-2b7f-4861ef000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c99e85
ping
api.viglink.com/api/ 		314 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.25.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-25-105.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
20f1e8a334a64f19054167d762b0add3edcc4a110304b9d5b756413432d793ff

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:11 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
314
Expires
Thu, 01 Jan 1970 00:00:00 GMT
viewspage
assets.msn.com/service/news/feed/pages/ 		56 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/news/feed/pages/viewspage?market=en-us&activityId=9575A236-A39A-457E-86CA-3F8969170291&timeOut=3000&ocid=winp1&fdhead=1s-bing-news,1s-br30min,1s-fcrypt,1s-pagesegservice,1s-winauthservice,1s-winsegservice,prg-1s1-cryptc,prg-1sw-3dcrsl2,prg-1sw-accu10,prg-1sw-acrlc,prg-1sw-akaxap,prg-1sw-camera-v2-1,prg-1sw-ccurr,prg-1sw-gevte,prg-1sw-grevtt,prg-1sw-hdukr,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-1sw-multifc,prg-1sw-nen3di,prg-1sw-newsflp,prg-1sw-newsskip,prg-1sw-pbpf1,prg-1sw-pcfc,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rih-revamp3,prg-1sw-rndw,prg-1sw-sp5mats,prg-1sw-sphn2msncf,prg-1sw-splog,prg-1sw-tsrgbt,prg-adspeek,prg-contslct-t1a,prg-ctr-pnpc,prg-hprewflyout-t,prg-ias,prg-magiccc,prg-ms-cloud,prg-ndauthrf2,prg-nodualauth,prg-psovhighctl,prg-rsum-ctrl,prg-sh-adcn,prg-sh-adp,prg-sh-adp2,prg-sh-synadnc,prg-sh-synadpt,prg-url-buildw,prg-wea-skipauth&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ContentId=AAW83WP&User=m-135751EF468C6B243AC9406B473E6A3F&$skip=2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ded458e54c6a9cbcf3ee78d556f838906534aa75700da4d402518bedd998ace6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
vebudumu04302020,prg-1sw-gevte,btrecenus,iframeflex,prg-adspeek,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-hprewflyout-t,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-hdukr,prg-wea-skipauth
ddd-storeentrytimeutc
4/12/2022 6:23:11 PM
x-msedge-ref
Ref A: 852103BA22684CFBBE96DA4372C2AD71 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:11Z
ddd-strategyexecutionlatency
00:00:00.3766796
server-timing
8
ddd-servername
756FB8B04A65
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
public, max-age=300
x-msedge-responseinfo
377
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
377
x-as-suppresssetcookie
1
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
News_PageFeedReadStrategy
ddd-usertype
AnonymousMuid
ddd-tmpl
XFeed;TileID:u0z0;RR:0;PageViewCount0;SageUser:0
content-length
16100
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
1ilc=vebudumu04302020,wfeedsmuid10=prg-1sw-gevte,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuidheader2=prg-hprewflyout-t,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mi0=prg-1sw-hdukr,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset
0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:wgAA;
ddd-activityid
ef42e08d-6c49-47c0-9040-1579622947a9
ddd-storeexecutionlatency
00:00:00.3766465
ddd-datastore
News_PageFeedDataStore
access-control-allow-credentials
true
akamai-request-id
96c9a58f
jac.js
jac.yahoosandbox.com/0.14.0/ 		153 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jill.fc.yahoo.com
URL: https://jill.fc.yahoo.com/v1/client/msft/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24249
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
jsHq/4pPh9OL9tD445RdiUuVq96WaIlApPRqcSFLqP+cBFcdgeaQaFrktj7mZ/kR0jQx7gUtRbA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
HN7QTPWHK51ZS3AA
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
silentpassport
api.msn.com/auth/cookie/ Frame 15FC
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&checkda=1&wp=MBI_SSL&mkt=en-us&wreply=https%3A%2F%2Fapi.msn.com%2Fauth%2Fcookie%2Fsilentpassport%3Fapikey%3D0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM...
  • https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
239 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date,Ent-Authorization,ent-authorization,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,UserIdToken,useridtoken
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
*.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date,Ent-Authorization,ent-authorization,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,UserIdToken,useridtoken
content-length
239
content-type
text/html; charset=utf-8
date
Tue, 12 Apr 2022 18:23:11 GMT
ddd-activityid
49a7e589-aac7-4e77-9e62-4e78fa02fe82
ddd-authenticatedwithjwtflow
False
ddd-strategyexecutionlatency
00:00:00.0001297
ddd-usertype
MUID
onewebservicelatency
1
servertoserverauth
False
x-activity-id
A634DC4EDC06456797F55B4A9726F13F
x-cache
CONFIG_NOCACHE
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenl2=prg-1sw-tsrgbt,sagenl3=preprg-1sw-gc,wfeedsmuid1=prg-rsum-ctrl,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid15=traffic-cam2-u,csmoney4=csmoney4cf,csmoney5=csmoney5cf,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskip,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhighctl,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
x-msedge-ref
Ref A: A634DC4EDC06456797F55B4A9726F13F Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:11Z
x-msedge-responseinfo
1

Redirect headers

Cache-Control
no-store, no-cache
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 12 Apr 2022 18:23:10 GMT
Expires
Tue, 12 Apr 2022 18:22:11 GMT
Location
https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02PF45A95606B V: 0
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-ms-request-id
6ff1efc9-3554-4bf1-9b93-cd636118f308
x-ms-route-info
R3_BL2
meversion
mem.gfx.ms/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=MSNPeregrine&market=en-us
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/msnSettingMenu.843f365bd5b991ed1f4b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7ac966ca1fd3fc726538c76b248c4e254560596368fc628ce48b8dfb0cdc34ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-azure-ref-originshield
0O2VVYgAAAACTBTdTNJk1QLa3ghavp/REQU1TMDRFREdFMTgxMwBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date
Tue, 12 Apr 2022 18:23:11 GMT
x-azure-ref
0j8NVYgAAAAD+bI5IAYefSaPJ9GM5NF80RlJBMjMxMDUwNDE4MDQ3AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=43200
x-ua-compatible
IE=edge
expires
Tue, 12 Apr 2022 23:39:42 GMT
social-tip-selection.bf25df3e33d211a377ce.js
assets.msn.com/bundles/v1/views/latest/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-tip-selection.bf25df3e33d211a377ce.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
00df3a318c3fd470d38916cafcf87651f3318f23652a8e34ec5790bf96d62921

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
2J7++TwJIAkrGRjkVvCqCg==
server-timing
8
content-length
16755
x-ms-lease-status
unlocked
last-modified
Mon, 04 Apr 2022 23:51:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1696030B4DEE
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
e88a6fb6-301e-0037-567f-48fd87000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c9a7f0
icon-assets-ShareV2.5504bf6eb86509df3888.js
assets.msn.com/bundles/v1/views/latest/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/icon-assets-ShareV2.5504bf6eb86509df3888.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a89d7be30eb4c563639c892b204bad691b41b277e010daa4ca96591cb2e22bbd

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
h0ebBiYgmw5cCHamNo+Zzg==
server-timing
6
content-length
1359
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F5185DC969
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
52330747-d01e-00bd-20c0-4da4c7000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c9a8a8
AAPInH8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPInH8.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
749cd0a9d76118953e00213d0e5d6fbfcabc23da386c8aaa25ce44045a57f4ad
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:11 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
westus
x-source-length
1233469
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429540
x-activityid
6382dcd0-8e9f-46c9-9c08-960ffd097f6b
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAPInH8?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length
1428
expires
Sun, 17 Apr 2022 17:42:11 GMT
AAW8uPB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAW8uPB.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0eaa20bfde85b7a55f4fe0e4a263cbd618e5b587d9a05e2f79676ee7acf2a8de
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
westus
x-source-length
366505
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429438
x-activityid
cfe0e549-0c16-49c5-911a-86dcb1e8093c
content-location
https://img.s-msn.com/tenant/amp/entityid/AAW8uPB?w=56&h=56&q=60&m=6&f=jpg&u=t
x-resizerversion
1.0
timing-allow-origin
*
content-length
1331
expires
Sun, 17 Apr 2022 17:40:29 GMT
AAREQl4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAREQl4.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8f6e38300701048ca97743ac540034b25a63bddb112c0b8d5ee3968cfcb57036
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:11 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
eastus
x-source-length
1860193
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429392
x-activityid
31343f23-a69a-4f81-9757-9e2f7aaad0fa
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAREQl4?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length
1027
expires
Sun, 17 Apr 2022 17:39:43 GMT
BBsDH6t.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBsDH6t.img?w=56&h=56&q=60&m=2&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3e8922397c7f9f79ffa777dd19010d03d1e4814477a45d22701dd7e64f3cee81
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:11 GMT
last-modified
Sun, 03 Apr 2022 16:09:08 GMT
x-datacenter
westus
x-source-length
16004
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=36744
x-activityid
bed87234-bc41-434c-88ff-33af3abaf0eb
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBsDH6t?w=56&h=56&q=60&m=2&f=jpg
content-length
1264
expires
Wed, 13 Apr 2022 04:35:35 GMT
me
assets.msn.com/service/community/users/ 		198 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/users/me?version=1.1&profile=social&verify=false&market=en-us&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-135751EF468C6B243AC9406B473E6A3F
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
af27b84f62f8cb662c5087a13e49a93de215976a183b588928966739595f4df3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
4/12/2022 6:23:11 PM
x-msedge-ref
Ref A: C8AA247FAF8145BA9069F07DF19DE1C7 Ref B: FRA31EDGE0221 Ref C: 2022-04-12T18:23:11Z
ddd-strategyexecutionlatency
00:00:00.0000909
server-timing
10
ddd-servername
F1619699F203
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
0
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
0
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:23:11 GMT
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
159
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
1feece23-3c25-42c6-b6d6-48b5a68bcd19
ddd-storeexecutionlatency
00:00:00.0000628
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
96c9a93a
/
assets.msn.com/service/community/urls/ 		6 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/urls/?cmsid=AAW83WP&market=en-us&version=1.1&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-135751EF468C6B243AC9406B473E6A3F
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7fa94c13df085156763b0414d15ada05edba099c3876b3805dcb7149287060ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
4/12/2022 6:23:11 PM
x-msedge-ref
Ref A: 42536109F2384C18B32C3319E46159AA Ref B: FRAEDGE1207 Ref C: 2022-04-12T18:23:11Z
ddd-strategyexecutionlatency
00:00:00.0016374
server-timing
10
ddd-servername
821C956B4AC2
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
public, max-age=60
x-msedge-responseinfo
1
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
1
x-as-suppresssetcookie
1
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
1392
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
99bc18f6-09c5-4637-8392-4e0ce44530b2
ddd-storeexecutionlatency
00:00:00.0016088
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
96c9a9d5
LiveRampObjectStoreCaller
api.msn.com/segments/recoitems/ 		36 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
br
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
04/12/2022 18:23:11,4/12/2022 6:23:11 PM
ddd-strategyid
Segments_SingleSegmentReadStrategy
ddd-usertype
AnonymousMuid
ddd-strategyexecutionlatency
00:00:00.2194015
x-cache
CONFIG_NOCACHE
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-servername
40E9B9FD8D13
x-fd-detection-corpnet
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 731A987FCA7E48FB8B9D22DB3D169276 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:11Z
ddd-authenticatedwithjwtflow
False
vary
Accept-Encoding
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
ddd-activityid
f249899b-a5e7-46eb-ae1b-c8833713034f
ddd-storeexecutionlatency
00:00:00.2192832,00:00:00.2192842
ddd-datastore
Segments_SegmentAggregateDataStore,Segments_SegmentAggregateDataStore
x-msedge-responseinfo
219
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
219
access-control-allow-credentials
true
LiveRampObjectStoreCaller
api.msn.com/segments/recoitems/ 		36 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
br
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
04/12/2022 18:23:11,4/12/2022 6:23:11 PM
ddd-strategyid
Segments_SingleSegmentReadStrategy
ddd-usertype
AnonymousMuid
ddd-strategyexecutionlatency
00:00:00.0144623
x-cache
CONFIG_NOCACHE
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-servername
1A9744E95CE7
x-fd-detection-corpnet
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F55AF726CD9848AEACE544C9346BC145 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:11Z
ddd-authenticatedwithjwtflow
False
vary
Accept-Encoding
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
ddd-activityid
cf0f0ad9-1958-4504-b18d-a09ac6b37d19
ddd-storeexecutionlatency
00:00:00.0143287,00:00:00.0143302
ddd-datastore
Segments_SegmentAggregateDataStore,Segments_SegmentAggregateDataStore
x-msedge-responseinfo
14
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
14
access-control-allow-credentials
true
user
assets.msn.com/service/msn/ 		74 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/msn/user?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=Peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
612536c784a4f93e935879bb68c6508d30b783407214239e3fdad3a046c2f41b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
4/12/2022 6:23:11 PM,4/12/2022 6:23:11 PM
x-msedge-ref
Ref A: 26CC7647F98546B7B4D95BFB6D80051A Ref B: FRA31EDGE0614 Ref C: 2022-04-12T18:23:11Z
ddd-strategyexecutionlatency
00:00:00.0574473,00:00:00.0576223
server-timing
10
ddd-servername
4C1499660265,4C1499660265
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
58
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
58
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:23:11 GMT
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Graph_AipUserAndActionReadStrategy,Graph_BestNewsReadStrategy
ddd-usertype
AnonymousMuid
content-length
92
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
3f6829d9-d56a-46b4-9d5b-19902f9395bc
ddd-storeexecutionlatency
00:00:00.0574175,00:00:00.0575959
ddd-datastore
Graph_UserAndActionAipStore,Graph_BestNewsDataStoreGraph
access-control-allow-credentials
true
akamai-request-id
96c9aa2a
Actions
assets.msn.com/service/Graph/ 		75 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/Graph/Actions?%24filter=actionType+eq+%27Save%27+and+targetId+eq+%27AAW83WP%27&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=feeds&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/content-sharing-toolbar.785413a240a2f0e0a2f3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
12ef4915d97bfc68be594bcb3a7744ce5707c0b69ea5e5de96d221e4afa249b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
vebudumu04302020,prg-1sw-gevte,btrecenus,iframeflex,prg-adspeek,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-hprewflyout-t,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-nwrc,1s-fcrypt,ads-lockerdome,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-hdukr,prg-wea-skipauth
ddd-storeentrytimeutc
4/12/2022 6:23:11 PM
x-msedge-ref
Ref A: DDC7E3A678F64057B5C5238E9294E00B Ref B: FRA31EDGE0620 Ref C: 2022-04-12T18:23:11Z
ddd-strategyexecutionlatency
00:00:00.0019742
server-timing
6
ddd-servername
1A8965BBFA2A
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
2
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
2
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:23:11 GMT
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Graph_BestNewsReadStrategy
ddd-usertype
AnonymousMuid
content-length
93
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
1ilc=vebudumu04302020,wfeedsmuid10=prg-1sw-gevte,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuidheader2=prg-hprewflyout-t,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k7y=ads-lockerdome,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mi0=prg-1sw-hdukr,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
929cce94-2bc7-4f50-adfd-1641c01e1143
ddd-storeexecutionlatency
00:00:00.0019542
ddd-datastore
Graph_BestNewsDataStoreGraph
access-control-allow-credentials
true
akamai-request-id
96c9a92f
roboto-v20-latin-500.woff2
assets.msn.com/statics/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/roboto-v20-latin-500.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing
6
content-length
15895
last-modified
Thu, 01 Oct 2020 00:44:04 GMT
server
AkamaiNetStorage
etag
"020c97dc8e0463259c2f9df929bb0c69:1601513044.306165"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
23.36.161.69
accept-ranges
bytes
timing-allow-origin
*
akamai-request-id
96c9a9a8
access-control-allow-credentials
true
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__9bea4956764397c3bd8ca17776951238__f0d28cad68e6df101fc208439c4edc74__%7E%7EV1%7E%7E-5559282149013872781%7E%7EInIFkaxyL8PSc6U8BxZx5Y6-oalKfmO1ETNaYMVSjY8ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AygSnoP5PKYDW8DwMPAgHHjE6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3FXPoa-L-rOA1c4yCxzfORC0_yhhXQ9XrZ-IQncaS92Ur9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_855b9767b67756eee684ff2fdd92abf9_135751EF468C6B243AC9406B473E6A3F_1649787791_1649787791_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA&view.external-id=9575a236a39a457e86ca3f8969170291&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:11 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787792.659148,VS0,VE9
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=inarticle&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=6a2e6dc7-d097-4efa-9b89-d4a524bff35e&ii=1&c=15996307715534348978
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F0832D1B5B0744DCB5B85E5B759DE2B2 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:11Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=eoab&i=1&p=webcompar&l=en-us&d=gemini&b=chrome&a=6d4501e9-c45f-4023-9563-618dad789f10&ii=1&c=14340076045110485327
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CAABCF060EB24732BE0284A98E754CFF Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:11Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=eoab&i=2&p=webcompar&l=en-us&d=gemini&b=chrome&a=035c88c0-1c98-4d2a-b44c-d737c82e6f29&ii=1&c=13054353559879192705
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FFD19285BED0488D8C0172F118EDD214 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:11Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2FGETTY_IMAGES%2FSKP%2F971086722__ocwh0c2a.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		7 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2FGETTY_IMAGES%2FSKP%2F971086722__ocwh0c2a.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_855b9767b67756eee684ff2fdd92abf9_135751EF468C6B243AC9406B473E6A3F_1649787791_1649787791_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__f0d28cad68e6df101fc208439c4edc74__%7E%7EV1%7E%7E-5559282149013872781%7E%7EInIFkaxyL8PSc6U8BxZx5Y6-oalKfmO1ETNaYMVSjY8ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AygSnoP5PKYDW8DwMPAgHHjE6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3FXPoa-L-rOA1c4yCxzfORC0_yhhXQ9XrZ-IQncaS92Ur9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fb78650b186d628076b44f193b4b06cac27c7a9c1b5a90b5119bc22522d2ed83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 12 Apr 2022 18:23:11 GMT
via
1.1 varnish, 1.1 varnish
age
2195982
edge-cache-tag
329312075848367585652047967524986569467,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
329312075848367585652047967524986569467,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
119
expiration
expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2FGETTY_IMAGES%2FSKP%2F971086722__ocwh0c2a.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_855b9767b67756eee684ff2fdd92abf9_135751EF468C6B243AC9406B473E6A3F_1649787791_1649787791_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__f0d28cad68e6df101fc208439c4edc74__%7E%7EV1%7E%7E-5559282149013872781%7E%7EInIFkaxyL8PSc6U8BxZx5Y6-oalKfmO1ETNaYMVSjY8ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AygSnoP5PKYDW8DwMPAgHHjE6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3FXPoa-L-rOA1c4yCxzfORC0_yhhXQ9XrZ-IQncaS92Ur9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
content-length
7374
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 11 Mar 2022 10:17:46 GMT
server
nginx
x-timer
S1649787792.714255,VS0,VE0
etag
"723786994e753cd50dc3080c85f13f6b"
x-served-by
cache-wdc5532-WDC, cache-iad-kjyo7100035-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
d317f51f9ed5b3fe1a1ae4a5518ed076.jpeg
s.yimg.com/lo/api/res/1.2/MuxnHCDYhl8C1y1REQxsXw--~A/Zmk9ZmlsbDt3PTMwMDtoPTMwMDthcHBpZD1nZW1pbmk7cT0xMDA-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/627x627/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/MuxnHCDYhl8C1y1REQxsXw--~A/Zmk9ZmlsbDt3PTMwMDtoPTMwMDthcHBpZD1nZW1pbmk7cT0xMDA-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/627x627/d317f51f9ed5b3fe1a1ae4a5518ed076.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
dd5fd5a2bf9b59be4e383490c3b510199ba3abd7a6496983f84fafbd1c6a6695
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

ats-carp-promotion
1
age
108012
cld_latency
439
edge-cache-tag
487720048237099294282692002379353798649,493954629721902160681572778518128216419,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
MISS
status
200 OK
cld_by
cache-iad-kjyo7100093-IAD
x-served-by
cache-iad-kjyo7100093-IAD
referrer-policy
no-referrer-when-downgrade
x-timer
S1649679780.057753,VS0,VE439
etag
"1298de837ab897d3ecd7e83e4582725c"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
access-control-allow-headers
X-Requested-With
x-cache-hits
0
date
Mon, 11 Apr 2022 12:23:00 GMT
x-content-type-options
nosniff
x-cache
MISS
cache-tag
487720048237099294282692002379353798649,493954629721902160681572778518128216419,ae7a14591aaf8d474cdb3f92111c923e
cld_hits
0
content-length
78536
x-xss-protection
1; mode=block
x-request-id
d9d6beeb21a949108085d8ee1b4f63cd
last-modified
Mon, 11 Apr 2022 12:23:01 GMT
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
accept-ranges
bytes
timing-allow-origin
*
cld_id
d9d6beeb21a949108085d8ee1b4f63cd
1641399223627-1510.jpg
s.yimg.com/lo/api/res/1.2/QdowLikY9U4qwJnGUOjt2w--~A/Zmk9Zml0O3c9MzAwO2g9MzAwO2FwcGlkPWdlbWluaTtxPTEwMA--/https://s.yimg.com/av/ads/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/QdowLikY9U4qwJnGUOjt2w--~A/Zmk9Zml0O3c9MzAwO2g9MzAwO2FwcGlkPWdlbWluaTtxPTEwMA--/https://s.yimg.com/av/ads/1641399223627-1510.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
eb573a7ad09616b4d77475709a374fa97b7f9755bb861e374994d71f03abfcea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 14 Mar 2022 06:43:09 GMT
x-content-type-options
nosniff
age
2547603
cld_latency
1
edge-cache-tag
432760394250453600253887154631756493655,338897315775294552049016027336480009571,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
HIT
cld_hits
1
x-cache
HIT
strict-transport-security
max-age=15552000
content-length
74816
x-xss-protection
1; mode=block
cld_by
cache-wdc5535-WDC
x-served-by
cache-wdc5535-WDC
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 12 Feb 2022 09:17:15 GMT
server
ATS
x-timer
S1647240190.773872,VS0,VE1
etag
"c20b22fa22e27a57c2cca7de3a7e51ef"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
cache-tag
432760394250453600253887154631756493655,338897315775294552049016027336480009571,ae7a14591aaf8d474cdb3f92111c923e
x-cache-hits
1
LiveRampObjectStoreCaller
api.msn.com/segments/recoitems/ 		36 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
br
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
04/12/2022 18:23:11,4/12/2022 6:23:11 PM
ddd-strategyid
Segments_SingleSegmentReadStrategy
ddd-usertype
AnonymousMuid
ddd-strategyexecutionlatency
00:00:00.0073883
x-cache
CONFIG_NOCACHE
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-servername
865F06931FAF
x-fd-detection-corpnet
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0AEEAA536BC243CFB1C1437E9B620CB6 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:11Z
ddd-authenticatedwithjwtflow
False
vary
Accept-Encoding
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
ddd-activityid
2c78c00b-0195-40a6-a3c1-b7c6c3c3f260
ddd-storeexecutionlatency
00:00:00.0072736,00:00:00.0072768
ddd-datastore
Segments_SegmentAggregateDataStore,Segments_SegmentAggregateDataStore
x-msedge-responseinfo
7
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
7
access-control-allow-credentials
true
domains
api.viglink.com/api/ 		41 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.25.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-25-105.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
c4554a5c0654175a044d87a05e4f649502987481e8e48ae64ce4b70a36307aad

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:11 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
js
jill.fc.yahoo.com/v2/ads/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22params%22%3A%7B%22msft_jac%22%3A%221%22%2C%22msft_providerid%22%3A%22B4PIWQLC5%22%2C%22msft_rid%22%3A%229575a236a39a457e86ca3f8969170291%22%2C%22msft_ext_inv_cd%22%3A%22us%22%2C%22msft_muid%22%3A%22135751EF468C6B243AC9406B473E6A3F%22%2C%22msft_pagetype%22%3A%22article%22%7D%2C%22region%22%3A%22US%22%2C%22adClientId%22%3A%221002%22%7D%7D%2C%22positions%22%3A%7B%22banner1_8435ef2_01%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221649787791068%7C337430297010900540%22%2C%22msft_refresh%22%3A%220%22%7D%2C%22alias%22%3A%22NEWUSEN12%22%2C%22sizes%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22MSN-enus%22%2C%22pageSessionId%22%3A%22dcbe984d7%22%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A4%2C%22applies%22%3A0%7D%7D%7D%2C%22requestId%22%3A1%2C%22metrics%22%3Atrue%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
37cce1108d30ced607590fa575171ce425d2167ae1cb5717661d676a0c9ca296
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
1
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
strict-transport-security
max-age=15552000
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
28265833b82bf444f60ea99af3d8d11e8f2768
sp-frame.html
tag.idsync.analytics.yahoo.com/ Frame 4C4B 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
236
content-encoding
gzip
content-length
3220
content-type
text/html
date
Tue, 12 Apr 2022 18:23:11 GMT
etag
"324f9bb044d7d71fa083c18b96aa4662+gzip"
last-modified
Wed, 18 Aug 2021 13:17:52 GMT
server
ECS (frb/669E)
vary
Accept-Encoding
x-amz-id-2
a7Ayi2Q+Pot16hA8BapcrGOif20HmBXPFqzDaIhEVKp1M5lJ0p4nSXNmq+RDTiyDLOUDN+d6A5c=
x-amz-request-id
T8MPT13JDNEVKDFW
x-amz-server-side-encryption
AES256
x-cache
HIT
cms
cms.analytics.yahoo.com/ 		0
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=MSFT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
via
http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1003 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787791743&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f4f687591a2bd0e394a47724abc2a38624c2dc4f27c1666181fa6f2c6e70c5f3

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:11 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
61
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
icon-assets-SaveV4.959e5d41d82c739817a8.js
assets.msn.com/bundles/v1/views/latest/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/icon-assets-SaveV4.959e5d41d82c739817a8.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
45b144a3488cd41b351d5bd7966ae78651bbcfe168a1eb6856ecfe86664000d9

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
k0hvQ8+/uW0EjmQgY51Y6g==
server-timing
6
content-length
725
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F51F579396
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
414e2154-201e-00ba-30c1-4d75c9000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c9ad62
vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa
assets.msn.com/service/community/users/ 		733 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/users/vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa?version=1.1&profile=social&verify=false&market=en-us&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-135751EF468C6B243AC9406B473E6A3F
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
67aebdc8fb87bd7f5d1224fe6c2e916f23623dc780f66725fab19f98cd64e264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
4/12/2022 6:23:11 PM
x-msedge-ref
Ref A: B7F342C0C68048CF875E53E02598E3B5 Ref B: FRA31EDGE0615 Ref C: 2022-04-12T18:23:11Z
ddd-strategyexecutionlatency
00:00:00.0017782
server-timing
7
ddd-servername
29579504A10E
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
1
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
1
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:23:11 GMT
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
479
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
defa916b-d07c-4804-a7f8-d3179f8e2a3a
ddd-storeexecutionlatency
00:00:00.0017475
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
96c9adba
/
assets.msn.com/service/community/follows/ 		79 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/follows/?targetId=vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa&queryType=follow&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-135751EF468C6B243AC9406B473E6A3F
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c65d11dde8844ed10a5e451c4055db864f458d733f7db9eec9a6039693ac03a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-tsrgbt,preprg-1sw-gc,prg-rsum-ctrl,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,traffic-cam2-u,prg-1sw-camera-v2-1,csmoney4cf,csmoney5cf,prg-adspeek,prg-magiccc,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskip,1s-fcrypt,prg-psovhighctl,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
4/12/2022 6:23:11 PM
x-msedge-ref
Ref A: 68F7BD4120F04832B59775133BDE6B68 Ref B: FRA31EDGE0613 Ref C: 2022-04-12T18:23:11Z
ddd-strategyexecutionlatency
00:00:00.0039382
server-timing
7
ddd-servername
AC5036F15393
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
4
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
4
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:23:11 GMT
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
94
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenl2=prg-1sw-tsrgbt,sagenl3=preprg-1sw-gc,wfeedsmuid1=prg-rsum-ctrl,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid15=traffic-cam2-u,csmoney4=csmoney4cf,csmoney5=csmoney5cf,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskip,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhighctl,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
0a3f66c7-215f-4d11-8c84-ec55b809e2eb
ddd-storeexecutionlatency
00:00:00.0039097
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
96c9adf1
AAPInH8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPInH8.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
749cd0a9d76118953e00213d0e5d6fbfcabc23da386c8aaa25ce44045a57f4ad
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:11 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
westus
x-source-length
1233469
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429540
x-activityid
6382dcd0-8e9f-46c9-9c08-960ffd097f6b
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAPInH8?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length
1428
expires
Sun, 17 Apr 2022 17:42:11 GMT
AAW8uPB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAW8uPB.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0eaa20bfde85b7a55f4fe0e4a263cbd618e5b587d9a05e2f79676ee7acf2a8de
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
westus
x-source-length
366505
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429438
x-activityid
cfe0e549-0c16-49c5-911a-86dcb1e8093c
content-location
https://img.s-msn.com/tenant/amp/entityid/AAW8uPB?w=56&h=56&q=60&m=6&f=jpg&u=t
x-resizerversion
1.0
timing-allow-origin
*
content-length
1331
expires
Sun, 17 Apr 2022 17:40:29 GMT
AAREQl4.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAREQl4.img?w=56&h=56&q=60&m=6&f=jpg&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.257f65bf01aa2d3ba051.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8f6e38300701048ca97743ac540034b25a63bddb112c0b8d5ee3968cfcb57036
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:11 GMT
last-modified
Tue, 12 Apr 2022 17:41:07 GMT
x-datacenter
eastus
x-source-length
1860193
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429392
x-activityid
31343f23-a69a-4f81-9757-9e2f7aaad0fa
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAREQl4?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length
1027
expires
Sun, 17 Apr 2022 17:39:43 GMT
LiveRampObjectStoreCaller
api.msn.com/segments/recoitems/ 		36 B
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
br
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
04/12/2022 18:23:11,4/12/2022 6:23:11 PM
ddd-strategyid
Segments_SingleSegmentReadStrategy
ddd-usertype
AnonymousMuid
ddd-strategyexecutionlatency
00:00:00.0303980
x-cache
CONFIG_NOCACHE
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-servername
23231A29DD67
x-fd-detection-corpnet
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 02B0960F63F048E4B4B90F90CCF83CFA Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:11Z
ddd-authenticatedwithjwtflow
False
vary
Accept-Encoding
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
ddd-activityid
db9f9e34-c88b-4278-a69a-1c719936fa34
ddd-storeexecutionlatency
00:00:00.0302197,00:00:00.0302212
ddd-datastore
Segments_SegmentAggregateDataStore,Segments_SegmentAggregateDataStore
x-msedge-responseinfo
30
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
30
access-control-allow-credentials
true
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1003 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787791795&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
19c69551052fdf129ab7ad30c5da5623e29d641da4123340689a904211b0fd0d

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:11 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
59
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
jot
www.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/jot?j=2786561916.915038159&n=0&s=poll&t=created&d=%7B%22target%22%3A%22dc47b0af-1755-c124-4d1b-758f0eee9014%22%2C%22instance%22%3A%22civsci-id-76398579-AAW83WP%22%2C%22isContainerSeen%22%3Atrue%2C%22context%22%3A%22%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A4%2C%22cy%22%3A1158%7D
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.246.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-246-74.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
bootstrap
www.civicscience.com/widget/api/2/ 		307 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/api/2/bootstrap?target=dc47b0af-1755-c124-4d1b-758f0eee9014&instance=civsci-id-76398579-AAW83WP&context=%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&mv=5&_=1649787791797&callback=jsonp_1649787791797_26547
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.165.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-165-149.compute-1.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
e04ded36eb838803283617f4ffce8d9923dcdd90951aa0c312b46d67b35c0cfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
reactions
assets.msn.com/service/community/urls/AAW83WP_en-us/ 		1 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/urls/AAW83WP_en-us/reactions?friends=true&$top=2&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-135751EF468C6B243AC9406B473E6A3F
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
100a42c6396510c4da9a16730645f190a03fea0f823b50b2a2bdf6541abac414

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-tsrgbt,preprg-1sw-gc,prg-rsum-ctrl,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,traffic-cam2-u,prg-1sw-camera-v2-1,csmoney4cf,csmoney5cf,prg-adspeek,prg-magiccc,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskip,1s-fcrypt,prg-psovhighctl,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
4/12/2022 6:23:11 PM
x-msedge-ref
Ref A: A42C4944602E47369FB24147D5897D49 Ref B: FRA31EDGE0219 Ref C: 2022-04-12T18:23:11Z
ddd-strategyexecutionlatency
00:00:00.0029907
server-timing
6
ddd-servername
3AB9DDFAD5A7
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
3
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
3
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:23:11 GMT
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
621
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenl2=prg-1sw-tsrgbt,sagenl3=preprg-1sw-gc,wfeedsmuid1=prg-rsum-ctrl,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid15=traffic-cam2-u,csmoney4=csmoney4cf,csmoney5=csmoney5cf,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskip,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhighctl,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
9586109f-e7f5-4ab2-8106-3dd93e619ca0
ddd-storeexecutionlatency
00:00:00.0029331
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
96c9af38
reactions
assets.msn.com/service/community/urls/AAW83WP_en-us/ 		1 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/urls/AAW83WP_en-us/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-135751EF468C6B243AC9406B473E6A3F
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3ef348f022f5b32b439c94c207e64e603de0ec49f764ede09458633ef986f136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-tsrgbt,preprg-1sw-gc,prg-rsum-ctrl,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,traffic-cam2-u,prg-1sw-camera-v2-1,csmoney4cf,csmoney5cf,prg-adspeek,prg-magiccc,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskip,1s-fcrypt,prg-psovhighctl,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
4/12/2022 6:23:11 PM
x-msedge-ref
Ref A: 40F5234A5AC244FBACAE7040971C89D4 Ref B: FRA31EDGE0613 Ref C: 2022-04-12T18:23:11Z
ddd-strategyexecutionlatency
00:00:00.0036141
server-timing
6
ddd-servername
2D7792A99096
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
3
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
3
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:23:11 GMT
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
621
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenl2=prg-1sw-tsrgbt,sagenl3=preprg-1sw-gc,wfeedsmuid1=prg-rsum-ctrl,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid15=traffic-cam2-u,csmoney4=csmoney4cf,csmoney5=csmoney5cf,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskip,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhighctl,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
06b8ec16-d2ac-47a9-9138-3f6fd92e6c7b
ddd-storeexecutionlatency
00:00:00.0035853
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
96c9afaa
/
assets.msn.com/service/community/comments/ 		8 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/comments/?contentId=AAW83WP_en-us&$top=6&$skip=0&$orderby=Rating&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-135751EF468C6B243AC9406B473E6A3F
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
54af4ae7c9665b7d67c5a37bf9e3c625ade318370180573daac7a7d954fccb7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-tsrgbt,preprg-1sw-gc,prg-rsum-ctrl,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,traffic-cam2-u,prg-1sw-camera-v2-1,csmoney4cf,csmoney5cf,prg-adspeek,prg-magiccc,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskip,1s-fcrypt,prg-psovhighctl,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
4/12/2022 6:23:11 PM
x-msedge-ref
Ref A: A1953EC71F144367BAE4EDE3EA4138D9 Ref B: FRA31EDGE0220 Ref C: 2022-04-12T18:23:11Z
ddd-strategyexecutionlatency
00:00:00.0076473
server-timing
6
ddd-servername
08A0383EE013
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
7
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
7
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:23:11 GMT
date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
2460
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenl2=prg-1sw-tsrgbt,sagenl3=preprg-1sw-gc,wfeedsmuid1=prg-rsum-ctrl,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid15=traffic-cam2-u,csmoney4=csmoney4cf,csmoney5=csmoney5cf,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskip,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhighctl,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
f4ad63eb-c772-46e9-9a33-1d872b834b59
ddd-storeexecutionlatency
00:00:00.0076147
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
96c9b01a
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 		155 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSNPeregrine&market=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 20 Jan 2022 20:37:20 GMT
x-azure-ref-originshield
0rqZTYgAAAAD4F2wlayGjSYIPiC6aOIUpQU1TMDRFREdFMTkyMQBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag
"1d80e809377acb6"
x-azure-ref
0j8NVYgAAAADmiI76YlRbTKi8ElixRxOoRlJBMjMxMDUwNDE4MDQ3AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Tue, 12 Apr 2022 18:23:11 GMT
x-ua-compatible
IE=edge
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 4C4B 		13 B
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=undefined&euconsent=undefined&us_privacy=undefined&referrer=https%3A%2F%2Fwww.msn.com%2F
Requested by
Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tag.idsync.analytics.yahoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
https://tag.idsync.analytics.yahoo.com
cache-control
no-cache
access-control-allow-credentials
true
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1003 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787791876&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
826bf5fa55d5706978aaa7952376d6aa57c078b298455bb19fda3ee26a6982dd

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:11 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
53
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
AA36Tom.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		722 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA36Tom.img?w=16&h=16&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
87306ff222703017f52bdec3f69a6583605e65c484484477313479de06b51f61
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA36Tom
date
Tue, 12 Apr 2022 18:23:11 GMT
x-source-length
331
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA36Tom?w=16&h=16&q=60&m=6&f=jpg&u=t
x-activityid
f252b458-bc16-428a-bf28-4ca3f6b1b233
last-modified
Mon, 11 Apr 2022 16:09:22 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
722
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=337516
timing-allow-origin
*
expires
Sat, 16 Apr 2022 16:08:27 GMT
th
www.bing.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.962103b86de6eba5b95469a17d17637e&pid=Wdp&w=80&h=80&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fb921dd14601dac222f665ecc3b2d0cdd370b18524343bfb1a9944cda681b267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 54C22531A2F54916B78AB20BCD75AC71 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3943
BBUDX0i.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		756 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBUDX0i.img?w=16&h=16&q=60&m=6&f=jpg&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e15232bc68541f3fe0b8cfffd085e79fd067f20ea97dd77d1c3786f2bdd647bd
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
last-modified
Fri, 08 Apr 2022 12:47:37 GMT
x-datacenter
eastus
x-source-length
3454
x-frame-options
DENY
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=66308
x-activityid
cef24f6b-b66c-4e6c-b939-28c28fe12e01
content-location
https://img.s-msn.com/tenant/amp/entityid/BBUDX0i?w=16&h=16&q=60&m=6&f=jpg&u=t
x-resizerversion
1.0
timing-allow-origin
*
content-length
756
expires
Wed, 13 Apr 2022 12:48:19 GMT
th
www.bing.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.7473cd679b96e585e4097f445af14484&pid=Wdp&w=80&h=80&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
99cca1712d67427d3a038239a85ac8f8ff21be1cdf8e1cfce13fc6346b51d31b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3234EC25A79545A691B44A402080972C Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
1769
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 		100 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=MSNPeregrine&market=en-us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 20 Jan 2022 20:37:26 GMT
x-azure-ref-originshield
0YLxSYgAAAAAMneFtfjbyRrwRMupNaUkpQU1TMDRFREdFMTgxNABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag
"1d80e809708c940"
x-azure-ref
0j8NVYgAAAABbKH9X7o/mRpfopSaffpPwRlJBMjMxMDUwNDE4MDQ3AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Tue, 12 Apr 2022 18:23:11 GMT
x-ua-compatible
IE=edge
truncated
/ 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-04-12T18%3A23%3A11.850Z%27&appId=%27JS%3AMeControl%27&cV=%27X4ZhcYWSHFNGNTVl.3%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=91&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27d711b4f9-f4b5-4292-f82a-ff8e26473fee%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A365.70000076293945%2C%22perfDuration%22%3A91.20000076293945%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnperegrine%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.21162.3%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnperegrine%22%2C%22gfx%22%3A%22https%3A%2F%2Fmem.gfx.ms%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Facctcdn.msauth.net%2Foneds_Xr2D7Nex80v7A-8bxF8jgQ2.js%3Fv%3D1%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graph%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22env%22%3Anull%2C%22role%22%3A%22AccountControls%22%2C%22roleInst%22%3Anull%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3D**%26li%3D**%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:11 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
WvBy2vG7M0C+MiD+WA6rVg.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-04-12T18%3A23%3A11.889Z%27&appId=%27JS%3AMeControl%27&cV=%27X4ZhcYWSHFNGNTVl.5%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=11&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.21162.3%2Fen-US%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27d711b4f9-f4b5-4292-f82a-ff8e26473fee%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A36.10000228881836%2C%22perfDuration%22%3A10.5%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnperegrine%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.21162.3%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnperegrine%22%2C%22gfx%22%3A%22https%3A%2F%2Fmem.gfx.ms%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Facctcdn.msauth.net%2Foneds_Xr2D7Nex80v7A-8bxF8jgQ2.js%3Fv%3D1%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graph%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22env%22%3Anull%2C%22role%22%3A%22AccountControls%22%2C%22roleInst%22%3Anull%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3D**%26li%3D**%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:11 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
D7+0M/lPA0eXXfGKJ1vsuw.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-04-12T18%3A23%3A11.894Z%27&appId=%27JS%3AMeControl%27&cV=%27X4ZhcYWSHFNGNTVl.7%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msnperegrine%27&*controlVersion=%2710.21162.3%27&*market=%27en-US%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=42.900001525878906&*details=%27load%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:11 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
Z5hE4rJfbkKj2v5FPCK2jA.0
Content-Type
image/gif
Content-Length
43
Expires
0
truncated
/ 		42 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7f5282cabbf7963811f21d108990cb61c5ded048d010ab13c1263b328de94e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		235 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca7ee6d75a89f45f4573c35b27a39596e1f63a48fe74b21993ea8ec8e86ffdd0

Request headers

Referer
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		387 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2

Request headers

Referer
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
js
jill.fc.yahoo.com/v2/ads/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22params%22%3A%7B%22msft_jac%22%3A%221%22%2C%22msft_providerid%22%3A%22B4PIWQLC5%22%2C%22msft_rid%22%3A%229575a236a39a457e86ca3f8969170291%22%2C%22msft_ext_inv_cd%22%3A%22us%22%2C%22msft_muid%22%3A%22135751EF468C6B243AC9406B473E6A3F%22%2C%22msft_pagetype%22%3A%22article%22%7D%2C%22region%22%3A%22US%22%2C%22adClientId%22%3A%221002%22%7D%7D%2C%22positions%22%3A%7B%22rectangle1_2312_11%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221649787791933%7C335432037929985340%22%2C%22msft_refresh%22%3A%220%22%7D%2C%22alias%22%3A%22NEWUSEN11%22%2C%22sizes%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22MSN-enus%22%2C%22pageSessionId%22%3A%22dcbe984d7%22%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A4%2C%22applies%22%3A0%7D%7D%7D%2C%22requestId%22%3A2%2C%22metrics%22%3Atrue%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1cdbd41c5d1b44e3bc1a8daeb8e83f34cf6929d2ae65417378834473ddaf5820
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
1
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
strict-transport-security
max-age=15552000
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
27338d1f51b7884d461868f32077551b172769
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-04-12T18%3A23%3A11.928Z%27&appId=%27JS%3AMeControl%27&cV=%27X4ZhcYWSHFNGNTVl.8%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msnperegrine%27&*controlVersion=%2710.21162.3%27&*market=%27en-US%27&*scenario=%27Interactive%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=77.0999984741211&*details=%27Web%20header%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:12 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
pJXTg2Hkq0+5sZyMxzLz/A.0
Content-Type
image/gif
Content-Length
43
Expires
0
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1003 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787791939&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
384599aa4204aa08f6a4ec2a9462816745d1493c2586aa9055488fc4c74d3f2d

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:11 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
55
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
social-bar-wc.dfdfca96b23838ad4c6a.js
assets.msn.com/bundles/v1/views/latest/ 		169 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-bar-wc.dfdfca96b23838ad4c6a.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c3752788f9fc691bbcc5f7eef227c66a536b9267e460525b772ad69b6da0db2a

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:11 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
8d5dO7zN2gDP2tikm2qccg==
server-timing
6
content-length
46058
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:17:24 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F52834A495
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
acc101e7-b01e-007b-2bde-4ada8f000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c9b263
BBI4MeJ
assets.msn.com/content/v1/cms/api/amp/Document/ 		14 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/v1/cms/api/amp/Document/BBI4MeJ
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.5986f182bb6e5fdd69b5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
95405cf836edcf3baab68f01740b77a349ce131ee39b9cbe07d66c03ab539354
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-state
Published
appex-activity-id
c0888296-c21f-44e0-9e4d-b0ea5291eab0
content-encoding
gzip
etag
W/"15303"
access-control-allow-origin
https://www.msn.com
x-cms-tenant
amp
x-cms-servicelocation
eastus:1
x-cms-type
list
x-cms-documentid
BBI4MeJ
server-timing
6
ms-cv
m0qSz0QOH0S2iT1isPAKUw.0
content-length
4138
x-trace-context
{"ActivityId":"c0888296-c21f-44e0-9e4d-b0ea5291eab0"}
x-cms-version
3296
last-modified
Tue, 12 Apr 2022 13:46:53 GMT
x-frame-options
deny
date
Tue, 12 Apr 2022 18:23:11 GMT
vary
Origin
content-type
application/json; charset=utf-8
x-cms-executiontimeinmilliseconds
5
access-control-expose-headers
X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control
max-age=900
akamai-server-ip
23.36.161.69
akamai-request-id
96c9b2a0
x-cms-documentstoragetier
Cache
expires
Tue, 12 Apr 2022 18:38:11 GMT
auction
srtb.msn.com/ 		69 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
5154578db52fa4f4821cdca28750f8ac34d3682bc076bab9a6e2898a35c61135
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-MSEdge-ClientID
135751EF468C6B243AC9406B473E6A3F
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-tsrgbt,preprg-1sw-gc,prg-rsum-ctrl,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,traffic-cam2-u,prg-1sw-camera-v2-1,csmoney4cf,csmoney5cf,prg-adspeek,prg-magiccc,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskip,1s-fcrypt,prg-psovhighctl,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
Content-Type
application/json
Cache-Control
no-cache
Referer
https://www.msn.com/
X-MSEdge-Market
en-us

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CB8AFAB630844A2CA196C449E90527EB Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:11Z
vary
Origin,Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
server-timing
total;dur=567
timing-allow-origin
https://www.msn.com
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
Access-Control-Request-Method
POST
Origin
https://www.msn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
access-control-allow-origin
https://www.msn.com
access-control-max-age
86400
content-length
0
date
Tue, 12 Apr 2022 18:23:11 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: D43638E151E447B9B7ABEB2B9A3D3B4B Ref B: FRAEDGE1511 Ref C: 2022-04-12T18:23:11Z
th
www.bing.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.b1289c59e70bc94062ab53d93d6ef716&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30704867f1c82d39f7d774dad8d56053a5bed086d0fc9d83b69440acd1eafc34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CF062D9B5E764403BFDA946A51AE741B Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
20254
AAU2Dsv
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		447 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAU2Dsv?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8fb2f738870e714b0d9fc01dcbf3770271ded49cb0e7b0f1410ad44999fa31c8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Mon, 04 Apr 2022 06:31:48 GMT
x-datacenter
eastus
x-source-length
4760
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=87029
x-activityid
6cac9d5d-6209-48c1-8f09-8468f3de6029
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAU2Dsv?w=16&h=16&q=100&m=6&f=png&u=t
content-length
447
expires
Wed, 13 Apr 2022 18:33:41 GMT
th
www.bing.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.f23e9be41750c90bdf26626613fdfbbd&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb016e94d6927dea10e7460f8c8e7a9730601c70893ac6bdf98dafb1ced691f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3CEFB18D8742490DAD239A50EE6F1B13 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
17030
BBm8qVB
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBm8qVB?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d126b3fd9597981766e675592da39eb3e6bff4deb640aef13ef3e22e9d97f14
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBm8qVB
date
Tue, 12 Apr 2022 18:23:12 GMT
x-source-length
18952
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBm8qVB?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
bb3d7be1-1a69-48e8-8758-4aafce581b0e
last-modified
Mon, 11 Apr 2022 13:30:21 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
820
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=327972
timing-allow-origin
*
expires
Sat, 16 Apr 2022 13:29:24 GMT
th
www.bing.com/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.b8dda4470ca3fa3d8d59af3c1680539b&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d7d3dc1ea85e16c6362d52bc2ee13c72c6840a9e8f55a3bb079c3251916836ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 550B4575D6614F7AA459F5114C3F9010 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
32588
BB10dZNR
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		257 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
388b63d310a0b20042b84dc31689e6f814da1524810e6a9d3b98c0b1ddd56c73
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB10dZNR
date
Tue, 12 Apr 2022 18:23:12 GMT
x-source-length
1138
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
e1e72055-3c9f-437e-9eaf-771430bbfed8
last-modified
Sun, 10 Apr 2022 10:48:25 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
257
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=231924
timing-allow-origin
*
expires
Fri, 15 Apr 2022 10:48:36 GMT
th
www.bing.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.439264b809545c9439d4c1dc18d002af&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6a7426ba68829f15caeeaf67bdb4163d2b4b3b33b08dbd0353189218f3e2fea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 557391FE13354EDAB94D10B1CFD257FE Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
19157
AAywOab
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		640 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5647d6e4fe65dadc8621ea2af7af33e586f7badd85f252d6132903cd0da80889
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Sun, 10 Apr 2022 04:34:17 GMT
x-datacenter
westus
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=209423
x-activityid
79118b2d-464a-4190-b319-0bd3530cfeaf
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t
content-length
640
expires
Fri, 15 Apr 2022 04:33:35 GMT
th
www.bing.com/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.94474e42b4c4cc629b00999b61b4e39f&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
135958c317d6173282bfe75e54082bf54d7205f028d0c7c2b367256d0822ead5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9ACAF3659FB54089A0EFF9BAA68BF5A7 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
19783
th
www.bing.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d1d3ba307a31eb4ea6d4ea58a213dee5&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7533f1721cd47e64f55a9360ade37f615c61a72a9b4a3a8f8c6945337eac2e65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0B77A28A4B554900931512CCFFC77528 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
18227
AANGpUX
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		523 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AANGpUX?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
977a659b09e112dcdea17259a4fc594a25c71ed3acf4b5739c960f9ed03e05fc
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Fri, 08 Apr 2022 06:38:37 GMT
x-datacenter
eastus
x-source-length
2518
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=44136
x-activityid
0d443ead-3333-47a7-82f4-470b08ec7abb
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AANGpUX?w=16&h=16&q=100&m=6&f=png&u=t
content-length
523
expires
Wed, 13 Apr 2022 06:38:48 GMT
th
www.bing.com/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d0782d416d94c5ec9984375d10fd4a99&pid=Wdp&w=468&h=304&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8f42f77723e5550f1e0e17d10b9e9c9a0d52c4b9e772f222934eb7206cda7b60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 95D91B5FA4CA45A2B95F1303BFD0FBE5 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
22734
AADetNw
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AADetNw?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1292a3eead7170f1d080337cc6e89e06244baa7ad853f37058ef3962669bd74c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Tue, 12 Apr 2022 11:28:01 GMT
x-datacenter
eastus
x-source-length
3926
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=407090
x-activityid
9242967a-e940-4d3a-be92-2c5155daa53b
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AADetNw?w=16&h=16&q=100&m=6&f=png&u=t
content-length
773
expires
Sun, 17 Apr 2022 11:28:02 GMT
th
www.bing.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.cde6d9e3a8eca3beb718ab9bddb9916d&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
153a473a5b0a4ea81402fe655e00de02668ea5a2896d3384c4faa39039bd3bd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9B6B7E311500474DB56DC90C78E663B6 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
13902
AAPWx7Q
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		348 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPWx7Q?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
445afbaba8e96507fa4056c83557c90fa898045b0571fe531e7f415a7b52d0d4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Fri, 08 Apr 2022 18:43:41 GMT
x-datacenter
westus
x-source-length
1688
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=87614
x-activityid
337aecbf-4069-4440-a70c-c0d472a1c29e
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAPWx7Q?w=16&h=16&q=100&m=6&f=png&u=t
content-length
348
expires
Wed, 13 Apr 2022 18:43:26 GMT
th
www.bing.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.04136d5e292cc62a392e8b2cfc9cf87d&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4a808e029b2d810eb497efd64fc1870f0645150da61c297791069d8bc4ad8a41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AF19EA4AC4B745B69A526680B1BC00D8 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
14466
AAW8APA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAW8APA.img?w=300&h=225&q=90&m=6&f=jpg&x=541&y=254&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
994cd1d0b075c669eccb3c71a90f609941c0673879437abbc34c9e3f5e2ab5fd
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Tue, 12 Apr 2022 16:18:55 GMT
x-datacenter
westus
x-source-length
5238405
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=424597
x-activityid
f8a9c03a-a77f-4aaa-8554-a904cd64eef8
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAW8APA?w=300&h=225&q=90&m=6&f=jpg&x=541&y=254&u=t
content-length
26175
expires
Sun, 17 Apr 2022 16:19:49 GMT
AACl4vY
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		717 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl4vY?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dc7364172405e145c60d725e238eb4a74f639a9ade115ee4d2ef83d108c86eae
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AACl4vY
date
Tue, 12 Apr 2022 18:23:12 GMT
x-source-length
4142
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl4vY?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
3efc983c-bbea-4c1f-83bc-2c1d06225e2f
last-modified
Sun, 10 Apr 2022 03:37:27 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
717
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=206090
timing-allow-origin
*
expires
Fri, 15 Apr 2022 03:38:02 GMT
th
www.bing.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.117649a7e863819a19cc46632b686786&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05e7a6444abaf9fa4a76f7abb405edffdc91f1876e87d31536f69942a1b6da55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F2CDAFC27FA34BDE859B1959B9702B88 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
16809
AA9tqjr
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		725 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9tqjr?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
60787a2e30e56b4842b55be9c0ebaf8efe44098f81507839ff0d0e6a696ecff7
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA9tqjr
date
Tue, 12 Apr 2022 18:23:12 GMT
x-source-length
1664
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9tqjr?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
aab33792-4ea3-44d4-a1fd-878ba0d366e7
last-modified
Sun, 10 Apr 2022 20:33:28 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
725
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=267047
timing-allow-origin
*
expires
Fri, 15 Apr 2022 20:33:59 GMT
th
www.bing.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.ca58ec9a5ba0ade70fb13f3c0f0f279c&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad99c2e64c168bfaca1f281e48dce7d99a8263d53df5d5249e12b46f38753b6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7D91E72B808C418F87E9AFF46461EC72 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
17086
BBph6Sm
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		671 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBph6Sm?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d3f2bf2f4bbbbd7d564b22dc53f8a8775515f14450b110d323bcad5589fef27
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBph6Sm
date
Tue, 12 Apr 2022 18:23:12 GMT
x-source-length
19025
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBph6Sm?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
221d860b-7ed9-44bb-b0a8-a3a7eb943094
last-modified
Sun, 10 Apr 2022 07:34:47 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
671
x-resizerversion
1.0
x-datacenter
eastap
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=220326
timing-allow-origin
*
expires
Fri, 15 Apr 2022 07:35:18 GMT
th
www.bing.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.c52a88296d55451518893916f4116a92&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee150c4462474bc089d20655edb33e0943638b3634a7863ce8e0adc7b39023d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3ACEF1D2CE654C48ACAA32E7EB916E25 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
16276
AALER5n
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		602 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6ea15ce50030095c00cd5861862b133f821dca77413bb2ee7d740bab42894ffb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Fri, 08 Apr 2022 13:40:01 GMT
x-datacenter
westus
x-source-length
3337
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=69445
x-activityid
5ba52f50-6978-43b6-a05d-39320971d67d
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t
content-length
602
expires
Wed, 13 Apr 2022 13:40:37 GMT
th
www.bing.com/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.c8908d1a7fe3f3e310c2e8d263344727&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3afa32831a4e17a29dd0c198fdbd5fe316e6f77cb4b8f98f9ba1849d2e2f7163

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 58689CAB0F80418CB0DE1D752E1D6DB3 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
15820
AAQk7ql
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		406 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAQk7ql?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5848665b65e1e5be4d7463e0047c98eac656f92d9e6f20a5a823774794f99b03
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Mon, 11 Apr 2022 16:32:57 GMT
x-datacenter
northeu
x-source-length
2906
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=338996
x-activityid
e9d31e0f-844b-43ab-ad9e-e48fcf42fe2d
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAQk7ql?w=16&h=16&q=100&m=6&f=png&u=t
content-length
406
expires
Sat, 16 Apr 2022 16:33:08 GMT
jot
www.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/jot?j=2786561916.915038159&n=1&s=poll&t=metatarget&d=%7B%22target%22%3A3815%2C%22instance%22%3A%22civsci-id-76398579-AAW83WP%22%2C%22isContainerSeen%22%3Atrue%2C%22context%22%3A%22%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A4%2C%22cy%22%3A1158%2C%22otarget%22%3A3223%7D
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.214.246.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-214-246-74.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meCore.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
reactions
assets.msn.com/service/community/comments/6571aef9-036d-493b-bd22-aad88cb3a781/ 		2 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/comments/6571aef9-036d-493b-bd22-aad88cb3a781/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-135751EF468C6B243AC9406B473E6A3F
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0dcd93700f88be8efade7e01aaa077c1cb52064ad50721497d984206f8a5785c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-tsrgbt,preprg-1sw-gc,prg-rsum-ctrl,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,traffic-cam2-u,prg-1sw-camera-v2-1,csmoney4cf,csmoney5cf,prg-adspeek,prg-magiccc,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-newsskip,1s-fcrypt,prg-psovhighctl,prg-1sw-splog,prg-contslct-t1a,prg-1sw-nen3di,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
4/12/2022 6:23:12 PM
x-msedge-ref
Ref A: E87C3C1336FB4DEEAB0A09811B60F7FA Ref B: FRA31EDGE0609 Ref C: 2022-04-12T18:23:12Z
ddd-strategyexecutionlatency
00:00:00.0031185
server-timing
5
ddd-servername
3D207B3ACC3B
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
private, max-age=0
x-msedge-responseinfo
3
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
3
x-as-suppresssetcookie
1
expires
Tue, 12 Apr 2022 18:23:12 GMT
date
Tue, 12 Apr 2022 18:23:12 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
930
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenl2=prg-1sw-tsrgbt,sagenl3=preprg-1sw-gc,wfeedsmuid1=prg-rsum-ctrl,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid15=traffic-cam2-u,csmoney4=csmoney4cf,csmoney5=csmoney5cf,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3fl0=prg-1sw-newsskip,3gk6=1s-fcrypt,wfeedsmuidwpo2=prg-psovhighctl,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
aca92091-fcab-41f6-b186-a4f2c96c1f34
ddd-storeexecutionlatency
00:00:00.0030859
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
96c9b737
domains
api.viglink.com/api/ 		42 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.25.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-25-105.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
27110b1b489593a2f08bdafab95b8018d67ace9de5718f82088e09279f704a74

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:11 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
target
www.civicscience.com/widget/api/2/ 		0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.civicscience.com/widget/api/2/target?target=dc47b0af-1755-c124-4d1b-758f0eee9014&instance=civsci-id-76398579-AAW83WP&context=%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&mv=5&_=1649787792140&callback=jsonp_1649787792140_9907
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.165.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-165-149.compute-1.amazonaws.com
Software
Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
x-powered-by
PHP/7.2.34
server
Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1003 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787792146&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
aad4e29d752ae4f74013f96bca4fc8d9d765c6d25222e2793517006c8fdf8551

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:11 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
52
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
reaction-breakdown-dialog.5035534de9353899cb93.js
assets.msn.com/bundles/v1/views/latest/ 		83 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/reaction-breakdown-dialog.5035534de9353899cb93.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
734988aa63a7b90f9cb5a147b0465e79dcb7ea214bcfccee4468bee8aae69e09

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:12 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
wm4qR2AxRF16MMczxhdsPg==
server-timing
5
content-length
25760
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 00:16:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18F518DEF48C
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
9ebd95ac-301e-00f7-5bde-4a79c3000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c9b862
truncated
/ 		239 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9

Request headers

Referer
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/svg+xml
jac.js
jac.yahoosandbox.com/0.14.0/ Frame 8D1F 		153 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24250
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
jsHq/4pPh9OL9tD445RdiUuVq96WaIlApPRqcSFLqP+cBFcdgeaQaFrktj7mZ/kR0jQx7gUtRbA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
HN7QTPWHK51ZS3AA
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
jac.js
jac.yahoosandbox.com/0.14.0/ Frame 7702 		153 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.14.0/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24250
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
40241
x-amz-id-2
jsHq/4pPh9OL9tD445RdiUuVq96WaIlApPRqcSFLqP+cBFcdgeaQaFrktj7mZ/kR0jQx7gUtRbA=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Feb 2022 09:58:30 GMT
server
ATS
etag
"aa505988e9b89104864232dd5ae7e916-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, OPTIONS
x-amz-request-id
HN7QTPWHK51ZS3AA
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
card-actions-wc.fa07e407847934933446.js
assets.msn.com/bundles/v1/views/latest/ 		181 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/card-actions-wc.fa07e407847934933446.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.b08f5edeb11bdea43079.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bd1e10a375a428c7bac8f6d1d0f976ff20eff193ddd2d3745976a5504c07c4d6

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:12 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
7EkwWJykUlOR8z2pAvFDfw==
server-timing
5
content-length
46204
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 23:10:15 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1C107062331D
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
72a2a93d-601e-00ae-0cf9-4d69e3000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c9bb9e
adServe.do
web.ssp.yahoo.com/admax/ Frame 8D1F 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN11&tp=msft_muid%3D135751EF468C6B243AC9406B473E6A3F!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3D9575a236a39a457e86ca3f8969170291!msft_year%3D!msft_asid%3D1649787791933|335432037929985340!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
661c3d197c5bb2d4feff18344bdf77f7959e85e8189167f69f527497fe779ff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
server
ATS/9.1.0.33
age
0
content-type
application/x-javascript;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length
5460
expires
Thu, 01 Jan 1970 00:00:00 GMT
adcount%7C2.0%7C5113.1%7C3779659%7C0%7C170%7CAdId=11043949;BnId=4;ct=659301961;st=4148;adcid=1;itime=787792471;reqtype=5;guid=331v8lhh5bgsf&b=3&s=jl;;impref=164978779250614836;imprefseq=17172834916...
26.at.atwola.com/ Frame 8D1F 		1 B
33 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3779659%7C0%7C170%7CAdId=11043949;BnId=4;ct=659301961;st=4148;adcid=1;itime=787792471;reqtype=5;guid=331v8lhh5bgsf&b=3&s=jl;;impref=164978779250614836;imprefseq=171728349167621901;imprefts=1649787792;adclntid=1002;pvid=dcbe984d7;kvgrp=dcbe984d7;kvmsft_asid=1649787791933%7C335432037929985340;kvpg=www.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-aaw83wp;kvmn=newusen11;kvmsft_refresh=0;kvmsft_jac=1;kvmsft_providerid=b4piwqlc5;kvsecure=true;kvmsft_pagetype=article;kvmsft_rid=9575a236a39a457e86ca3f8969170291;kvmsft_muid=135751EF468C6B243AC9406B473E6A3F;kvmsft_ext_inv_cd=us;gdpr=0;
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
adServe.do
web.ssp.yahoo.com/admax/ Frame 7702 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN12&tp=msft_muid%3D135751EF468C6B243AC9406B473E6A3F!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3D9575a236a39a457e86ca3f8969170291!msft_year%3D!msft_asid%3D1649787791068|337430297010900540!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
091407daf3d0d42e0c475c76e420c27ce4c516b9838867e0b882f4ec156b20cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
server
ATS/9.1.0.33
age
0
content-type
application/x-javascript;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length
3106
expires
Thu, 01 Jan 1970 00:00:00 GMT
adcount%7C2.0%7C5113.1%7C3779662%7C0%7C225%7CAdId=11043949;BnId=3;ct=659349265;st=3726;adcid=1;itime=787792416;reqtype=5;guid=0fi6dolh5bgsf&b=3&s=0o;;impref=164978779217059372;imprefseq=20043877961...
26.at.atwola.com/ Frame 7702 		1 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3779662%7C0%7C225%7CAdId=11043949;BnId=3;ct=659349265;st=3726;adcid=1;itime=787792416;reqtype=5;guid=0fi6dolh5bgsf&b=3&s=0o;;impref=164978779217059372;imprefseq=200438779612239619;imprefts=1649787792;adclntid=1002;pvid=dcbe984d7;kvgrp=dcbe984d7;kvmsft_asid=1649787791068%7C337430297010900540;kvpg=www.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-aaw83wp;kvmn=newusen12;kvmsft_refresh=0;kvmsft_jac=1;kvmsft_providerid=b4piwqlc5;kvsecure=true;kvmsft_pagetype=article;kvmsft_rid=9575a236a39a457e86ca3f8969170291;kvmsft_muid=135751EF468C6B243AC9406B473E6A3F;kvmsft_ext_inv_cd=us;gdpr=0;
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__9bea4956764397c3bd8ca17776951238__0eb09db347d65a45245e6a5305a469f4__%7E%7EV1%7E%7E3815473515362940484%7E%7EhUPR4gXaBvBsvE-ITka1sCYVdUW-mgIyUsLUQ_dT-cnTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLBtrUp7ugJTB6EFSNTmEWEh_SgzycfM6-ZkrPrVT0wc_O6da-AaCOxPRSxmF3Vc4k-Mqc_9u9IFUfhTjpkoMx3NPEayBLvzI05GryInZVfmKeGqlNcrWMbezicTSQffReSYSyVZvCn0F35BSmSC9hJ58hbh6da_GLGpwl7TPGk2Q__text&response.session=v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA&view.external-id=9575a236a39a457e86ca3f8969170291&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787793.652926,VS0,VE8
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
/
d.agkn.com/pixel/10690/
Redirect Chain
  • https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;sz=1x1;ord=2022-04-12+18%3A23%3A12;dc_ref=msn.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR...
  • https://ad.doubleclick.net/ddm/ad/N297201.2069703TABOOLA/B26896017.320597054;dc_pre=CJjy3bqSj_cCFU0EiwodsSoHdg;sz=1x1;ord=2022-04-12+18%3A23%3A12;dc_ref=msn.com;dc_lat=;dc_rdid=;tag_for_child_direc...
  • https://d.agkn.com/pixel/10690/?che=3158673239&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=
43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/10690/?che=3158673239&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
3.120.51.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-51-47.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:12 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://d.agkn.com/pixel/10690/?che=3158673239&cmid=26896017&sid=3245026&pid=320597054&cgid=522270926&cid=167521640&aid=11386582&gdpr=&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=riverdb&i=3&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=4ef39a7e-306f-40ec-a7c2-3dfcc3188488&ii=1&c=4226742405765657716
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 43FA6E20F7E24FF0833643E7CD59A8E6 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:12Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__9bea4956764397c3bd8ca17776951238__312988ac02ce65404a7da5c88cd07d68__%7E%7EV1%7E%7E-4470016362437527751%7E%7E_1u0HqKe7FDIvQcWLBwb09eUUIoRZu9y75_sq-jV8lEndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AyoiBWc__q0qcog4DWAA6rBk6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3OEcPfP_QUYadi5GRo3kV2c-egnF7Q-Us_DAcm4X0hO2r9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA&view.external-id=9575a236a39a457e86ca3f8969170291&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787793.654557,VS0,VE9
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=river&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=3272b61e-81f2-43a8-8cf5-13725c449891&ii=1&c=2947547552136036116
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D2030DF5370F414588CFFE2DF2C6D84D Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:12Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__9bea4956764397c3bd8ca17776951238__6d9b7f564cdeb3fcdc457990ee7e2361__%7E%7EV1%7E%7E8553349492833501495%7E%7Ebjy9Ub6Mdv-m2_etiGIOSsMsxYnlQJoen4Hi8xfOCqIndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayqe_UOnRK3j-LvYjEsLVV4E6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3INxOIXl-FKVFDdbZMjM8Bi7IgaNYcVpmJ_OLIxxVxnqoHz4WstlZyrvjTggBjtPpmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA&view.external-id=9575a236a39a457e86ca3f8969170291&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787793.655495,VS0,VE8
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=river&i=2&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=7bd6521b-a29f-47f1-a067-da202de495be&ii=1&c=13647747066392123145
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CCF9B0FEE63A469ABB242E8CE0040CD6 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:12Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__9bea4956764397c3bd8ca17776951238__8bf38cb28c3df9414375502898afac8b__%7E%7EV1%7E%7E-5233577398151382768%7E%7EPTEM3maHXIFPh_bVKKRac3pDkYtzJSGOY0AnrRUZmg0ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayg1OuQB-SEIx9nBWKuamVJc6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3OEcPfP_QUYadi5GRo3kV2djzejbH1RwMgOgdjj-5p6eVM0PRQTgfQ8HLgbtu0DqlmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA&view.external-id=9575a236a39a457e86ca3f8969170291&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787793.655703,VS0,VE8
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=river&i=10&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=e16f5b7e-93bb-4f07-84a3-d1cdbe179b83&ii=1&c=12890859292652110418
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2A84445EBE3E45829F4A98C6F54D8E38 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:12Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__9bea4956764397c3bd8ca17776951238__eeed66103f806deb0b6c0c02d21c0e3c__%7E%7EV1%7E%7E2356992837136852159%7E%7E9e7SHduactgFjECO25a0BUzSQuEJwt6Qc9bsowH8G-kndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqVJMgqFduKLk8EZ0XZ0ymiumclQpmmKmsMbgPkYvcBxPoL_HiKw-eFhYJ1gq99JK7v3O5aWyaKWFqq-nsm2xyeKCQSqJXFUl5MxfR6_oTijzb_6z5hBBmX4JNOQqTEWjPcCWrmcdwkZyWIISdiXNNCK1bRdWwF-LL0jq9xtEg2_2__text&response.session=v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA&view.external-id=9575a236a39a457e86ca3f8969170291&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787793.655807,VS0,VE9
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=river&i=11&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=2f2e6f96-9f1d-427f-b23e-d594b24c03aa&ii=1&c=13740016958028924801
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B7032F6905A34B6E804AA7745C24C8ED Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:12Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__9bea4956764397c3bd8ca17776951238__4172b4d85d852ae9e8b63fda68d0c3d7__%7E%7EV1%7E%7E-3960600915361530747%7E%7EVavxhZwa30FaDKcU_D-aHLY9kGj98pjxL7_HcAth1SBFiu7t5aMeQv_OvQ_xsFedK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWCfN_K5ZkoLtVqOivFPrla_-km2vvHi4PrhVcAFOctxHPFAGKdPhg4M36gaqGavQlSwnzmn1Lyn6I9vWVxNZNJHc5nrq03tbNfWiRXPWi4tbnIwyIPnm3-HYooPR4HIQ9D5gyIQq3l9oGD8tdVAtuddmUt5dQdKHDSD-IROEG5rKQ__photo&response.session=v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA&view.external-id=9575a236a39a457e86ca3f8969170291&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787793.655909,VS0,VE9
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=river&i=12&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=1bdd56b1-8d33-44aa-b83b-4f74fff95741&ii=1&c=505322196336919378
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ACC7611AC8F64C7EA27C81B451B7A8CD Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:12Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
/
b1-nydc1.zemanta.com/bidder/win/msn/9c823d9e-ba8d-11ec-b2ba-b3d5ac7b26bd/0.018154/LAWMFCUBOIWIRNBTZOUXUQG5UJQ2BYBGKN6DKKL4PK2BKU67ISQSLYXVYVJZN2U2SN44VENBW645PPV4ZHTGVLTBJ3R7D7MCASDVG34ZH7U73DNUIQF... 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-nydc1.zemanta.com/bidder/win/msn/9c823d9e-ba8d-11ec-b2ba-b3d5ac7b26bd/0.018154/LAWMFCUBOIWIRNBTZOUXUQG5UJQ2BYBGKN6DKKL4PK2BKU67ISQSLYXVYVJZN2U2SN44VENBW645PPV4ZHTGVLTBJ3R7D7MCASDVG34ZH7U73DNUIQFVS64YZDAULDU4LR4I3DIRAVE52LFWIMSSYJKFEWWL4CBD2ESYGOX5SVNWBCKZEUKHE5KLUEFCI3YPQMLEY2BWJ4OO4HMWL4VFR4XYOKUPR3PI6AIIZWYRPSM6DJ2KD7TWR2KZEVXRZTVYVIKQ7ZEDKQKCST5HRKBOCCM7USYRHGOCD2RAXTZHP74N6G6FFPC5EZVXVIDYEOY5ZILFQKXCHHHJAQGS5KXLLBQ5V4RDHNCRJ2IQJZBCPHSGXN3SR4Y6VMHE3EASMUNRERJYPXIAQR5JQT3CWWMT6Y7WK5NDEJNE2PUZQC3NS4IZK2PY3FQQUL63CUQP6EGZ45GSLLOQJCWMGN4JEUX6PD77BYC6SCBIAA26Q46L2QWWKY5TURGTPDORYHLCI2HT/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:12 GMT
Content-Length
0
/
b1t-nydc1.zemanta.com/t/imp/impression/WXP6NZIHZDKABAGUPICVPB4LCVE5XUCGUMLZJRE4KS76CPXTIM6DOD6SVU4SMAUXD6BSDNRFL3RENMMBO3W2RZAXLUFSA4THB5SNAB3YO2DYM3UIZZNDHFNSSHQ5LNXREIBNYFAHMINQDYM4Y6ACEUSE4P6YM6... 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-nydc1.zemanta.com/t/imp/impression/WXP6NZIHZDKABAGUPICVPB4LCVE5XUCGUMLZJRE4KS76CPXTIM6DOD6SVU4SMAUXD6BSDNRFL3RENMMBO3W2RZAXLUFSA4THB5SNAB3YO2DYM3UIZZNDHFNSSHQ5LNXREIBNYFAHMINQDYM4Y6ACEUSE4P6YM6BATDAXCAU4QTL7A5BA3L4YCZZVUNRMLMGKCMPVSVYFYTKN5P2BHBGRFOJAMFOXH2CUDEN66AAGH3CFV6TJXLRALLFW54PLRVNT35XHYWCGCL55SPC6FAJF4GXNRLSNLTFEYTQBJXW4QRDWD64SEYDUFA2R5WBLH4ANWRJXJJD7AOLNZ7IXOATJ4OR2HOES3IAVY5VPKDIHF7HD5DQWEDDQ/?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.159 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:12 GMT
Content-Length
26
Content-Type
image/gif
served
srtb.msn.com/notify/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=river&i=13&p=webcompar&l=en-us&d=outbrain&b=chrome&a=2c78c66d-2efb-4432-8e29-582014939590&ii=1&c=226970016140279557
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A9876AF578B84AE48C6FB6145FA12826 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:12Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__9bea4956764397c3bd8ca17776951238__ef212f0f64a3996e6f7514385092647e__%7E%7EV1%7E%7E651514380748400041%7E%7EzE51VhYxA1BAtmJ8x-dCimFQe0zjXEikeai3cETmspAndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqWtIgs-9fkmMFsGE49L5ROKmclQpmmKmsMbgPkYvcBxPoL_HiKw-eFhYJ1gq99JK7pBKiI9vFt9YgcxtbycDNvLpT3mi0WBimLjcYCdG6IqdpBszokCw9nGlSDN9NEO1uzDu07MI-Vh-HMpVI0CxSx0__text&response.session=v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA&view.external-id=9575a236a39a457e86ca3f8969170291&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787793.655978,VS0,VE9
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=river&i=18&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=a61ba0a2-3f7c-4a1b-be82-585a88d845fb&ii=1&c=5322182043130591664
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C9C6BE032911450FB1D1D110F82CD373 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:12Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
th
www.bing.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.b1289c59e70bc94062ab53d93d6ef716&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30704867f1c82d39f7d774dad8d56053a5bed086d0fc9d83b69440acd1eafc34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A38182BA3D5D48C38619BDC669F657F3 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
20254
AAU2Dsv
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		447 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAU2Dsv?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8fb2f738870e714b0d9fc01dcbf3770271ded49cb0e7b0f1410ad44999fa31c8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Mon, 04 Apr 2022 06:31:48 GMT
x-datacenter
eastus
x-source-length
4760
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=87029
x-activityid
6cac9d5d-6209-48c1-8f09-8468f3de6029
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAU2Dsv?w=16&h=16&q=100&m=6&f=png&u=t
content-length
447
expires
Wed, 13 Apr 2022 18:33:41 GMT
th
www.bing.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.f23e9be41750c90bdf26626613fdfbbd&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eb016e94d6927dea10e7460f8c8e7a9730601c70893ac6bdf98dafb1ced691f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A2913189029E458DBD1FC436265C514F Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
17030
BBm8qVB
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBm8qVB?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d126b3fd9597981766e675592da39eb3e6bff4deb640aef13ef3e22e9d97f14
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBm8qVB
date
Tue, 12 Apr 2022 18:23:12 GMT
x-source-length
18952
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBm8qVB?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
bb3d7be1-1a69-48e8-8758-4aafce581b0e
last-modified
Mon, 11 Apr 2022 13:30:21 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
820
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=327972
timing-allow-origin
*
expires
Sat, 16 Apr 2022 13:29:24 GMT
th
www.bing.com/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.b8dda4470ca3fa3d8d59af3c1680539b&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d7d3dc1ea85e16c6362d52bc2ee13c72c6840a9e8f55a3bb079c3251916836ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5FD0A03B0DF9460E8BE64B1AB8ED380B Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
32588
BB10dZNR
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		257 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
388b63d310a0b20042b84dc31689e6f814da1524810e6a9d3b98c0b1ddd56c73
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB10dZNR
date
Tue, 12 Apr 2022 18:23:12 GMT
x-source-length
1138
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
e1e72055-3c9f-437e-9eaf-771430bbfed8
last-modified
Sun, 10 Apr 2022 10:48:25 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
257
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=231924
timing-allow-origin
*
expires
Fri, 15 Apr 2022 10:48:36 GMT
th
www.bing.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.439264b809545c9439d4c1dc18d002af&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6a7426ba68829f15caeeaf67bdb4163d2b4b3b33b08dbd0353189218f3e2fea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EB29FE7B4BC049EEA58C81FCB79ABA2C Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
19157
AAywOab
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		640 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5647d6e4fe65dadc8621ea2af7af33e586f7badd85f252d6132903cd0da80889
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Sun, 10 Apr 2022 04:34:17 GMT
x-datacenter
westus
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=209423
x-activityid
79118b2d-464a-4190-b319-0bd3530cfeaf
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t
content-length
640
expires
Fri, 15 Apr 2022 04:33:35 GMT
th
www.bing.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.94474e42b4c4cc629b00999b61b4e39f&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
135958c317d6173282bfe75e54082bf54d7205f028d0c7c2b367256d0822ead5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 785EF672CE534CBD890845A9D066E78C Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
19783
th
www.bing.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d1d3ba307a31eb4ea6d4ea58a213dee5&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7533f1721cd47e64f55a9360ade37f615c61a72a9b4a3a8f8c6945337eac2e65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A29945FB05CA47ABAED75C0C475933F4 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
18227
AANGpUX
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		523 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AANGpUX?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
977a659b09e112dcdea17259a4fc594a25c71ed3acf4b5739c960f9ed03e05fc
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Fri, 08 Apr 2022 06:38:37 GMT
x-datacenter
eastus
x-source-length
2518
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=44136
x-activityid
0d443ead-3333-47a7-82f4-470b08ec7abb
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AANGpUX?w=16&h=16&q=100&m=6&f=png&u=t
content-length
523
expires
Wed, 13 Apr 2022 06:38:48 GMT
th
www.bing.com/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d0782d416d94c5ec9984375d10fd4a99&pid=Wdp&w=468&h=304&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8f42f77723e5550f1e0e17d10b9e9c9a0d52c4b9e772f222934eb7206cda7b60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A61D5039AD9E42F3B3B42A39FF593E80 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
22734
AADetNw
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AADetNw?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1292a3eead7170f1d080337cc6e89e06244baa7ad853f37058ef3962669bd74c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Tue, 12 Apr 2022 11:28:01 GMT
x-datacenter
eastus
x-source-length
3926
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=407090
x-activityid
9242967a-e940-4d3a-be92-2c5155daa53b
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AADetNw?w=16&h=16&q=100&m=6&f=png&u=t
content-length
773
expires
Sun, 17 Apr 2022 11:28:02 GMT
th
www.bing.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.cde6d9e3a8eca3beb718ab9bddb9916d&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
153a473a5b0a4ea81402fe655e00de02668ea5a2896d3384c4faa39039bd3bd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DE9976384A89415BA12CC867DA14E653 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
13902
AAPWx7Q
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		348 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPWx7Q?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
445afbaba8e96507fa4056c83557c90fa898045b0571fe531e7f415a7b52d0d4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Fri, 08 Apr 2022 18:43:41 GMT
x-datacenter
westus
x-source-length
1688
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=87614
x-activityid
337aecbf-4069-4440-a70c-c0d472a1c29e
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAPWx7Q?w=16&h=16&q=100&m=6&f=png&u=t
content-length
348
expires
Wed, 13 Apr 2022 18:43:26 GMT
th
www.bing.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.04136d5e292cc62a392e8b2cfc9cf87d&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4a808e029b2d810eb497efd64fc1870f0645150da61c297791069d8bc4ad8a41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C37BAEDE7A654C8EBAC43856FD0D63E4 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
14466
AAW8APA.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAW8APA.img?w=300&h=225&q=90&m=6&f=jpg&x=541&y=254&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
994cd1d0b075c669eccb3c71a90f609941c0673879437abbc34c9e3f5e2ab5fd
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Tue, 12 Apr 2022 16:18:55 GMT
x-datacenter
westus
x-source-length
5238405
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=424597
x-activityid
f8a9c03a-a77f-4aaa-8554-a904cd64eef8
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAW8APA?w=300&h=225&q=90&m=6&f=jpg&x=541&y=254&u=t
content-length
26175
expires
Sun, 17 Apr 2022 16:19:49 GMT
AACl4vY
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		717 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl4vY?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dc7364172405e145c60d725e238eb4a74f639a9ade115ee4d2ef83d108c86eae
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AACl4vY
date
Tue, 12 Apr 2022 18:23:12 GMT
x-source-length
4142
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl4vY?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
3efc983c-bbea-4c1f-83bc-2c1d06225e2f
last-modified
Sun, 10 Apr 2022 03:37:27 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
717
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=206090
timing-allow-origin
*
expires
Fri, 15 Apr 2022 03:38:02 GMT
th
www.bing.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.117649a7e863819a19cc46632b686786&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
05e7a6444abaf9fa4a76f7abb405edffdc91f1876e87d31536f69942a1b6da55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F1B8209DB0354B31A1085D5A3E1351C4 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
16809
AA9tqjr
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		725 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9tqjr?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
60787a2e30e56b4842b55be9c0ebaf8efe44098f81507839ff0d0e6a696ecff7
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA9tqjr
date
Tue, 12 Apr 2022 18:23:12 GMT
x-source-length
1664
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9tqjr?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
aab33792-4ea3-44d4-a1fd-878ba0d366e7
last-modified
Sun, 10 Apr 2022 20:33:28 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
725
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=267047
timing-allow-origin
*
expires
Fri, 15 Apr 2022 20:33:59 GMT
th
www.bing.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.ca58ec9a5ba0ade70fb13f3c0f0f279c&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ad99c2e64c168bfaca1f281e48dce7d99a8263d53df5d5249e12b46f38753b6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F0914CC2C56E464AAC1138E91554032B Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
17086
BBph6Sm
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		671 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBph6Sm?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6d3f2bf2f4bbbbd7d564b22dc53f8a8775515f14450b110d323bcad5589fef27
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBph6Sm
date
Tue, 12 Apr 2022 18:23:12 GMT
x-source-length
19025
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBph6Sm?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
221d860b-7ed9-44bb-b0a8-a3a7eb943094
last-modified
Sun, 10 Apr 2022 07:34:47 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
671
x-resizerversion
1.0
x-datacenter
eastap
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=220326
timing-allow-origin
*
expires
Fri, 15 Apr 2022 07:35:18 GMT
th
www.bing.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.c52a88296d55451518893916f4116a92&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee150c4462474bc089d20655edb33e0943638b3634a7863ce8e0adc7b39023d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0D02DC01A8D349BBB76778E6E098EA62 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
16276
AALER5n
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		602 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6ea15ce50030095c00cd5861862b133f821dca77413bb2ee7d740bab42894ffb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Fri, 08 Apr 2022 13:40:01 GMT
x-datacenter
westus
x-source-length
3337
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=69445
x-activityid
5ba52f50-6978-43b6-a05d-39320971d67d
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t
content-length
602
expires
Wed, 13 Apr 2022 13:40:37 GMT
th
www.bing.com/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.c8908d1a7fe3f3e310c2e8d263344727&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3afa32831a4e17a29dd0c198fdbd5fe316e6f77cb4b8f98f9ba1849d2e2f7163

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1DB920A579804A55AF5365235A46B63D Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:12Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
15820
AAQk7ql
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		406 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAQk7ql?w=16&h=16&q=100&m=6&f=png&u=t
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.a379e9d9132a4c4f494a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5848665b65e1e5be4d7463e0047c98eac656f92d9e6f20a5a823774794f99b03
Security Headers
Name Value
X-Frame-Options deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Mon, 11 Apr 2022 16:32:57 GMT
x-datacenter
northeu
x-source-length
2906
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=338996
x-activityid
e9d31e0f-844b-43ab-ad9e-e48fcf42fe2d
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAQk7ql?w=16&h=16&q=100&m=6&f=png&u=t
content-length
406
expires
Sat, 16 Apr 2022 16:33:08 GMT
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa6071a2cfff059fe8fbd1e39a976f7e3.png
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa6071a2cfff059fe8fbd1e39a976f7e3.png?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__312988ac02ce65404a7da5c88cd07d68__%7E%7EV1%7E%7E-4470016362437527751%7E%7E_1u0HqKe7FDIvQcWLBwb09eUUIoRZu9y75_sq-jV8lEndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AyoiBWc__q0qcog4DWAA6rBk6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3OEcPfP_QUYadi5GRo3kV2c-egnF7Q-Us_DAcm4X0hO2r9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f31fa627ed978a0d4b90ad8d1daeae39c61a3122abb1dd3b8511c406dca2ea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish, 1.1 varnish
age
536680
edge-cache-tag
463544588347677371146472120032560612431,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
463544588347677371146472120032560612431,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
720
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa6071a2cfff059fe8fbd1e39a976f7e3.png?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__312988ac02ce65404a7da5c88cd07d68__%7E%7EV1%7E%7E-4470016362437527751%7E%7E_1u0HqKe7FDIvQcWLBwb09eUUIoRZu9y75_sq-jV8lEndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AyoiBWc__q0qcog4DWAA6rBk6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3OEcPfP_QUYadi5GRo3kV2c-egnF7Q-Us_DAcm4X0hO2r9V4KhIDPV7ZkAtSl-VG02EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
content-length
11122
x-request-id
65e9bbe7e99aa921aca894d326af9869
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 05 Apr 2022 16:19:36 GMT
server
nginx
x-timer
S1649787793.774047,VS0,VE1
etag
"b89e28e240c4ca98f58ee61800701ae2"
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kcgs7200101-IAD, cache-sna10732-LGB, cache-iad-kcgs7200072-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7ebd20990fa29694657dc58398ebbb1c.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7ebd20990fa29694657dc58398ebbb1c.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__6d9b7f564cdeb3fcdc457990ee7e2361__%7E%7EV1%7E%7E8553349492833501495%7E%7Ebjy9Ub6Mdv-m2_etiGIOSsMsxYnlQJoen4Hi8xfOCqIndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayqe_UOnRK3j-LvYjEsLVV4E6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3INxOIXl-FKVFDdbZMjM8Bi7IgaNYcVpmJ_OLIxxVxnqoHz4WstlZyrvjTggBjtPpmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa497e37baafdde87af0492fbf8d9453a1b20fe1d3534e46245d4725aef69d0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish, 1.1 varnish
age
1212245
edge-cache-tag
483936090605440544397070153181898394604,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
483936090605440544397070153181898394604,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
548
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7ebd20990fa29694657dc58398ebbb1c.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__6d9b7f564cdeb3fcdc457990ee7e2361__%7E%7EV1%7E%7E8553349492833501495%7E%7Ebjy9Ub6Mdv-m2_etiGIOSsMsxYnlQJoen4Hi8xfOCqIndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayqe_UOnRK3j-LvYjEsLVV4E6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3INxOIXl-FKVFDdbZMjM8Bi7IgaNYcVpmJ_OLIxxVxnqoHz4WstlZyrvjTggBjtPpmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
content-length
13850
x-request-id
dd7c56b648196367cfe867cffd3987da
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 29 Mar 2022 11:47:54 GMT
server
nginx
x-timer
S1649787793.774138,VS0,VE1
etag
"a8cf33baf87d28bd69f9905b6bec3beb"
x-served-by
cache-iad-kiad7000173-IAD, cache-iad-kiad7000119-IAD, cache-chi-kigq8000075-CHI, cache-iad-kiad7000034-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0243da0bbe696b6c51ff34e17cc4bfd4.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_304%2Cw_468%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_304%2Cw_468%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0243da0bbe696b6c51ff34e17cc4bfd4.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__0eb09db347d65a45245e6a5305a469f4__%7E%7EV1%7E%7E3815473515362940484%7E%7EhUPR4gXaBvBsvE-ITka1sCYVdUW-mgIyUsLUQ_dT-cnTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLBtrUp7ugJTB6EFSNTmEWEh_SgzycfM6-ZkrPrVT0wc_O6da-AaCOxPRSxmF3Vc4k-Mqc_9u9IFUfhTjpkoMx3NPEayBLvzI05GryInZVfmKeGqlNcrWMbezicTSQffReSYSyVZvCn0F35BSmSC9hJ58hbh6da_GLGpwl7TPGk2Q__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7083c296f6591615804f27559c1630d9e04596f8b371c7939d6988956c87b7f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish, 1.1 varnish
age
3417760
edge-cache-tag
593609274701617947802974067981124824750,531251317501073307919544072836677194697,29ecf9b93bbf306179626feeda1fab70
cache-tag
593609274701617947802974067981124824750,531251317501073307919544072836677194697,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
82
expiration
expiry-date="Sat, 12 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_304%2Cw_468%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0243da0bbe696b6c51ff34e17cc4bfd4.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__0eb09db347d65a45245e6a5305a469f4__%7E%7EV1%7E%7E3815473515362940484%7E%7EhUPR4gXaBvBsvE-ITka1sCYVdUW-mgIyUsLUQ_dT-cnTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLBtrUp7ugJTB6EFSNTmEWEh_SgzycfM6-ZkrPrVT0wc_O6da-AaCOxPRSxmF3Vc4k-Mqc_9u9IFUfhTjpkoMx3NPEayBLvzI05GryInZVfmKeGqlNcrWMbezicTSQffReSYSyVZvCn0F35BSmSC9hJ58hbh6da_GLGpwl7TPGk2Q__text%22%7D
content-length
51092
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Wed, 09 Feb 2022 15:14:30 GMT
server
nginx
x-timer
S1649787793.774200,VS0,VE1
etag
"074aaef4132f9092c084bbc251978c10"
x-served-by
cache-wdc5582-WDC, cache-iad-kcgs7200061-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F316460d81a35fdf2d75ebbcfd35912d4.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F316460d81a35fdf2d75ebbcfd35912d4.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__8bf38cb28c3df9414375502898afac8b__%7E%7EV1%7E%7E-5233577398151382768%7E%7EPTEM3maHXIFPh_bVKKRac3pDkYtzJSGOY0AnrRUZmg0ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayg1OuQB-SEIx9nBWKuamVJc6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3OEcPfP_QUYadi5GRo3kV2djzejbH1RwMgOgdjj-5p6eVM0PRQTgfQ8HLgbtu0DqlmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
321a4f95375e0f0d00843ae2d6776a5c4b0842ac75c3bd5715179f94e3409abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish, 1.1 varnish
age
1061207
edge-cache-tag
517532027200090195251566645927565029571,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
517532027200090195251566645927565029571,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
41
expiration
expiry-date="Fri, 01 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F316460d81a35fdf2d75ebbcfd35912d4.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__8bf38cb28c3df9414375502898afac8b__%7E%7EV1%7E%7E-5233577398151382768%7E%7EPTEM3maHXIFPh_bVKKRac3pDkYtzJSGOY0AnrRUZmg0ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayg1OuQB-SEIx9nBWKuamVJc6kcWuRdhnHn4fwgssPEVMJO4booznYSuD1mWqUqlt3OEcPfP_QUYadi5GRo3kV2djzejbH1RwMgOgdjj-5p6eVM0PRQTgfQ8HLgbtu0DqlmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%22%7D
content-length
10126
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 01 Mar 2022 15:27:22 GMT
server
nginx
x-timer
S1649787793.774278,VS0,VE1
etag
"ae8c37fdb9aa7b6f2e68cd08af8b8f8f"
x-served-by
cache-iad-kcgs7200103-IAD, cache-iad-kiad7000068-IAD, cache-chi-kigq8000117-CHI, cache-iad-kiad7000049-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F38e59dfd8a64f79a2c2495cc3be1ae2b.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F38e59dfd8a64f79a2c2495cc3be1ae2b.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__eeed66103f806deb0b6c0c02d21c0e3c__%7E%7EV1%7E%7E2356992837136852159%7E%7E9e7SHduactgFjECO25a0BUzSQuEJwt6Qc9bsowH8G-kndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqVJMgqFduKLk8EZ0XZ0ymiumclQpmmKmsMbgPkYvcBxPoL_HiKw-eFhYJ1gq99JK7v3O5aWyaKWFqq-nsm2xyeKCQSqJXFUl5MxfR6_oTijzb_6z5hBBmX4JNOQqTEWjPcCWrmcdwkZyWIISdiXNNCK1bRdWwF-LL0jq9xtEg2_2__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4300cbedd1584781c7f53272949fcbe9eef7490b9059e30b47e534333999caa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish, 1.1 varnish
age
1227861
edge-cache-tag
311106499237075090114121883070809696155,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
311106499237075090114121883070809696155,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
144
expiration
expiry-date="Sun, 03 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F38e59dfd8a64f79a2c2495cc3be1ae2b.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__eeed66103f806deb0b6c0c02d21c0e3c__%7E%7EV1%7E%7E2356992837136852159%7E%7E9e7SHduactgFjECO25a0BUzSQuEJwt6Qc9bsowH8G-kndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqVJMgqFduKLk8EZ0XZ0ymiumclQpmmKmsMbgPkYvcBxPoL_HiKw-eFhYJ1gq99JK7v3O5aWyaKWFqq-nsm2xyeKCQSqJXFUl5MxfR6_oTijzb_6z5hBBmX4JNOQqTEWjPcCWrmcdwkZyWIISdiXNNCK1bRdWwF-LL0jq9xtEg2_2__text%22%7D
content-length
13990
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 03 Mar 2022 13:25:51 GMT
server
nginx
x-timer
S1649787793.774340,VS0,VE1
etag
"ee555b1fb9d0ecdc15c7654a19d78ce1"
x-served-by
cache-iad-kjyo7100110-IAD, cache-iad-kcgs7200080-IAD, cache-chi-kigq8000037-CHI, cache-iad-kiad7000124-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fd82d3d98a95d960254c83c024145f8ee.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		21 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fd82d3d98a95d960254c83c024145f8ee.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__4172b4d85d852ae9e8b63fda68d0c3d7__%7E%7EV1%7E%7E-3960600915361530747%7E%7EVavxhZwa30FaDKcU_D-aHLY9kGj98pjxL7_HcAth1SBFiu7t5aMeQv_OvQ_xsFedK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWCfN_K5ZkoLtVqOivFPrla_-km2vvHi4PrhVcAFOctxHPFAGKdPhg4M36gaqGavQlSwnzmn1Lyn6I9vWVxNZNJHc5nrq03tbNfWiRXPWi4tbnIwyIPnm3-HYooPR4HIQ9D5gyIQq3l9oGD8tdVAtuddmUt5dQdKHDSD-IROEG5rKQ__photo%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4891921623a6a9c8eef53a44979d94d4b5f5f7fea071c16b72b74dc1c4d567db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish, 1.1 varnish
age
2378561
edge-cache-tag
507530685838062544966748057086488738646,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
507530685838062544966748057086488738646,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
99
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fd82d3d98a95d960254c83c024145f8ee.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__4172b4d85d852ae9e8b63fda68d0c3d7__%7E%7EV1%7E%7E-3960600915361530747%7E%7EVavxhZwa30FaDKcU_D-aHLY9kGj98pjxL7_HcAth1SBFiu7t5aMeQv_OvQ_xsFedK8Bm7FKD2NW1M1BCiW1-kuMDMqg65-jJbi04eURsbtqeHe1S9jo_X4timp5pCZhQ1qPnz8TIp56FGMwGW1REdGP6mCOrMydSrc5toiHgFWCfN_K5ZkoLtVqOivFPrla_-km2vvHi4PrhVcAFOctxHPFAGKdPhg4M36gaqGavQlSwnzmn1Lyn6I9vWVxNZNJHc5nrq03tbNfWiRXPWi4tbnIwyIPnm3-HYooPR4HIQ9D5gyIQq3l9oGD8tdVAtuddmUt5dQdKHDSD-IROEG5rKQ__photo%22%7D
content-length
21978
x-request-id
dec024e8707ae90e359851a3724c43cf
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Sat, 12 Mar 2022 20:01:22 GMT
server
nginx
x-timer
S1649787793.774383,VS0,VE1
etag
"b4104c4d19ad34b37f7cf55cacfa2006"
x-served-by
cache-wdc5577-WDC, cache-iad-kjyo7100172-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 3, 1
9405c60858323ac415c94a84d734492dee.jpg
zem.outbrainimg.com/p/srv/sha/7b/13/d4/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/7b/13/d4/9405c60858323ac415c94a84d734492dee.jpg?w=300&h=225&fit=crop&crop=center&fm=jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
e5621d5c619ba3cbf5ba1e8094e054408d347455e3c9f7596462d2bff77a0d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish
x-content-type-options
nosniff
fastly-restarts
1
age
735090
x-cache
MISS, HIT, MISS, HIT
x-imgix-id
375d4e850ba17e15c6a30e1fe223d649cd47f734
content-length
27135
x-served-by
cache-sjc10072-SJC, cache-sjc10079-SJC, cache-fra19140-FRA, cache-fra19128-FRA
last-modified
Mon, 04 Apr 2022 06:11:42 GMT
server
imgix
x-timer
S1649787793.782876,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
x-cache-hits
1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fec77c4bbebe045f3368c784d8d2afb4e.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fec77c4bbebe045f3368c784d8d2afb4e.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__ef212f0f64a3996e6f7514385092647e__%7E%7EV1%7E%7E651514380748400041%7E%7EzE51VhYxA1BAtmJ8x-dCimFQe0zjXEikeai3cETmspAndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqWtIgs-9fkmMFsGE49L5ROKmclQpmmKmsMbgPkYvcBxPoL_HiKw-eFhYJ1gq99JK7pBKiI9vFt9YgcxtbycDNvLpT3mi0WBimLjcYCdG6IqdpBszokCw9nGlSDN9NEO1uzDu07MI-Vh-HMpVI0CxSx0__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f1471643844af10bdfa9a90620fd5dd7252d0fe1189ca93f40b25d34a98160ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:12 GMT
via
1.1 varnish, 1.1 varnish
age
1916641
edge-cache-tag
519801902430894943529349221285060105238,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag
519801902430894943529349221285060105238,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
92
expiration
expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fec77c4bbebe045f3368c784d8d2afb4e.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_b60bf69e8fd3a7271a9a89a58d49a034_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__ef212f0f64a3996e6f7514385092647e__%7E%7EV1%7E%7E651514380748400041%7E%7EzE51VhYxA1BAtmJ8x-dCimFQe0zjXEikeai3cETmspAndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqWtIgs-9fkmMFsGE49L5ROKmclQpmmKmsMbgPkYvcBxPoL_HiKw-eFhYJ1gq99JK7pBKiI9vFt9YgcxtbycDNvLpT3mi0WBimLjcYCdG6IqdpBszokCw9nGlSDN9NEO1uzDu07MI-Vh-HMpVI0CxSx0__text%22%7D
content-length
15452
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Fri, 11 Mar 2022 07:51:46 GMT
server
nginx
x-timer
S1649787793.774493,VS0,VE1
etag
"49aac5ba41fd2ae40312f969d0c6b63e"
x-served-by
cache-iad-kjyo7100075-IAD, cache-iad-kcgs7200153-IAD, cache-sna10750-LGB, cache-iad-kiad7000027-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 1
/
assets.msn.com/service/community/urls/ 		6 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/urls/?cmsid=AAW6LZ4&market=en-us&version=1.1&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-135751EF468C6B243AC9406B473E6A3F
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e5c3dc9908ea58195ab0f37627dab43e82eb2e6e083622741717925270d2e28b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt48cf,muidflt51cf,muidflt258cf,muidflt314cf,bingcollabedge3cf,platagyhz1cf,platagyhz3cf,artgly3cf,artgly5cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,prg-1sw-brsageeei22,prg-1sw-prepwcomp3,prg-1sw-fi2c2,prg-1sw-prepw3,prg-1sw-ccurr,prg-1sw-newsflp,prg-1sw-gevte,prg-wpo-ampwhctrl,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,traffic-cam2-u,prg-1sw-camera-v2-1,prg-win-arg,prg-win-argsinj,prg-spr-tc-hist1,csmoney4cf,csmoney5cf,btrecenus,iframeflex,prg-adspeek,prg-magiccc,1s-br30min,prg-wpo-ifpc,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msncf,prg-hprewflyout-t,wf-sunny-first,weather10cf,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,routentpring2t,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-ski1,prg-1sw-newsskip,prg-1sw-nwrc,1s-fcrypt,prg-wtchbingvid,ads-lockerdome,prg-spr-catslot7,prg-spr-0324,prg-psovhighctl,prg-1sw-tsdrp,prg-1sw-brln,prg-1sw-lkdinnotr,prg-1sw-tsddwn,prg-1sw-splog,prg-contslct-t1a,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-ctr-pnpc,prg-1sw-accu10,prg-1sw-pr2fuz,prg-1sw-pr2fuzdf,prg-1sw-pr2fzdfe,prg-1sw-pr2tp,prg-1sw-pr2tpent,prg-1sw-rndw,prg-1sw-hdukr,prg-url-buildw,prg-sh-adp2,prg-sh-adp,prg-sh-synadpt,prg-sh-adcn,prg-sh-synadnc,prg-1sw-sp5mats,prg-1s1-cryptc,prg-1sw-akaxap,prg-1sw-pcfc,prg-1sw-rih-revamp3,prg-wea-skipauth,prg-1sw-acrlc,prg-1sw-multifc,prg-1sw-3dcrsl2
ddd-storeentrytimeutc
4/12/2022 6:23:12 PM
x-msedge-ref
Ref A: 72B8990D46DD4BC39193D0D363D47F19 Ref B: VIEEDGE1115 Ref C: 2022-04-12T18:23:12Z
ddd-strategyexecutionlatency
00:00:00.0001502
server-timing
5
ddd-servername
4EA2812779E2
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control
public, max-age=60
x-msedge-responseinfo
0
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency
0
x-as-suppresssetcookie
1
date
Tue, 12 Apr 2022 18:23:12 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
content-length
1390
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt48=muidflt48cf,muidflt51=muidflt51cf,muidflt258=muidflt258cf,muidflt314=muidflt314cf,bingcollabedge3=bingcollabedge3cf,platagyhz1=platagyhz1cf,platagyhz3=platagyhz3cf,artgly3=artgly3cf,artgly5=artgly5cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,sagenlep=prg-1sw-brsageeei22,wfeedsmuid3=prg-1sw-prepwcomp3,wfeedsmuid6=prg-1sw-ccurr,wfeedsmuid9=prg-1sw-newsflp,wfeedsmuid10=prg-1sw-gevte,wfeedsmuid12=prg-wpo-ampwhctrl,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid15=traffic-cam2-u,wfeedsmuid16=prg-win-arg,wfeedsmuidshop3=prg-spr-tc-hist1,csmoney4=csmoney4cf,csmoney5=csmoney5cf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,anaheimedgr18=prg-magiccc,2pgg=1s-br30min,anaheimedgads1=prg-wpo-ifpc,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msncf,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,weather10=weather10cf,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3c76=routentpring2t,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-ski1,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3jei=prg-wtchbingvid,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-catslot7,wfeedsmuidshop9=prg-spr-0324,wfeedsmuidwpo2=prg-psovhighctl,wfeedsmuidwpo5=prg-1sw-tsdrp,3l73=prg-1sw-splog,artglyrank2=prg-contslct-t1a,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3m3s=prg-ctr-pnpc,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2fuz,3mi0=prg-1sw-hdukr,3n10=prg-url-buildw,3nf7=prg-sh-adp2,3nv7=prg-sh-adcn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptc,3owg=prg-1sw-akaxap,3p16=prg-1sw-pcfc,3p3d=prg-1sw-rih-revamp3,3p54=prg-wea-skipauth,3pe0=prg-1sw-acrlc,3poj=prg-1sw-multifc,3pwy=prg-1sw-3dcrsl2
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
cec4b4ee-71cc-4c7a-ae94-662703e0f662
ddd-storeexecutionlatency
00:00:00.0001223
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
96c9c7fd
loader.js
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 7702 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN12&tp=msft_muid%3D135751EF468C6B243AC9406B473E6A3F!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3D9575a236a39a457e86ca3f8969170291!msft_year%3D!msft_asid%3D1649787791068|337430297010900540!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a4b2cf6785131aac799f2faf2bdacbf2990e1f25791fffd13585afa2e4bddef1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:12 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
aBLVLynt4VtpFbIXfhXgTw==
server-timing
5
content-length
980
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 07:31:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1B8D4F57AE93
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
24dd4c03-101e-0037-0991-4d888e000000
cache-control
public, max-age=86400
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
akamai-request-id
96c9c939
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 7702 		19 B
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58294,55953,55936,58292,58160,55829,55859,57926,55965,55939,58267,58280&referrer=www.msn.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN12&tp=msft_muid%3D135751EF468C6B243AC9406B473E6A3F!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3D9575a236a39a457e86ca3f8969170291!msft_year%3D!msft_asid%3D1649787791068|337430297010900540!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
cache-control
no-cache
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame 7702 		43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770909769&dcn=8a969126016f6fd3bd4cd46753560012&posi=986571&grp=%3F%3F%3F&nl=1649787792635&rts=1649787792365&pix=1&et=1&a=2cb7bdb8ac9d407ab1a7f62bbc45f04f&m=aXAtMTAtMjItMTAxLTkz&b=MTMwNzE7U0FNIFBhc3NiYWNrOz8_Pzs7OzthOTFkZTkzYjliM2Y0MjU2ODY0M2NmZmEwMGRjZGNmNjszMTU1OTk1NDsxNjQ5Nzg0NjUwOzswOzswOztwYXNzYmFjay05NDU5Ozsx&uid=y-eelZgmFE2uqM846aU76zj.8GY2jI%7EA&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&af=7&dety=5
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN12&tp=msft_muid%3D135751EF468C6B243AC9406B473E6A3F!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3D9575a236a39a457e86ca3f8969170291!msft_year%3D!msft_asid%3D1649787791068|337430297010900540!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.59.128.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-128-211.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Tue, 12 Apr 2022 15:05:40 GMT
server
nginx/1.20.1
accept-ranges
bytes
content-length
43
content-type
image/gif
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 7702 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN12&tp=msft_muid%3D135751EF468C6B243AC9406B473E6A3F!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3D9575a236a39a457e86ca3f8969170291!msft_year%3D!msft_asid%3D1649787791068|337430297010900540!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 14:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13908
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
16540
x-amz-id-2
BfEMre8KyqzndMSSUS4a1g+BtycD+kdDQkDiuVCdNTVTudYk9jmC58EzxZ4D4bnXbRrC52Aqj9Q=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Mar 2022 23:06:33 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
T267312KGNVGXDP1
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
ttj
ib.3lift.com/ Frame 8D1F 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/ttj?inv_code=MSN_Display_Desktop_News_300x250&tid=205162
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN11&tp=msft_muid%3D135751EF468C6B243AC9406B473E6A3F!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3D9575a236a39a457e86ca3f8969170291!msft_year%3D!msft_asid%3D1649787791933|335432037929985340!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-109.dus51.r.cloudfront.net
Software
/
Resource Hash
ccf6cb34de4fb62646f9b963e0d4cd0f5fa95a746a5da00b4e361005dfd18c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:07 GMT
via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
age
5
etag
"809b0fe0ac06f1a5165d6b2f7d529c9a2aa6f61c"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-P2
content-encoding
gzip
content-length
4367
x-amz-cf-id
u0pg8UcFx2t-c9gyHTm4QL5vSoDbcDQArIbjK4FLLTyhlYWCSAOXQw==
adEvent.do
prod-m-node-3113.ssp.advertising.com/admax/ Frame 8D1F 		43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.advertising.com/admax/adEvent.do?tidi=770909769&dcn=8a969126016f6fd3bd4cd46753560012&posi=980316&grp=%3F%3F%3F&nl=1649787792637&rts=1649787792365&pix=1&et=1&a=a14e804869824fe08aecce8075cf7f8b&m=aXAtMTAtMjItMTEwLTEzNQ..&p=MC4wMDI4NDI&b=MTM1Njk7MTUzMTE7Y2hhcm1hbnQuY29tOzs7O2QyM2Y4MGVhYjI5MTQ0NTk4NzIwNWJjNWU1OGE2MDdjOzMxNTQ0NDY4OzE2NDk3ODQ2NTA7OzAuMDAyODQyOzswOzszNjkwXzE1MzExXzEwNTY1ODY2OzJlNDZhN2Y3YzI2OTg0ZjA0NzVmYmQ2YzBkZmRkNTM2Y2UyNGM1ZTU7MQ..&uid=y-eelZgmFE2uqM846aU76zj.8GY2jI%7EA&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&af=9&dety=2
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN11&tp=msft_muid%3D135751EF468C6B243AC9406B473E6A3F!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3D9575a236a39a457e86ca3f8969170291!msft_year%3D!msft_asid%3D1649787791933|335432037929985340!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.141.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-141-195.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
last-modified
Tue, 12 Apr 2022 15:05:40 GMT
server
nginx/1.20.1
accept-ranges
bytes
content-length
43
content-type
image/gif
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 8D1F 		19 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58294,55953,58292,58160,55829,55859,57926,55939,58267,58382,58280,58222&referrer=www.msn.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN11&tp=msft_muid%3D135751EF468C6B243AC9406B473E6A3F!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3D9575a236a39a457e86ca3f8969170291!msft_year%3D!msft_asid%3D1649787791933|335432037929985340!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
cache-control
no-cache
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
talon-1.0.40.js
cdn.js7k.com/ix/ Frame 8D1F 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN11&tp=msft_muid%3D135751EF468C6B243AC9406B473E6A3F!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3D9575a236a39a457e86ca3f8969170291!msft_year%3D!msft_asid%3D1649787791933|335432037929985340!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 14:31:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13908
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
16540
x-amz-id-2
BfEMre8KyqzndMSSUS4a1g+BtycD+kdDQkDiuVCdNTVTudYk9jmC58EzxZ4D4bnXbRrC52Aqj9Q=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Mar 2022 23:06:33 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
T267312KGNVGXDP1
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
notify
tlx.3lift.com/s2s/ Frame 8D1F 		37 B
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tlx.3lift.com/s2s/notify?px=1&pr=2.842&ts=1649787792&aid=2650730286843079589070&ec=3690_15311_10565866&n=GgDyAuIBCAASFjI2NTA3MzAyODY4NDMwNzk1ODkwNzAYACABKOocMM93OO%2B2AkABSABQAGAKaABwlekikAEAmAEAqAEAsAGcHbgBiQXAAZoWyAGcHeABkwXwAerCDPgBnB2AApoWiAKTBZECAAAAAAAA8D%2BZArgehetRuM4%2FoQIAAAAAAADwP6gCALACAMgCBNgCAOgC77YC8QJmZmZmZmbmP%2FgC4TiAA6wCiAPYBJADAJgDAKADALgDgOVtwAMAyAMA0gMIMTA1NjU4NjbgA%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwHpAwAAAAAAAAAA8AOcHfgCHogDAJIDBDM5OTWYAwCgA4rXBagDAA%3D%3D
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.202.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-202-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
expires
Thu, 15 Oct 1992 20:10:00 GMT
pe
eb2.3lift.com/ Frame 8D1F 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/pe?fid=10&peid=0&aid=2650730286843079589070
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
v0.3.js
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 7702 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19094766
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
32e8e8dbe67db7d8317c4a05c0d5d9874994cda6e0778808130f45d42193690b

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:12 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
z8Jjf5/rd/eZ9trCtaDFyg==
server-timing
5
content-length
2092
x-ms-lease-status
unlocked
last-modified
Mon, 11 Apr 2022 13:26:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA1BBED9818E62
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
a69b45af-801e-0093-35ee-4de536000000
cache-control
public, max-age=86400
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
96c9c9d8
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1003 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1649787792840&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.e2e3aad9bbc39d7b2314.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.178.26 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a24af2d564d1be101f59f2cbee40b18cb38c5274fcd4c32d285542072742b52e

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Apr 2022 18:23:12 GMT
Server
Microsoft-HTTPAPI/2.0
time-delta-millis
61
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
banner.css
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 7702 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/samsweeper/banner.css?v=19094766
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19094766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
83b46925b25c211de53c1a88ffba5d51982d3a60f36c129a7ec38d1b400b22a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:12 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
g0Qf/KmXtQmVnbpqUM24zw==
server-timing
5
content-length
656
x-ms-lease-status
unlocked
last-modified
Fri, 08 Apr 2022 20:55:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA19A22E8C42F8
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
2952c459-701e-0045-04b8-4bb838000000
cache-control
public, max-age=86400
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
akamai-request-id
96c9ca3b
darkModeBanner.css
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 7702 		679 B
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/samsweeper/darkModeBanner.css?v=19094766
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19094766
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7784b03179b61638d0ba91b33f2dfa2a84b6d4af016942e80ac0a469a61b1825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 12 Apr 2022 18:23:12 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
HvnL4/tdYHBxpdrLF3XG4A==
server-timing
5
content-length
304
x-ms-lease-status
unlocked
last-modified
Thu, 07 Apr 2022 06:33:35 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA18608AEBA2EF
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
149e3b3d-601e-0086-19da-4a4fbf000000
cache-control
public, max-age=86400
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
akamai-request-id
96c9ca44
auction
srtb.msn.com/ Frame 7702 		12 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19094766
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
41752dedced7d1a4150031d4aec78e231800dd35b65bba0a519da552bc192d4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/html
Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 80E596DF9D8C44B1A1D7BE8F641AAD75 Ref B: FRAEDGE1511 Ref C: 2022-04-12T18:23:12Z
vary
Origin,Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
server-timing
total;dur=255
timing-allow-origin
https://www.msn.com
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.msn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-origin
https://www.msn.com
access-control-max-age
86400
content-length
0
date
Tue, 12 Apr 2022 18:23:12 GMT
vary
Origin
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: BC97F7A8ABB4410DB7FFCB2E2FFC279F Ref B: FRAEDGE1511 Ref C: 2022-04-12T18:23:12Z
bundle.js
ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/ Frame 8D1F 		254 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/ttj?inv_code=MSN_Display_Desktop_News_300x250&tid=205162
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-109.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
71694d8ed80c586236db505697b3e29535c6bcefbb7b1ce3880e5c4bd5349227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 22:31:34 GMT
content-encoding
gzip
last-modified
Wed, 06 Apr 2022 22:31:18 GMT
server
AmazonS3
age
503500
etag
"14ff31543d853139c5782ead225ac441"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
cache-control
max-age=31536000, immutable
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
82572
x-amz-cf-id
igcarIpX2r-X3_QpMM2b1s0Mq1dsqt8AsYKnRw-WBxNgxDkOcj_62g==
r
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/r?inv_code=MSN_Display_Desktop_News_300x250&aid=2650730286843079589070&rev=11f0e47&pr=un&bc=3.74&bmid=3690&biid=7265&sid=15311&did=39791&brid=570517&adid=10565866&crid=-1&ts=1649787792&bcud=3740&ss=30&caid=0&unid=0&domain=www.msn.com&ref=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Ftechnology%252Fqbot-malware-found-smuggled-inside-windows-installer-packages%252Far-AAW83WP%253Focid%253Diehp%2526li%253DBBnb7Kz&rr=creative&fid=10&rb=0&g=0&cb=89061
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
truncated
/ Frame E2AB 		26 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type
image/gif
OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 8D1F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-109.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Sun, 10 Apr 2022 03:36:58 GMT
via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:36 GMT
server
AmazonS3
age
225975
etag
"ddf020e069f1706b72b7698b28fede09"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
3125
x-amz-cf-id
OJW4_ezUFoZHupDkCnhsYdHAPpZ-HmAMyKWav6GS6fqH06eWNcuU_g==
OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 8D1F 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-109.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 08 Apr 2022 17:38:29 GMT
via
1.1 374989d04bb9f7efef831637d8f4b234.cloudfront.net (CloudFront)
last-modified
Thu, 05 Aug 2021 17:23:31 GMT
server
AmazonS3
age
348284
etag
"7ceab27af00fa466072a3c3360041755"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800,s-maxage=604800,public
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-length
3518
x-amz-cf-id
Zbsb_CIcEaovcVlhjulWP5GRHYTdr4EBY0bR2hDhN3X5bbEQmqw4tA==
ctar
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ctar?inv_code=MSN_Display_Desktop_News_300x250&aid=2650730286843079589070&rev=11f0e47&cta_render_method=1&cta_render_text=&cb=52036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
js
tags.mathtag.com/notify/ Frame F01B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTW1SallqQmhNMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMjI5OTQ3Mjg3MzE3NTc0MjUvMTA1NjU4NjYvMTEzMjAwMTUvNjIvLVg5UWtlZ1NjTTR4U21sV1Rla3otSmk3ZFFqcDQtLVNEUTJHZTIzeGhSay8yLzQ0OTgxMi8wLzAvMTg1NDM4My8zMTE3NzgzOTczLzIzMTkzOS8xMTI5NTc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvNDQ5ODEyLzAvMC81MTIyOTk0NzI4NzMxNzU3NDI1L2Ftcy8wLzM3MDAvMzgvOTk5LzMyMi8xODUuMjEzLjE1NS4wLzAuMDAwLzE2NDk3ODc3OTIvMTY0OTgwMDM5Mi82Mi8xMDA0NC8/T3NSp-nEMaI73HC0QmknJdxaa1E&nodeid=522&group=cdg&auctionid=5122994728731757425&shardkey=5122994728731757425&sid=11320015&cid=10565866&price=3.74&bp=d_heaaaa&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.96
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.307.0 /
Resource Hash
6f9191ab4d0f314b9f6e78e33a88a1b1d8c28c2d64baa1ef40327333f71ba70d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:13 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1649787792
Last-Modified
Tue, 12 Apr 2022 18:23:12 GMT
Server
MMBD/3.307.0
x-mm-latency
145 (2)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
pao-router-x32, cdg-bidder-x62
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Tue, 12 Apr 2022 18:23:12 GMT
dyn
eb2.3lift.com/ Frame F01B 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/dyn?long1=30&long2=124356&string1=3.74
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
aop
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/aop?inv_code=MSN_Display_Desktop_News_300x250&aid=2650730286843079589070&rev=11f0e47&pr=un&bc=3.74&bmid=3690&biid=7265&sid=15311&did=39791&brid=570517&adid=10565866&crid=-1&ts=1649787792&bcud=3740&ss=30&caid=0&unid=0&domain=www.msn.com&ref=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Ftechnology%252Fqbot-malware-found-smuggled-inside-windows-installer-packages%252Far-AAW83WP%253Focid%253Diehp%2526li%253DBBnb7Kz&rr=creative&fid=10&rb=0&g=0&cb=55468
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
eb2.3lift.com/ Frame ED93
Redirect Chain
  • https://eb2.3lift.com/sync?max=10&cb=48073
  • https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/rev/11f0e47a011a99e3dfda4319527b7a1b775cf7dd/dist/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
88d8433db199b6a89bd135593e9201b1cca74d82e3b0709b39eed8805185f494

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
461
content-type
text/html; charset=utf-8
date
Tue, 12 Apr 2022 18:23:12 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 12 Apr 2022 18:23:12 GMT
location
/sync?max=10&cb=48073&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ev1
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev1?inv_code=MSN_Display_Desktop_News_300x250&aid=2650730286843079589070&rev=11f0e47&pr=2.842&bc=3.74&bmid=3690&biid=7265&sid=15311&did=39791&brid=570517&adid=10565866&crid=-1&ts=1649787792&bcud=3740&ss=30&caid=0&unid=0&cepos=0&ceid=0&cb=49067
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame ED93 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:13 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame ED93
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=1&cmp_cs=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxMzMwOTk3MDI5ODQ0NDQ0NjA2NA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxMzMwOTk3MDI5ODQ0NDQ0NjA2NA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxMzMwOTk3MDI5ODQ0NDQ0NjA2NA%3D%3D
date
Tue, 12 Apr 2022 18:23:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame ED93 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ED93
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxMzMwOTk3MDI5ODQ0NDQ0NjA2NA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxMzMwOTk3MDI5ODQ0NDQ0NjA2NA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Protocol
H2
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjYxMzMwOTk3MDI5ODQ0NDQ0NjA2NA%3D%3D
date
Tue, 12 Apr 2022 18:23:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame ED93 		0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2613309970298444446064&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:12 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 604B8985C1DA4582BB91002D75A5F528 Ref B: FRAEDGE0919 Ref C: 2022-04-12T18:23:13Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXceSdcQ3MHillCdWIyKw==
xuid
eb2.3lift.com/ Frame ED93
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2613309970298444446064?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-.dYp52BE2oQXDEM6_O.dvvol3Z4.9Zb6muePrMXHXg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.dYp52BE2oQXDEM6_O.dvvol3Z4.9Zb6muePrMXHXg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 12 Apr 2022 18:23:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-.dYp52BE2oQXDEM6_O.dvvol3Z4.9Zb6muePrMXHXg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
sync
x.bidswitch.net/ Frame ED93 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=2613309970298444446064&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.122.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-122-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame ED93 		42 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2613309970298444446064&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:12 GMT
etag
"8120eaf0ff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7B8D179CA65E4615A396A7DCCA74B5C5 Ref B: FRAEDGE1417 Ref C: 2022-04-12T18:23:13Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame ED93
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=2613309970298444446064
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2613309970298444446064&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2613309970298444446064&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KN4MS6JDEQ62VPF8M8E4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=2613309970298444446064&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame ED93
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&cb=48073&ld=1
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:13 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe04e221c360a1b00f080eb7f46b8dce3.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_100%2Cw_200%2Cc_fill%2Cg_xy_center%2Cx_448%2Cy_335/ Frame 7702 		5 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_100%2Cw_200%2Cc_fill%2Cg_xy_center%2Cx_448%2Cy_335/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe04e221c360a1b00f080eb7f46b8dce3.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_5de2d2ed89904ab37e14d2835866eb64_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__d9e4ff90aa1f6273928b2f929c522230__%7E%7EV1%7E%7E7950641115060931156%7E%7EzE51VhYxA1BAtmJ8x-dCimFQe0zjXEikeai3cETmspAndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqbNNFf_V9Va2UeX6jiHwpRimclQpmmKmsMbgPkYvcBxPoL_HiKw-eFhYJ1gq99JK7pBKiI9vFt9YgcxtbycDNvLpT3mi0WBimLjcYCdG6IqdpBszokCw9nGlSDN9NEO1uzDu07MI-Vh-HMpVI0CxSx0__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
98f35fe845b73ef74978f56e5de5d230ff8a99e7cd9fb6d9837416a95661eada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:13 GMT
via
1.1 varnish, 1.1 varnish
age
1848108
edge-cache-tag
502264297056096537806687822068137533599,381144328050290946225677379125231696347,29ecf9b93bbf306179626feeda1fab70
cache-tag
502264297056096537806687822068137533599,381144328050290946225677379125231696347,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
131
expiration
expiry-date="Sat, 26 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_100%2Cw_200%2Cc_fill%2Cg_xy_center%2Cx_448%2Cy_335/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fe04e221c360a1b00f080eb7f46b8dce3.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_5de2d2ed89904ab37e14d2835866eb64_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__d9e4ff90aa1f6273928b2f929c522230__%7E%7EV1%7E%7E7950641115060931156%7E%7EzE51VhYxA1BAtmJ8x-dCimFQe0zjXEikeai3cETmspAndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqbNNFf_V9Va2UeX6jiHwpRimclQpmmKmsMbgPkYvcBxPoL_HiKw-eFhYJ1gq99JK7pBKiI9vFt9YgcxtbycDNvLpT3mi0WBimLjcYCdG6IqdpBszokCw9nGlSDN9NEO1uzDu07MI-Vh-HMpVI0CxSx0__text%22%7D
content-length
5144
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Wed, 23 Feb 2022 20:04:21 GMT
server
nginx
x-timer
S1649787793.214765,VS0,VE1
etag
"05529403c66991015cc910473afb8ae5"
x-served-by
cache-iad-kcgs7200176-IAD, cache-iad-kiad7000145-IAD, cache-chi-kigq8000035-CHI, cache-iad-kcgs7200063-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F89fb3dfdce3e3925e5e8068ccbd352be.jpg
images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame 7702 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.archive-digger.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F89fb3dfdce3e3925e5e8068ccbd352be.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_5de2d2ed89904ab37e14d2835866eb64_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__d9e4ff90aa1f6273928b2f929c522230__%7E%7EV1%7E%7E5078434609489484692%7E%7EwMIPvMSuMI0CnaBHc7UWhdZlrNgwENkoAFk0lXt200zTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKbE1LRMnjRxz8x3PxWJqu-h_SgzycfM6-ZkrPrVT0wc_O6da-AaCOxPRSxmF3Vc4kqpFUa8E18FDINm-RHE31B1IBa_M5-00YVuLs4oT6JQIzXkLYQpDhD1GE0-Ic9zbGpHO0hwg_yUSv-uTK8dMie__text%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e8b6aff366364caf571ead909ce286cf6c8a19c524deb23d506a1b2133f88d33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 12 Apr 2022 18:23:13 GMT
via
1.1 varnish, 1.1 varnish
age
650230
edge-cache-tag
354375620429647240527204776344373062783,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
cache-tag
354375620429647240527204776344373062783,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
66
expiration
expiry-date="Fri, 15 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F89fb3dfdce3e3925e5e8068ccbd352be.jpg?taboola_event_details=%7B%22publisher%22%3A%22msn-msn%22%2C%22actionType%22%3A%22visible%22%2C%22appType%22%3A%22bidder%22%2C%22apiKey%22%3A%2269629143827c91b118c7e0dc9f2a4eb0059feae9%22%2C%22session%22%3A%22v2_5de2d2ed89904ab37e14d2835866eb64_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA%22%2C%22responseId%22%3A%22__9bea4956764397c3bd8ca17776951238__d9e4ff90aa1f6273928b2f929c522230__%7E%7EV1%7E%7E5078434609489484692%7E%7EwMIPvMSuMI0CnaBHc7UWhdZlrNgwENkoAFk0lXt200zTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKbE1LRMnjRxz8x3PxWJqu-h_SgzycfM6-ZkrPrVT0wc_O6da-AaCOxPRSxmF3Vc4kqpFUa8E18FDINm-RHE31B1IBa_M5-00YVuLs4oT6JQIzXkLYQpDhD1GE0-Ic9zbGpHO0hwg_yUSv-uTK8dMie__text%22%7D
content-length
4838
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Tue, 15 Mar 2022 01:12:22 GMT
server
nginx
x-timer
S1649787793.215353,VS0,VE1
etag
"5a32ba2d54f9896c12d93bc0e452544b"
x-served-by
cache-iad-kjyo7100121-IAD, cache-iad-kiad7000141-IAD, cache-bur-kbur8200043-BUR, cache-iad-kjyo7100134-IAD, cache-hhn4081-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 1, 1
recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ Frame 7702 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__9bea4956764397c3bd8ca17776951238__d9e4ff90aa1f6273928b2f929c522230__%7E%7EV1%7E%7E7950641115060931156%7E%7EzE51VhYxA1BAtmJ8x-dCimFQe0zjXEikeai3cETmspAndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqbNNFf_V9Va2UeX6jiHwpRimclQpmmKmsMbgPkYvcBxPoL_HiKw-eFhYJ1gq99JK7pBKiI9vFt9YgcxtbycDNvLpT3mi0WBimLjcYCdG6IqdpBszokCw9nGlSDN9NEO1uzDu07MI-Vh-HMpVI0CxSx0%2C%7E%7EV1%7E%7E5078434609489484692%7E%7EwMIPvMSuMI0CnaBHc7UWhdZlrNgwENkoAFk0lXt200zTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKbE1LRMnjRxz8x3PxWJqu-h_SgzycfM6-ZkrPrVT0wc_O6da-AaCOxPRSxmF3Vc4kqpFUa8E18FDINm-RHE31B1IBa_M5-00YVuLs4oT6JQIzXkLYQpDhD1GE0-Ic9zbGpHO0hwg_yUSv-uTK8dMie__text%2Ctext&response.session=v2_5de2d2ed89904ab37e14d2835866eb64_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA&view.external-id=9575a236a39a457e86ca3f8969170291&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:13 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787793.215735,VS0,VE8
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ Frame 7702 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=9575a236a39a457e86ca3f8969170291&r=swbanner&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=df9902f4-7386-455a-979f-b537d9e774e4&ii=1&c=9213275281389393022;8570641891761389170
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 39E4B2D858384D8EA98DCBA0B6A77656 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:13Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-visible
am-api.taboola.com/2.0/json/msn-msn/ Frame 7702 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-visible?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__9bea4956764397c3bd8ca17776951238__d9e4ff90aa1f6273928b2f929c522230__%7E%7EV1%7E%7E7950641115060931156%7E%7EzE51VhYxA1BAtmJ8x-dCimFQe0zjXEikeai3cETmspAndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcWANN93_dhGoNVU93HODOAawecwlYupV-ADLiqSJCBxnkF2brjDLkjXtE0mWjyPKoFnFXeb-uloOOUnZR6JMi7sTg-_9RYbLFsJaIWAlQOQF_gvlxY87Ht_lGSB2wP8FqbNNFf_V9Va2UeX6jiHwpRimclQpmmKmsMbgPkYvcBxPoL_HiKw-eFhYJ1gq99JK7pBKiI9vFt9YgcxtbycDNvLpT3mi0WBimLjcYCdG6IqdpBszokCw9nGlSDN9NEO1uzDu07MI-Vh-HMpVI0CxSx0%2C%7E%7EV1%7E%7E5078434609489484692%7E%7EwMIPvMSuMI0CnaBHc7UWhdZlrNgwENkoAFk0lXt200zTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKbE1LRMnjRxz8x3PxWJqu-h_SgzycfM6-ZkrPrVT0wc_O6da-AaCOxPRSxmF3Vc4kqpFUa8E18FDINm-RHE31B1IBa_M5-00YVuLs4oT6JQIzXkLYQpDhD1GE0-Ic9zbGpHO0hwg_yUSv-uTK8dMie__text%2Ctext&response.session=v2_5de2d2ed89904ab37e14d2835866eb64_135751EF468C6B243AC9406B473E6A3F_1649787792_1649787792_CNawjgYQrrs-GOKzg5PJrdOdhAEgASgFMDg4m-MJQIiKEEiQtNkDUKLsEFgAYABog9iVzefy9Na1AXAA&view.external-id=9575a236a39a457e86ca3f8969170291&ppb=CIEB&viperAppType=SCONMSFT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Tue, 12 Apr 2022 18:23:13 GMT
via
1.1 varnish
server
nginx
x-timer
S1649787793.215784,VS0,VE9
x-served-by
cache-hhn4076-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
viewed
srtb.msn.com/notify/ Frame 7702 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/viewed?rid=9575a236a39a457e86ca3f8969170291&r=swbanner&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=df9902f4-7386-455a-979f-b537d9e774e4&ii=1&c=9213275281389393022;8570641891761389170
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3F38B0C866814CD5A2F470FC0060E850 Ref B: FRAEDGE1313 Ref C: 2022-04-12T18:23:13Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
outbrain.js
widgets.outbrain.com/ 		197 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/external/publishers/msn/MSNOBVideo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
787ff273f1b8973a3e28cf403649b6e676c5babf4dc8f6b896b265e4cb44f5b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:13 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 16:57:26 GMT
etag
"15-cmxDWequUvmFV6Zg6DnupksR7Eg"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
913e23978e662a1ea947f7ec2e757578
timing-allow-origin
*, *
content-length
69500
d3d3Lm1zbi5jb20=
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3Lm1zbi5jb20=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:13 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=36233
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
c194377d12be775312e7f21c26ad610e
Content-Length
16
Expires
Wed, 13 Apr 2022 04:27:06 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-85.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:13 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Thu, 12 May 2022 18:23:13 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame F01B 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTW1SallqQmhNMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMjI5OTQ3Mjg3MzE3NTc0MjUvMTA1NjU4NjYvMTEzMjAwMTUvNjIvLVg5UWtlZ1NjTTR4U21sV1Rla3otSmk3ZFFqcDQtLVNEUTJHZTIzeGhSay8yLzQ0OTgxMi8wLzAvMTg1NDM4My8zMTE3NzgzOTczLzIzMTkzOS8xMTI5NTc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvNDQ5ODEyLzAvMC81MTIyOTk0NzI4NzMxNzU3NDI1L2Ftcy8wLzM3MDAvMzgvOTk5LzMyMi8xODUuMjEzLjE1NS4wLzAuMDAwLzE2NDk3ODc3OTIvMTY0OTgwMDM5Mi82Mi8xMDA0NC8/T3NSp-nEMaI73HC0QmknJdxaa1E&nodeid=522&group=cdg&auctionid=5122994728731757425&shardkey=5122994728731757425&sid=11320015&cid=10565866&price=3.74&bp=d_heaaaa&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.96
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db29f338bf08cf2034d116c07c4832086b9cf8f4f3a4f0f5e22a9bbe33dc73c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:13:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9366
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 13:53:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 12 Apr 2022 19:13:00 GMT
ck-confirm
tags.mathtag.com/ Frame F01B 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=5122994728731757425&node_id=522&exch_id=62
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTW1SallqQmhNMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMjI5OTQ3Mjg3MzE3NTc0MjUvMTA1NjU4NjYvMTEzMjAwMTUvNjIvLVg5UWtlZ1NjTTR4U21sV1Rla3otSmk3ZFFqcDQtLVNEUTJHZTIzeGhSay8yLzQ0OTgxMi8wLzAvMTg1NDM4My8zMTE3NzgzOTczLzIzMTkzOS8xMTI5NTc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvNDQ5ODEyLzAvMC81MTIyOTk0NzI4NzMxNzU3NDI1L2Ftcy8wLzM3MDAvMzgvOTk5LzMyMi8xODUuMjEzLjE1NS4wLzAuMDAwLzE2NDk3ODc3OTIvMTY0OTgwMDM5Mi82Mi8xMDA0NC8/T3NSp-nEMaI73HC0QmknJdxaa1E&nodeid=522&group=cdg&auctionid=5122994728731757425&shardkey=5122994728731757425&sid=11320015&cid=10565866&price=3.74&bp=d_heaaaa&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.96
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.307.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:14 GMT
Server
MMBD/3.307.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x92, cdg-bidder-x62
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 12 Apr 2022 18:23:13 GMT
img
pixel.mathtag.com/event/ Frame F01B 		43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=62&v2=5122994728731757425&v3=1129574&v4=11320015&v5=10565866&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTW1SallqQmhNMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMjI5OTQ3Mjg3MzE3NTc0MjUvMTA1NjU4NjYvMTEzMjAwMTUvNjIvLVg5UWtlZ1NjTTR4U21sV1Rla3otSmk3ZFFqcDQtLVNEUTJHZTIzeGhSay8yLzQ0OTgxMi8wLzAvMTg1NDM4My8zMTE3NzgzOTczLzIzMTkzOS8xMTI5NTc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvNDQ5ODEyLzAvMC81MTIyOTk0NzI4NzMxNzU3NDI1L2Ftcy8wLzM3MDAvMzgvOTk5LzMyMi8xODUuMjEzLjE1NS4wLzAuMDAwLzE2NDk3ODc3OTIvMTY0OTgwMDM5Mi82Mi8xMDA0NC8/T3NSp-nEMaI73HC0QmknJdxaa1E&nodeid=522&group=cdg&auctionid=5122994728731757425&shardkey=5122994728731757425&sid=11320015&cid=10565866&price=3.74&bp=d_heaaaa&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.96
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.228.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-228-210.deploy.static.akamaitechnologies.com
Software
MT3 4335 2c68c00 master cdg-pixel-x29 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:14 GMT
Server
MT3 4335 2c68c00 master cdg-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 12 Apr 2022 18:23:13 GMT
img
tags.mathtag.com/event/ Frame F01B 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=ss6&bid=5122994728731757425&st=11320015&time=1649787793&nodeid=522
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=gor&s_exch=ss6&id=5aW95q2jLzIzLyAvTW1SallqQmhNMkl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMjI5OTQ3Mjg3MzE3NTc0MjUvMTA1NjU4NjYvMTEzMjAwMTUvNjIvLVg5UWtlZ1NjTTR4U21sV1Rla3otSmk3ZFFqcDQtLVNEUTJHZTIzeGhSay8yLzQ0OTgxMi8wLzAvMTg1NDM4My8zMTE3NzgzOTczLzIzMTkzOS8xMTI5NTc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvNDQ5ODEyLzAvMC81MTIyOTk0NzI4NzMxNzU3NDI1L2Ftcy8wLzM3MDAvMzgvOTk5LzMyMi8xODUuMjEzLjE1NS4wLzAuMDAwLzE2NDk3ODc3OTIvMTY0OTgwMDM5Mi82Mi8xMDA0NC8/T3NSp-nEMaI73HC0QmknJdxaa1E&nodeid=522&group=cdg&auctionid=5122994728731757425&shardkey=5122994728731757425&sid=11320015&cid=10565866&price=3.74&bp=d_heaaaa&nfy_act=LD5wfnw&type=adm&client=c2s&bfip=185.29.132.96
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
74.121.143.241 , United States, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.307.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date
Tue, 12 Apr 2022 18:23:14 GMT
Server
MMBD/3.307.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
pao-router-x45, cdg-bidder-x62
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 12 Apr 2022 18:23:13 GMT
ev
eb2.3lift.com/ 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ev?inv_code=MSN_Display_Desktop_News_300x250&aid=2650730286843079589070&rev=11f0e47&pr=2.842&bc=3.74&bmid=3690&biid=7265&sid=15311&did=39791&brid=570517&adid=10565866&crid=-1&ts=1649787792&bcud=3740&ss=30&caid=0&unid=0&cepos=0&ceid=0&cb=25811
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
impl_v85.js
www.googletagservices.com/dcm/ Frame F01B 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 11 Apr 2022 08:13:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
123013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 11 Apr 2023 08:13:01 GMT
domains
api.viglink.com/api/ 		42 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.25.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-25-105.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
39d8a7ac6d104bb13f647dff19ce04e88e07832a0031634f03a8035fb01c273b

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:13 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT
B27470340.331517556;dc_ver=85.250;dc_eid=40004000;sz=300x600;u_sd=1;nel=1;dc_adk=2018517514;ord=dxybdm;click=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D2650730286843079589070%26mt_a...
ad.doubleclick.net/ddm/adj/N1477538.4455534HAVASPROGRAMMATI/ Frame F01B 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1477538.4455534HAVASPROGRAMMATI/B27470340.331517556;dc_ver=85.250;dc_eid=40004000;sz=300x600;u_sd=1;nel=1;dc_adk=2018517514;ord=dxybdm;click=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D2650730286843079589070%26mt_aid%3D5122994728731757425%26mt_id%3D10565866%26mt_adid%3D231939%26mt_sid%3D11320015%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D070d6255-c391-4701-9fd0-a58133bec9b6%26mt_cid%3D070d6255-c391-4701-9fd0-a58133bec9b6%26redirect%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz$0;xdt=0;crlt=G0d)5d'NOE;sttr=107;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f134.1e100.net
Software
cafe /
Resource Hash
91a5f2438a6986845b1f63bc4255f7de2402678d84301f47c45585b0779b24ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26165
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
odb.outbrain.com/utils/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz&idx=0&rand=24574&key=NANOWDGT01&widgetJSId=VID_10&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&extid=9575A236A39A457E86CA3F8969170291&px=806&py=3237&vpd=2037&cw=612&activeTab=true&darkMode=false&settings=true&recs=true&version=2000674&sig=sbMa4fGt&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d271d56c58f451c688ab44d9cf1267ef81deaa84d59385b1ee0a710d3545e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:14 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1649787794.275978,VS0,VE106
accept-ranges
bytes
x-served-by
cache-lga21929-LGA, cache-fra19162-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
9e96bb66d0c7d0240f83b63a5da8bf25
content-encoding
gzip
content-length
1192
expires
Thu, 01 Jan 1970 00:00:00 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame F01B 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 09:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Apr 2022 09:31:06 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/ Frame F01B 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220406/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1477538.4455534HAVASPROGRAMMATI/B27470340.331517556;dc_ver=85.250;dc_eid=40004000;sz=300x600;u_sd=1;nel=1;dc_adk=2018517514;ord=dxybdm;click=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3D2650730286843079589070%26mt_aid%3D5122994728731757425%26mt_id%3D10565866%26mt_adid%3D231939%26mt_sid%3D11320015%26mt_exid%3D62%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D070d6255-c391-4701-9fd0-a58133bec9b6%26mt_cid%3D070d6255-c391-4701-9fd0-a58133bec9b6%26redirect%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Ftechnology%2Fqbot-malware-found-smuggled-inside-windows-installer-packages%2Far-AAW83WP%3Focid%3Diehp%26li%3DBBnb7Kz$0;xdt=0;crlt=G0d)5d'NOE;sttr=107;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Apr 2022 18:22:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F01B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 11:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23772
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Apr 2023 11:47:02 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=83e9193faf2ad5f6fa599c3913907544_6478_1649787794337&tm=455&eT=0&widgetWidth=612&widgetHeight=304&widgetX=806&widgetY=3238&wRV=2000674&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=148&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 12 Apr 2022 18:23:14 GMT
content-encoding
gzip
X-TraceId
b85ce81a71238bd4d336679ac9a9e8a5
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FA7A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
23772
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 12 Apr 2022 11:47:02 GMT
expires
Wed, 12 Apr 2023 11:47:02 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F01B 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 18:23:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36908
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649677559247379"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 12 Apr 2022 18:23:14 GMT
index.html
s0.2mdn.net/sadbundle/18221727850899315298/ Frame E224 		72 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/18221727850899315298/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84afd59e8d80dda77178a87b2f5e59f53dad85da4c097787f64d96467514e241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
97200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
18917
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Apr 2022 15:23:14 GMT
expires
Tue, 11 Apr 2023 15:23:14 GMT
last-modified
Fri, 01 Apr 2022 11:55:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F01B 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss98_3Ka6Egs9FvH_i9TxZ099c0WusuzMXKNs1o2dk48vaDcBEmtBuSnrwAcxjJflibEjOvdXnASjIGn4fv2kj80MXF8Yedzy0brQf8e4929I1PvFEFXYA0a77_Szhb_Qt98IZE9DHzw0SzC4Y&sig=Cg0ArKJSzOyoGpQGHWlyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=190&cbvp=1&cstd=186&cisv=r20220406.43126&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js
pagead2.googlesyndication.com/bg/ Frame FA7A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UUQTj9cPGsMVMqvEOxLdokHV79mACYo3jc0rpEwmHZs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 13:49:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
16415
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13701
x-xss-protection
0
last-modified
Mon, 04 Apr 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Apr 2023 13:49:39 GMT
DcmEnabler_01_248.js
s0.2mdn.net/879366/ Frame E224 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/18221727850899315298/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a37afa4795c0cede82ad0f73f60eafee5e13f6fb3d42a739354d9280966fe434
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18221727850899315298/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 16:39:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11026
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Apr 2022 16:39:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F01B 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss98_3Ka6Egs9FvH_i9TxZ099c0WusuzMXKNs1o2dk48vaDcBEmtBuSnrwAcxjJflibEjOvdXnASjIGn4fv2kj80MXF8Yedzy0brQf8e4929I1PvFEFXYA0a77_Szhb_Qt98IZE9DHzw0SzC4Y&sig=Cg0ArKJSzOyoGpQGHWlyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=351&vt=11&dtpt=161&dett=3&cstd=186&cisv=r20220406.43126&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/technology/qbot-malware-found-smuggled-inside-windows-installer-packages/ar-AAW83WP?ocid=iehp&li=BBnb7Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 12 Apr 2022 18:23:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
f3-min.jpg
s0.2mdn.net/sadbundle/18221727850899315298/ Frame E224 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18221727850899315298/f3-min.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6da872b50d655913c442cde9f073c7d1afd4c4d56185dc04e743e5720534657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18221727850899315298/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 10:01:05 GMT
x-content-type-options
nosniff
age
30129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36482
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 11:55:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Apr 2023 10:01:05 GMT
f2-min.jpg
s0.2mdn.net/sadbundle/18221727850899315298/ Frame E224 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18221727850899315298/f2-min.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c63a8e948d0d9aa0725fc96406ec44ab337b32270160ad1aa95f5063e5edf5ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18221727850899315298/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 10:01:05 GMT
x-content-type-options
nosniff
age
30129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38672
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 11:55:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Apr 2023 10:01:05 GMT
f1-min.jpg
s0.2mdn.net/sadbundle/18221727850899315298/ Frame E224 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/18221727850899315298/f1-min.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24fb31ce34d127db687581c2461d100e716af6edc1113ff9794411acbed90dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/18221727850899315298/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 12 Apr 2022 10:01:05 GMT
x-content-type-options
nosniff
age
30129
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48220
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 11:55:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Apr 2023 10:01:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA7A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNI8ZksNVYozXDbyT7_UPyfKc0A4AAAAAOAHgBAI&bg=!ODulO3_NAAZAkm7qYJI7ACkAdvg8WoX0Gb_fqp_-lPyUTOv5kV5S0RsHEJA-bZsJSgrkphXIqNUdiQIAAABIUgAAAAFoAQcKAMEVJGoZm7v9p_428NYhNa57BgScLQp77Jx4SkQysKaKdLmOsXBge7JbNWah-ibp9eRsoBarGhod0BNUDUZpHMtESfLVqSYaw0xp5QuctNZWpBJplACL9dMNqQJ-FDQ8k_uOfBDbExnw-KBIoaqiCJUdKfDQt0y292mfVSnIsLc0cEsmAO21xYo-7TdXhMbd7QYZTCzTI7PAvoWajjYaCyY26xNaSseiphlauuwZRQJrhNBS8PgRuP3oLPNRoaQBHO5HmQLJw9T7a7qURn8OSGWFyQxWRvDoHZQuJhDSaxOKULScjwMSwi8m5pDPq54T39Wsneay3c4LDXgY0-e-H7QjKvqNBEJpoh35fvs7g6rWr5inq4MFxYm8XyxtuJ8BOptunPvRGMa7pixqFX4NOcWx3Euf5cunlGnoHQV1Va_xt8atSJjfVAh3d_Y65y9e76_18DPGwnne4iAxxuxwYxLmas7dO1HjBY_lCXM1IbL5BY4LPP1S4yerJ_7HY8bQxW9haGlXOwRtR-s3QbEkP8VcHmyXvrDh_a6OoqaUngUeWyZxY81883Vvvd9MuRpBLbAssXFMmQE25Id9EziRvAmwDIOCzPMNZ8MqLeUBzI2fzZKxIYRcMNqV6Y0u8HgjugKR29FeJine67nIE7rNPNQI0mK54nIU7CiyEH2f3JijXf9rQJivCzEZMNohHUITwCpCla72JiB62NE2blg5OHr-EA1Gbpfj4F4r1XLwr6EsAjz4m12HGrVZ-f7IBneD-4OxJuKgxJcPi-KlyND2llUqpTldmZSbMSeMM5-Z0khOaih4LNuXC-jxoVOExbbAjB0z3X5yNKn4ggIZDtZuhuGp2yZftfjr5me7k60nXVjAGsmjBrPuJs_4ScUCs0aHW1qfS8d8Xpb1SoG6ScCdmuuU62U3fl9vBkqZG4N-Tc6dunDN4UhF6aVoEScvYBTini5SdIkk2bMXHxeK4xPWwcwsiaH5IIIefV82Q5lvJ4rJlqdNveeIRH_KhYiuh7kkMeNBU3hX5eME2KeMgStj0R_frI-meyVX4YMncTjWo_psA2W7cSzla3GPC3_YJocFmxaMT81H2hvT61EuASOrt4dilIl6Kj2RA6ildXagVjW54Sf62ddx7VU_sewwy67XBV189X71WaD9pveQnpxGlsK8OmFEem3Q3ezSKh1GYhO4TXGRpPzSXXLSwJOdYGk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F01B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuatI6CHZ4RtseyTC5HaaJJ5DxWZnRtVcvxLNJ2Bf-mjER2TBhMxmdLJMuiG37b88R2utB-1fLg57X3AtFAYILjK2M9dWTE&sig=Cg0ArKJSzEleyfkjNoF2EAE&id=lidar2&mcvt=1001&p=0,0,600,300&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220411&bin=7&avms=nio&bs=1600,1200&mc=0.93&vu=1&app=0&itpl=34&adk=2018517514&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649787792951&rpt=1632&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Apr 2022 18:23:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
domains
api.viglink.com/api/ 		63 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.25.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-25-105.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
8cade92186b77d3f866849796ec584d05cf0155a7e6f9139b9d0d71fef61a1cc

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Tue, 12 Apr 2022 18:23:15 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
63
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| getCookieConsentRequired string| _ssrServiceEntryUrl string| _webWorkerBundle string| _authCookieName object| webWorker object| webpackChunk_msnews_msnews_experiences object| _pageTimings object| _secondaryPageTimings number| 2f1acc6c3a606b082e5eef5e54414ffb boolean| _isWebWorkerPresent function| telemetryEventsClear function| telemetryEventsFlush object| Base64 boolean| hasPreHydrateState function| _getAppPerfTrace object| MSANTracker function| Gemini object| JAC_CONFIG object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked function| vglnk function| OB_VidgetAuditCallback string| OB_extId boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16497877914596 undefined| vglnk_16497877914607 undefined| vglnk_16497877917049 object| webpackJsonpCSW function| setImmediate function| clearImmediate object| civicscience object| JAC object| MSA object| MeControl function| MeControlDefine function| MeControlImport undefined| vglnk_164978779211710 function| jsonp_1649787792140_9907 object| JAC_QUEUE number| _tlTagsPending object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater undefined| vglnk_164978779414411 object| goog_ddm_ps undefined| vglnk_164978779645812

33 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ09yP-IEwCgoIgQIQ09yP-IEwCgoI4gEQ09yP-IEwCgoI5gEQ09yP-IEwCgoIhwIQ09yP-IEwCgkICRDT3I_4gTAKCQg6ENPcj_iBMAoJCAsQ09yP-IEwCgoIjAIQ09yP-IEwCgkIXxDT3I_4gTA=
.msn.com/ Name: _EDGE_S
Value: F=1
.msn.com/ Name: _EDGE_V
Value: 1
.msn.com/ Name: MUID
Value: 135751EF468C6B243AC9406B473E6A3F
www.msn.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: 485afbfa-f123-4007-97bb-2eac7fe274a2
www.msn.com/ Name: ai_session
Value: J8Ux2fsiwmMcAZlDm5YIl4|1649787790971|1649787790971
.scorecardresearch.com/ Name: UID
Value: 1D3f62fdf79bdb3da4f1fda1649787791
.c.bing.com/ Name: SRM_B
Value: 135751EF468C6B243AC9406B473E6A3F
.c.bing.com/ Name: SRM_M
Value: 135751EF468C6B243AC9406B473E6A3F
.bing.com/ Name: SUID
Value: M
.bing.com/ Name: MUID
Value: 387F3577FDA16E1B20A024F3FCCA6F98
.bing.com/ Name: SRCHD
Value: AF=NOFORM
.bing.com/ Name: SRCHUID
Value: V=2&GUID=251438CE3933435E9213CFAA9D73B863&dmnchg=1
.bing.com/ Name: SRCHUSR
Value: DOB=20220412
.bing.com/ Name: SRCHHPGUSR
Value: SRCHLANG=de
.bing.com/ Name: _SS
Value: SID=2594F4289E26618532D8E5AC9F4D6061
.c.msn.com/ Name: SM
Value: C
.c.msn.com/ Name: ANONCHK
Value: 0
www.msn.com/ Name: msaoptout
Value: 0
.login.live.com/ Name: uaid
Value: c23ceac4088541f7b0cf0bf04f646122
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1649787791&co=1
.microsoft.com/ Name: MC1
Value: GUID=da5ae136c0b3492093431a41cf895fe9&HASH=da5a&LV=202204&V=4&LU=1649787792054
.microsoft.com/ Name: MS0
Value: 0a0d54257317417fbf3c3b95ecfadb8a
.yahoo.com/ Name: A3
Value: d=AQABBI_DVWICECo58HZH-7cUKE5uosXNyAcFEgEBAQEVV2JfYgAAAAAA_eMAAA&S=AQAAAn0JgDzXcgrC7B4MSdTH1bs
.agkn.com/ Name: ab
Value: 0001%3AWa%2BQP%2FVarNfJvOAgc8HxmX6kDELus60n
.agkn.com/ Name: u
Value: C|0EAAp6IAQKeiAEAAAAAAAAQAHAAAAAAGaZpH__x4AAAAAADGD4gAAAAATG-w-AAAAAAn8LWgAAAAAHyE4zgA
.3lift.com/ Name: tluid
Value: 2613309970298444446064
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c8de471a-b859-4b5e-829b-967ee9460e2a"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDk3ODc3OTM7MjswMjFDNZQfvvEXeu1ejkYbxr/pf3BFf4mApASk9Gerg+XnyA==
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2453:u=1:x=1:i=1649787793:t=1649874193:v=2:sig=AQGs7Mh6MaNRDIg4SEnZoikIfZf9nRDn"
.mathtag.com/ Name: uuid
Value: 070d6255-c391-4701-9fd0-a58133bec9b6
.doubleclick.net/ Name: IDE
Value: AHWqTUkMIM-_XsjXujOTgtcDyWY5i3tT0chKCAUgKrzY9WmDQuI7lzYVn2obVUn2Ol8

8 Console Messages

Source Level URL
Text
network error URL: https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://assets.msn.com/service/community/follows/?targetId=vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa&queryType=follow&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2&ocid=iehp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-135751EF468C6B243AC9406B473E6A3F
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://assets.msn.com/service/msn/user?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=Peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9575A236-A39A-457E-86CA-3F8969170291&ocid=peregrine&market=en-us&user=m-135751EF468C6B243AC9406B473E6A3F&fdhead=msnallexpusers%2Cmuidflt48cf%2Cmuidflt51cf%2Cmuidflt258cf%2Cmuidflt314cf%2Cbingcollabedge3cf%2Cplatagyhz1cf%2Cplatagyhz3cf%2Cartgly3cf%2Cartgly5cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cprg-1sw-tsrgbt%2Cpreprg-1sw-gc%2Cprg-rsum-ctrl%2Cprg-1sw-ccurr%2Cprg-1sw-newsflp%2Cprg-1sw-gevte%2Ctraffic-cam2-u%2Cprg-1sw-camera-v2-1%2Ccsmoney4cf%2Ccsmoney5cf%2Cprg-adspeek%2Cprg-magiccc%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msncf%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cweather10cf%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Croutentpring2t%2Cprg-1sw-newsskip%2C1s-fcrypt%2Cprg-psovhighctl%2Cprg-1sw-splog%2Cprg-contslct-t1a%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-ctr-pnpc%2Cprg-1sw-accu10%2Cprg-1sw-pr2fuz%2Cprg-1sw-pr2fuzdf%2Cprg-1sw-pr2fzdfe%2Cprg-1sw-pr2tp%2Cprg-1sw-pr2tpent%2Cprg-1sw-rndw%2Cprg-1sw-hdukr%2Cprg-url-buildw%2Cprg-sh-adp2%2Cprg-sh-adp%2Cprg-sh-synadpt%2Cprg-sh-adcn%2Cprg-sh-synadnc%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptc%2Cprg-1sw-akaxap%2Cprg-1sw-pcfc%2Cprg-1sw-rih-revamp3%2Cprg-wea-skipauth%2Cprg-1sw-acrlc%2Cprg-1sw-multifc%2Cprg-1sw-3dcrsl2
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;worker-src 'self' https: blob:;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26.at.atwola.com
ad-delivery.net
ad.doubleclick.net
am-api.taboola.com
api.btloader.com
api.msn.com
api.viglink.com
assets.msn.com
b1-nydc1.zemanta.com
b1sync.zemanta.com
b1t-nydc1.zemanta.com
browser.events.data.msn.com
btloader.com
c.bing.com
c.msn.com
cdn.js7k.com
cdn.viglink.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
d.agkn.com
d2zqfs55y95cft.cloudfront.net
eb2.3lift.com
googleads4.g.doubleclick.net
ib.3lift.com
images.archive-digger.com
img-s-msn-com.akamaized.net
jac.yahoosandbox.com
jill.fc.yahoo.com
login.live.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mem.gfx.ms
odb.outbrain.com
pagead2.googlesyndication.com
pixel.mathtag.com
pr-bh.ybp.yahoo.com
prod-m-node-3113.ssp.advertising.com
prod-m-node-3113.ssp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
service.idsync.analytics.yahoo.com
srtb.msn.com
tag.idsync.analytics.yahoo.com
tags.mathtag.com
tcheck.outbrainimg.com
tlx.3lift.com
tpc.googlesyndication.com
web.ssp.yahoo.com
web.vortex.data.microsoft.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.bing.com
www.civicscience.com
www.googletagservices.com
www.msn.com
www138.civicscience.com
x.bidswitch.net
zem.outbrainimg.com
108.157.4.109
108.157.4.15
13.89.178.26
130.211.23.194
131.253.33.203
142.250.186.162
15.197.193.217
151.101.1.44
151.101.14.132
151.101.193.44
152.195.51.15
172.217.16.130
18.214.246.74
20.190.160.8
204.79.197.203
212.82.100.182
216.58.212.134
23.35.228.210
23.35.229.181
23.36.163.97
2600:9000:2156:2c00:f:c7b3:ce40:93a1
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700::6810:a20d
2620:1ec:21::14
2620:1ec:49::45
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1288:80:807::2
2a00:1450:4001:811::2002
2a00:1450:4001:813::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a02:26f0:3500:7::17d8:4dc9
2a05:d018:d29:3605:a6cd:bbc5:ba08:db41
3.120.51.47
3.123.202.125
3.126.56.137
34.252.25.105
35.157.246.167
35.158.141.195
40.77.226.250
52.142.114.2
52.203.165.149
52.29.122.153
52.46.130.91
52.59.128.211
64.202.112.159
64.74.236.223
69.192.161.85
70.42.32.31
74.121.143.241
76.223.111.18
00df3a318c3fd470d38916cafcf87651f3318f23652a8e34ec5790bf96d62921
054da3e71adbd20784a49844f803131f28b80679b1448eb070ee255498171edc
05e7a6444abaf9fa4a76f7abb405edffdc91f1876e87d31536f69942a1b6da55
07952001ef2d38d6b78acce58cdd217806d1934990613b684fff570493fe51c2
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08cb02212ee2567f424d8f2d657435eebe24d92ff2ba0825423c04f28363732d
091407daf3d0d42e0c475c76e420c27ce4c516b9838867e0b882f4ec156b20cf
0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9
0b2e162e74af088df0fe79756114b8724f5d7ce842e43ebf23db53c6757010e2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
0dcd93700f88be8efade7e01aaa077c1cb52064ad50721497d984206f8a5785c
0e8ded87108d6f5ba395cd6919f4f6186eaf01e4d4ea0ee093b142a5327d4038
0eaa20bfde85b7a55f4fe0e4a263cbd618e5b587d9a05e2f79676ee7acf2a8de
100a42c6396510c4da9a16730645f190a03fea0f823b50b2a2bdf6541abac414
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1292a3eead7170f1d080337cc6e89e06244baa7ad853f37058ef3962669bd74c
12ef4915d97bfc68be594bcb3a7744ce5707c0b69ea5e5de96d221e4afa249b5
135958c317d6173282bfe75e54082bf54d7205f028d0c7c2b367256d0822ead5
153a473a5b0a4ea81402fe655e00de02668ea5a2896d3384c4faa39039bd3bd9
19c69551052fdf129ab7ad30c5da5623e29d641da4123340689a904211b0fd0d
19e3a90b0ba228aa92871d864d4bae3bd650a41322e63d0bcf56d631a308436b
1a355720643bcde13843f0a20d2301328d828ba2505b25df41f447338f2af84d
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1cdbd41c5d1b44e3bc1a8daeb8e83f34cf6929d2ae65417378834473ddaf5820
1defec92beb6fab7405907cf2e49cf87fa9e64cf6c4bfcce9e79cf1b8325bbf1
1f1cd89bc86dad3a473b1b89f83fb4df78604ddf4c5b10d2da3b263844750d24
1f31fa627ed978a0d4b90ad8d1daeae39c61a3122abb1dd3b8511c406dca2ea8
20f1e8a334a64f19054167d762b0add3edcc4a110304b9d5b756413432d793ff
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
244ab59f2e2aea327bbd681a9e544a78849f69c785be3cfcf049253b700357b2
24dbe7fc0b738f2f19e4dfc184a425e45e5addb3e6f980b66555c1620bc4a6c0
24fb31ce34d127db687581c2461d100e716af6edc1113ff9794411acbed90dcf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27110b1b489593a2f08bdafab95b8018d67ace9de5718f82088e09279f704a74
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
30704867f1c82d39f7d774dad8d56053a5bed086d0fc9d83b69440acd1eafc34
30f5d4a286d6f8f2d6dd5a62e1e52f55f000c3c418796d48c5072332e5a806c4
321a4f95375e0f0d00843ae2d6776a5c4b0842ac75c3bd5715179f94e3409abe
32e8e8dbe67db7d8317c4a05c0d5d9874994cda6e0778808130f45d42193690b
35b1e563047823fa8073363318b3ad3d7b51dd86fe09a81e2149ef6004bf004d
377f60fa87d345d11b3485794b590184900f0ccc90a20ca6fec401a4649da1ee
37cce1108d30ced607590fa575171ce425d2167ae1cb5717661d676a0c9ca296
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677
380a4673a245b7c6dfb8726c2fa2a82440da54cddb456abdf038b649589f9b98
384599aa4204aa08f6a4ec2a9462816745d1493c2586aa9055488fc4c74d3f2d
388b63d310a0b20042b84dc31689e6f814da1524810e6a9d3b98c0b1ddd56c73
3960bab1341fe97dc7d8cb89e4b4e6ab0dbaf256e60993cbbb5ca2d33c4b647c
39d8a7ac6d104bb13f647dff19ce04e88e07832a0031634f03a8035fb01c273b
3afa32831a4e17a29dd0c198fdbd5fe316e6f77cb4b8f98f9ba1849d2e2f7163
3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d271d56c58f451c688ab44d9cf1267ef81deaa84d59385b1ee0a710d3545e75
3e8922397c7f9f79ffa777dd19010d03d1e4814477a45d22701dd7e64f3cee81
3ef348f022f5b32b439c94c207e64e603de0ec49f764ede09458633ef986f136
41752dedced7d1a4150031d4aec78e231800dd35b65bba0a519da552bc192d4f
42736024c56912c10fd3c7761c9d57f37e5bf5f87f74bfafc763059a2ff632d2
4300cbedd1584781c7f53272949fcbe9eef7490b9059e30b47e534333999caa7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445afbaba8e96507fa4056c83557c90fa898045b0571fe531e7f415a7b52d0d4
45b144a3488cd41b351d5bd7966ae78651bbcfe168a1eb6856ecfe86664000d9
47effbf21c3af4550e6906fa5faf81935fc3a8c8d8c4145d9b69dab40157e494
4891921623a6a9c8eef53a44979d94d4b5f5f7fea071c16b72b74dc1c4d567db
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4a808e029b2d810eb497efd64fc1870f0645150da61c297791069d8bc4ad8a41
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5144138fd70f1ac31532abc43b12dda241d5efd980098a378dcd2ba44c261d9b
5154578db52fa4f4821cdca28750f8ac34d3682bc076bab9a6e2898a35c61135
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54af4ae7c9665b7d67c5a37bf9e3c625ade318370180573daac7a7d954fccb7e
5647d6e4fe65dadc8621ea2af7af33e586f7badd85f252d6132903cd0da80889
5848665b65e1e5be4d7463e0047c98eac656f92d9e6f20a5a823774794f99b03
58effe6d65ad7f3a507140d5dac108bcead9e8fadb4ba495567356276d242614
5d126b3fd9597981766e675592da39eb3e6bff4deb640aef13ef3e22e9d97f14
5de753670b70aa985276277a94539389f9365cb2023435ab5866eafca1ab2b95
5eb7a9f9adc35ddb7d8f67c20f4d337c64d6ce894cd6bacd9d8b72f5eb03853c
60787a2e30e56b4842b55be9c0ebaf8efe44098f81507839ff0d0e6a696ecff7
612536c784a4f93e935879bb68c6508d30b783407214239e3fdad3a046c2f41b
62fab6266a1f0a3b62122b1098c1633e6b5757afb3ede43d238234b14f06940d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
661c3d197c5bb2d4feff18344bdf77f7959e85e8189167f69f527497fe779ff6
67aebdc8fb87bd7f5d1224fe6c2e916f23623dc780f66725fab19f98cd64e264
685c7415f6f7c0721846958972e68d49790ad487f6151eae6748c6ed0509427e
6a7426ba68829f15caeeaf67bdb4163d2b4b3b33b08dbd0353189218f3e2fea2
6c65d11dde8844ed10a5e451c4055db864f458d733f7db9eec9a6039693ac03a
6d3f2bf2f4bbbbd7d564b22dc53f8a8775515f14450b110d323bcad5589fef27
6dfc832ff4bac20a488712ad02af7dcecca7cdc7de58ffa1ca15518f2317ab40
6ea15ce50030095c00cd5861862b133f821dca77413bb2ee7d740bab42894ffb
6f9191ab4d0f314b9f6e78e33a88a1b1d8c28c2d64baa1ef40327333f71ba70d
7083c296f6591615804f27559c1630d9e04596f8b371c7939d6988956c87b7f5
71694d8ed80c586236db505697b3e29535c6bcefbb7b1ce3880e5c4bd5349227
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
734988aa63a7b90f9cb5a147b0465e79dcb7ea214bcfccee4468bee8aae69e09
749cd0a9d76118953e00213d0e5d6fbfcabc23da386c8aaa25ce44045a57f4ad
7533f1721cd47e64f55a9360ade37f615c61a72a9b4a3a8f8c6945337eac2e65
7784b03179b61638d0ba91b33f2dfa2a84b6d4af016942e80ac0a469a61b1825
782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d
787ff273f1b8973a3e28cf403649b6e676c5babf4dc8f6b896b265e4cb44f5b7
7ac966ca1fd3fc726538c76b248c4e254560596368fc628ce48b8dfb0cdc34ac
7e1dacebac327d4678565051a9a021e9040b455ad2621c4eafce2824dd17d6db
7ef08b374b98dd05adf277f227f8af9c2f6a8ebcbdb365c3957b05b310eb1154
7fa94c13df085156763b0414d15ada05edba099c3876b3805dcb7149287060ab
826bf5fa55d5706978aaa7952376d6aa57c078b298455bb19fda3ee26a6982dd
83b46925b25c211de53c1a88ffba5d51982d3a60f36c129a7ec38d1b400b22a3
84083067614c12898c1ee006b7a7d674379b8a87f4ef20b8da529a2cd2997d07
84afd59e8d80dda77178a87b2f5e59f53dad85da4c097787f64d96467514e241
87306ff222703017f52bdec3f69a6583605e65c484484477313479de06b51f61
88d8433db199b6a89bd135593e9201b1cca74d82e3b0709b39eed8805185f494
8cade92186b77d3f866849796ec584d05cf0155a7e6f9139b9d0d71fef61a1cc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f42f77723e5550f1e0e17d10b9e9c9a0d52c4b9e772f222934eb7206cda7b60
8f6e38300701048ca97743ac540034b25a63bddb112c0b8d5ee3968cfcb57036
8fb2f738870e714b0d9fc01dcbf3770271ded49cb0e7b0f1410ad44999fa31c8
91a5f2438a6986845b1f63bc4255f7de2402678d84301f47c45585b0779b24ec
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
95405cf836edcf3baab68f01740b77a349ce131ee39b9cbe07d66c03ab539354
96b0a163f389a3db88daf7574b38d8eb4cf51594ec3801ccbbb153b57048c369
977a659b09e112dcdea17259a4fc594a25c71ed3acf4b5739c960f9ed03e05fc
98f35fe845b73ef74978f56e5de5d230ff8a99e7cd9fb6d9837416a95661eada
994cd1d0b075c669eccb3c71a90f609941c0673879437abbc34c9e3f5e2ab5fd
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99cca1712d67427d3a038239a85ac8f8ff21be1cdf8e1cfce13fc6346b51d31b
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a24af2d564d1be101f59f2cbee40b18cb38c5274fcd4c32d285542072742b52e
a36190bae6654b1f22cfbed41d29271069f4f2d6338cc374be020965d43285b0
a37afa4795c0cede82ad0f73f60eafee5e13f6fb3d42a739354d9280966fe434
a4b2cf6785131aac799f2faf2bdacbf2990e1f25791fffd13585afa2e4bddef1
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
a795b260ee6de68d124410b7912d1a6bdc1bc1e7e96bf5df13b68dcc9a994bf0
a7f5282cabbf7963811f21d108990cb61c5ded048d010ab13c1263b328de94e1
a89d7be30eb4c563639c892b204bad691b41b277e010daa4ca96591cb2e22bbd
a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779
aa497e37baafdde87af0492fbf8d9453a1b20fe1d3534e46245d4725aef69d0e
aa5d34e8098dcdd1f97b5b9f3043c76960fe9fb3140a621503086aaf70fc9f02
aad4e29d752ae4f74013f96bca4fc8d9d765c6d25222e2793517006c8fdf8551
aaee490ae7ac3af767857d876df43b3ff5bf7833a11eecc2c35de435c0ea947e
aca63519ae5b1990c00048e5901c025161073426f2858185da42c784274e8dbb
ad99c2e64c168bfaca1f281e48dce7d99a8263d53df5d5249e12b46f38753b6b
af27b84f62f8cb662c5087a13e49a93de215976a183b588928966739595f4df3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b899c96f6bd8de4ddc433b15a8c6e0dbfa81bc346d1f32fde1b52acdd6864327
b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2
b924ad39a82784eb8194c5219e78c56beaf373e12d9d82168134d1319993bce5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bccbdefad6797dd13860d99d3a4879c7345ec7ec982755bfe34dee8639f0302b
bd1e10a375a428c7bac8f6d1d0f976ff20eff193ddd2d3745976a5504c07c4d6
c00a759275b8628823a9809f24cbeca08cb48b52713adf221f70284e66d9c82f
c3752788f9fc691bbcc5f7eef227c66a536b9267e460525b772ad69b6da0db2a
c4554a5c0654175a044d87a05e4f649502987481e8e48ae64ce4b70a36307aad
c63a8e948d0d9aa0725fc96406ec44ab337b32270160ad1aa95f5063e5edf5ce
c74c78b4212d6e9496bd73b856ab1c80a69a85acc63df051eae6f5b5334e0110
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c83ec98b99c73cdb0e974ed35e079e22d48347e20271057ddbca123a5186b3a0
c9d83bc5aae933a6ad1a842c7db73a8c89dfcea8419fd95401fdffb87242050c
ca7ee6d75a89f45f4573c35b27a39596e1f63a48fe74b21993ea8ec8e86ffdd0
cb9c9a4aa94639811b9a26c22273d5a7950fec602a3c3df19b557124200c1d8d
ccf6cb34de4fb62646f9b963e0d4cd0f5fa95a746a5da00b4e361005dfd18c7c
cd78847f0bdfa8f0a81eb00ae51b2485f7a4e03875ca8d36830f83bdb414c9df
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb49753dd3733aa626638d8850d695d44df13c1cc58f5922ee95a1803e0d33e
d315fa85ab77a755b2b573010b3dc4b268945ced696b0495a95712132c30757c
d7d3dc1ea85e16c6362d52bc2ee13c72c6840a9e8f55a3bb079c3251916836ed
db29f338bf08cf2034d116c07c4832086b9cf8f4f3a4f0f5e22a9bbe33dc73c0
dc7364172405e145c60d725e238eb4a74f639a9ade115ee4d2ef83d108c86eae
dd5fd5a2bf9b59be4e383490c3b510199ba3abd7a6496983f84fafbd1c6a6695
ded458e54c6a9cbcf3ee78d556f838906534aa75700da4d402518bedd998ace6
e04ded36eb838803283617f4ffce8d9923dcdd90951aa0c312b46d67b35c0cfe
e15232bc68541f3fe0b8cfffd085e79fd067f20ea97dd77d1c3786f2bdd647bd
e254c1e85858af67585ec49e2f9daaa2e66561f4adb5b9335c74c7d7af7b3afc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74
e4af51011f2b5302f586c624c6cd57492c527e03ae1dc983c7da4b8ed2b2906e
e5621d5c619ba3cbf5ba1e8094e054408d347455e3c9f7596462d2bff77a0d36
e5c3dc9908ea58195ab0f37627dab43e82eb2e6e083622741717925270d2e28b
e6a106879082345d475326c840dfbe62f90ce4e4e6bbe10e016e53d502ddddbb
e6da872b50d655913c442cde9f073c7d1afd4c4d56185dc04e743e5720534657
e8b6aff366364caf571ead909ce286cf6c8a19c524deb23d506a1b2133f88d33
eb016e94d6927dea10e7460f8c8e7a9730601c70893ac6bdf98dafb1ced691f8
eb573a7ad09616b4d77475709a374fa97b7f9755bb861e374994d71f03abfcea
ee150c4462474bc089d20655edb33e0943638b3634a7863ce8e0adc7b39023d7
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13b2a0429d2b9b6f339a88926e9d1c8726d9ddb7be4beafe9dc4f84ed92e91e
f1471643844af10bdfa9a90620fd5dd7252d0fe1189ca93f40b25d34a98160ec
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f43b46276227834afda76346240a4276885e66328c05471bc5165cebd1da6a52
f4f687591a2bd0e394a47724abc2a38624c2dc4f27c1666181fa6f2c6e70c5f3
f7ba0e8a42a5a05be5e686414b17bf84d5d7ee7b592198627b99b87faece827d
f869867a1bff18643cf3323cad20211e29fb941240b1a68fb8231ba0da4bd28d
fb78650b186d628076b44f193b4b06cac27c7a9c1b5a90b5119bc22522d2ed83
fb921dd14601dac222f665ecc3b2d0cdd370b18524343bfb1a9944cda681b267
fc2d106fb289df806db11b2ab1d5240efe85a916fe3595d21344bc5dc87ca71b