www.msn.com Open in urlscan Pro
131.253.33.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/LinRwhsIeh
Effective URL:
https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar...
Submission: On April 02 via api (April 2nd 2022, 1:43:05 pm UTC) from US — Scanned from DE

Summary HTTP 309 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 62 IPs in 8 countries across 62 domains to perform 309 HTTP transactions. The main IP is 131.253.33.203, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.msn.com. The Cisco Umbrella rank of the primary domain is 1181.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 22nd 2021. Valid for: a year.

This is the only time www.msn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
28	131.253.33.203 131.253.33.203	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
73	23.36.163.109 23.36.163.109	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2	204.79.197.203 204.79.197.203	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
47	2a02:26f0:350... 2a02:26f0:3500:7::17d8:4dc9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	20.190.160.4 20.190.160.4	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2620:1ec:bdf::44 2620:1ec:bdf::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
10	40.74.98.195 40.74.98.195	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a20d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	69.192.161.85 69.192.161.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	34.233.224.198 34.233.224.198	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:223... 2600:9000:223f:8e00:f:c7b3:ce40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
1	152.195.51.15 152.195.51.15	15133 (EDGECAST) (EDGECAST)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.250.51.110 34.250.51.110	16509 (AMAZON-02) (AMAZON-02)
2 5	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
18	64.202.112.31 64.202.112.31	23352 (SERVERCEN...) (SERVERCENTRAL)
2 3	50.31.142.63 50.31.142.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
25	2a01:111:202c... 2a01:111:202c::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.214.246.74 18.214.246.74	14618 (AMAZON-AES) (AMAZON-AES)
2	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
5	40.77.226.250 40.77.226.250	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	18.192.248.81 18.192.248.81	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3601:b883:24d:29e5:b600	16509 (AMAZON-02) (AMAZON-02)
2 4	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
3 4	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
24	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
5 5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.16.213.80 52.16.213.80	16509 (AMAZON-02) (AMAZON-02)
1	54.250.154.224 54.250.154.224	16509 (AMAZON-02) (AMAZON-02)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	54.72.202.157 54.72.202.157	16509 (AMAZON-02) (AMAZON-02)
1	35.178.150.13 35.178.150.13	16509 (AMAZON-02) (AMAZON-02)
2 2	18.197.103.129 18.197.103.129	16509 (AMAZON-02) (AMAZON-02)
4 4	18.194.141.235 18.194.141.235	16509 (AMAZON-02) (AMAZON-02)
1 1	157.90.157.235 157.90.157.235	24940 (HETZNER-AS) (HETZNER-AS)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
1	3.222.216.235 3.222.216.235	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	54.220.157.118 54.220.157.118	16509 (AMAZON-02) (AMAZON-02)
2 3	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.245 69.192.160.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
3 3	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	52.59.41.116 52.59.41.116	16509 (AMAZON-02) (AMAZON-02)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
2 2	99.80.176.170 99.80.176.170	16509 (AMAZON-02) (AMAZON-02)
2 2	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1	2600:9000:225... 2600:9000:225e:e200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.137.108 185.86.137.108	201081 (SMARTADSE...) (SMARTADSERVER)
1	150.136.156.92 150.136.156.92	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	44.200.208.73 44.200.208.73	14618 (AMAZON-AES) (AMAZON-AES)
1	54.83.246.18 54.83.246.18	14618 (AMAZON-AES) (AMAZON-AES)
1	23.35.229.181 23.35.229.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
309	62

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 131.253.33.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.dc-msedge.net

www.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
srtb.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

73 23.36.163.109 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-109.deploy.static.akamaitechnologies.com

assets.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

jill.fc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jac.yahoosandbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.js7k.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net

api.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2a02:26f0:3500:7::17d8:4dc9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.190.160.4 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mem.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.23 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 40.74.98.195 (Osaka, Japan)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a20d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.192.161.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-85.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.233.224.198 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-224-198.compute-1.amazonaws.com

www138.civicscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.civicscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:8e00:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2zqfs55y95cft.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.51.15 (United States)

ASN15133 (EDGECAST, US)

tag.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.51.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-51-110.eu-west-1.compute.amazonaws.com

api.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

service.idsync.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 64.202.112.31 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.31.142.63 (Chicago, United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a01:111:202c::200 (United Kingdom)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.246.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-246-74.compute-1.amazonaws.com

www.civicscience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

web.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

26.at.atwola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.248.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-248-81.eu-central-1.compute.amazonaws.com

prod-m-node-3113.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:b883:24d:29e5:b600 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.91 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

m.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.78 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

am-api.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.img-taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.16.213.80 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-213-80.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.250.154.224 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-154-224.ap-northeast-1.compute.amazonaws.com

sync-jp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.202.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-202-157.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.150.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-150-13.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.103.129 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-103-129.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.141.235 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-141-235.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.90.157.235 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.235.157.90.157.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.convergeselect.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Rheinfelden, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.216.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-216-235.compute-1.amazonaws.com

id.geistm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.157.118 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-157-118.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.78.254.47 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.245 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-245.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.18 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.41.116 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-41-116.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.176.170 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-176-170.eu-west-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (Utrecht, Netherlands) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:e200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.108 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.200.208.73 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-200-208-73.compute-1.amazonaws.com

sync.hgrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.246.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-246-18.compute-1.amazonaws.com

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
115	msn.com 1 redirects www.msn.com — Cisco Umbrella Rank: 1181 assets.msn.com — Cisco Umbrella Rank: 184 api.msn.com — Cisco Umbrella Rank: 114 c.msn.com — Cisco Umbrella Rank: 549 browser.events.data.msn.com — Cisco Umbrella Rank: 819 srtb.msn.com — Cisco Umbrella Rank: 785	2 MB
47	akamaized.net img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 366	267 KB
30	bing.com 3 redirects c.bing.com — Cisco Umbrella Rank: 230 www.bing.com — Cisco Umbrella Rank: 93	427 KB
24	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1235 sync.outbrain.com — Cisco Umbrella Rank: 835 widget-pixels.outbrain.com — Cisco Umbrella Rank: 1521 odb.outbrain.com — Cisco Umbrella Rank: 1391 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5560	88 KB
15	yahoo.com 2 redirects jill.fc.yahoo.com — Cisco Umbrella Rank: 2269 tag.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 2206 cms.analytics.yahoo.com — Cisco Umbrella Rank: 899 service.idsync.analytics.yahoo.com — Cisco Umbrella Rank: 763 web.ssp.yahoo.com — Cisco Umbrella Rank: 2218 prod-m-node-3113.ssp.yahoo.com — Cisco Umbrella Rank: 15244 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 370 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	18 KB
13	taboola.com am-api.taboola.com — Cisco Umbrella Rank: 15809	1 KB
11	img-taboola.com img.img-taboola.com — Cisco Umbrella Rank: 3780	127 KB
9	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 245 acdn.adnxs.com — Cisco Umbrella Rank: 560 m.adnxs.com — Cisco Umbrella Rank: 1095	25 KB
8	doubleclick.net 6 redirects ad.doubleclick.net — Cisco Umbrella Rank: 190 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	16 KB
5	pubmatic.com 5 redirects image8.pubmatic.com — Cisco Umbrella Rank: 589 image2.pubmatic.com — Cisco Umbrella Rank: 882 image4.pubmatic.com — Cisco Umbrella Rank: 868	2 KB
5	microsoft.com web.vortex.data.microsoft.com — Cisco Umbrella Rank: 1554	3 KB
5	civicscience.com 1 redirects www138.civicscience.com — Cisco Umbrella Rank: 5034 www.civicscience.com — Cisco Umbrella Rank: 4934	623 B
4	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	2 KB
4	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 321 id.rlcdn.com — Cisco Umbrella Rank: 599	1 KB
3	exelator.com 2 redirects loadus.exelator.com — Cisco Umbrella Rank: 1216	3 KB
3	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 558	2 KB
3	yahoosandbox.com jac.yahoosandbox.com — Cisco Umbrella Rank: 3616	119 KB
3	gfx.ms mem.gfx.ms — Cisco Umbrella Rank: 3383	54 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 534	710 B
2	360yield.com 2 redirects ice.360yield.com — Cisco Umbrella Rank: 1413	764 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 350	678 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 515	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 536	2 KB
2	creativecdn.com 2 redirects creativecdn.com — Cisco Umbrella Rank: 650	712 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 813	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 326	927 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
2	mgid.com 1 redirects cm.mgid.com — Cisco Umbrella Rank: 1117	797 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 325	687 B
2	js7k.com cdn.js7k.com — Cisco Umbrella Rank: 770	33 KB
2	atwola.com 26.at.atwola.com — Cisco Umbrella Rank: 109234	340 B
2	viglink.com cdn.viglink.com — Cisco Umbrella Rank: 4198 api.viglink.com — Cisco Umbrella Rank: 4041	29 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 132	778 B
2	btloader.com btloader.com — Cisco Umbrella Rank: 1108 api.btloader.com — Cisco Umbrella Rank: 1246	5 KB
1	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 3714	463 B
1	yellowblue.io cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3935	328 B
1	hgrtb.com 1 redirects sync.hgrtb.com — Cisco Umbrella Rank: 1853	323 B
1	technoratimedia.com sync.technoratimedia.com — Cisco Umbrella Rank: 1184	298 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1219	425 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 728	240 B
1	emxdgt.com cs.emxdgt.com — Cisco Umbrella Rank: 884	59 B
1	openx.net u.openx.net — Cisco Umbrella Rank: 730	305 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 629	269 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 774	380 B
1	rubiconproject.com pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1170	239 B
1	geistm.com id.geistm.com — Cisco Umbrella Rank: 4263	159 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1036	344 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1593	452 B
1	convergeselect.net cpm.convergeselect.net — Cisco Umbrella Rank: 100420	228 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 697	363 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com — Cisco Umbrella Rank: 26104	222 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 434	348 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 428	338 B
1	im-apps.net sync-jp.im-apps.net — Cisco Umbrella Rank: 2982	203 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 449	225 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 385	853 B
1	media.net hbx.media.net — Cisco Umbrella Rank: 898	289 B
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 398	74 KB
1	cloudfront.net d2zqfs55y95cft.cloudfront.net	36 KB
1	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1258	938 B
1	live.com 1 redirects login.live.com — Cisco Umbrella Rank: 85	933 B
1	t.co t.co — Cisco Umbrella Rank: 463	642 B
309	62

	Domain	Requested by
73	assets.msn.com	www.msn.com assets.msn.com web.ssp.yahoo.com
47	img-s-msn-com.akamaized.net	assets.msn.com
25	www.bing.com	assets.msn.com
25	srtb.msn.com	assets.msn.com
17	sync.outbrain.com	widgets.outbrain.com
13	am-api.taboola.com
11	img.img-taboola.com
10	browser.events.data.msn.com	assets.msn.com
5	cm.g.doubleclick.net	5 redirects
5	web.vortex.data.microsoft.com	mem.gfx.ms
5	c.bing.com	3 redirects widgets.outbrain.com
4	x.bidswitch.net	4 redirects
4	m.adnxs.com	3 redirects
4	ib.adnxs.com	2 redirects acdn.adnxs.com
4	www.civicscience.com	www138.civicscience.com
4	widgets.outbrain.com	assets.msn.com widgets.outbrain.com
3	image8.pubmatic.com	3 redirects
3	loadus.exelator.com	2 redirects widgets.outbrain.com
3	idsync.rlcdn.com	2 redirects widgets.outbrain.com
3	b1sync.zemanta.com	2 redirects
3	service.idsync.analytics.yahoo.com	tag.idsync.analytics.yahoo.com web.ssp.yahoo.com
3	jac.yahoosandbox.com	jill.fc.yahoo.com jac.yahoosandbox.com
3	ad.doubleclick.net	1 redirects
3	mem.gfx.ms	assets.msn.com mem.gfx.ms
3	jill.fc.yahoo.com	assets.msn.com jac.yahoosandbox.com
3	www.msn.com	t.co www.msn.com assets.msn.com
2	sync.1rx.io	2 redirects
2	ice.360yield.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	creativecdn.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	match.adsrvr.org	2 redirects
2	dpm.demdex.net	1 redirects widgets.outbrain.com
2	cm.mgid.com	1 redirects
2	eb2.3lift.com	1 redirects
2	cdn.js7k.com	web.ssp.yahoo.com
2	prod-m-node-3113.ssp.yahoo.com	web.ssp.yahoo.com
2	26.at.atwola.com	www.msn.com
2	web.ssp.yahoo.com	t.co
2	sb.scorecardresearch.com	1 redirects
2	c.msn.com	1 redirects
2	api.msn.com	assets.msn.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	odb.outbrain.com	widgets.outbrain.com
1	widget-pixels.outbrain.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	id.rlcdn.com	widgets.outbrain.com
1	cs-server-s2s.yellowblue.io	widgets.outbrain.com
1	sync.hgrtb.com	1 redirects
1	sync.technoratimedia.com	widgets.outbrain.com
1	ssbsync.smartadserver.com	1 redirects
1	s.ad.smaato.net	widgets.outbrain.com
1	cs.emxdgt.com	widgets.outbrain.com
1	u.openx.net	widgets.outbrain.com
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	sync.crwdcntrl.net	widgets.outbrain.com
1	bttrack.com	widgets.outbrain.com
1	pixel-us-east.rubiconproject.com	widgets.outbrain.com
1	id.geistm.com	widgets.outbrain.com
1	ps.eyeota.net	widgets.outbrain.com
1	dsp.adfarm1.adition.com	1 redirects
1	cpm.convergeselect.net	widgets.outbrain.com
1	dis.criteo.com	widgets.outbrain.com
1	bidswitch-eu.splicky.com	1 redirects
1	aa.agkn.com	widgets.outbrain.com
1	beacon.krxd.net	widgets.outbrain.com
1	sync-jp.im-apps.net	widgets.outbrain.com
1	tags.bluekai.com	widgets.outbrain.com
1	px.ads.linkedin.com
1	hbx.media.net
1	acdn.adnxs.com	assets.msn.com
1	pr-bh.ybp.yahoo.com
1	s.yimg.com
1	api.viglink.com	cdn.viglink.com
1	cms.analytics.yahoo.com
1	tag.idsync.analytics.yahoo.com	jac.yahoosandbox.com
1	api.btloader.com	btloader.com
1	d2zqfs55y95cft.cloudfront.net
1	www138.civicscience.com	1 redirects
1	cdn.viglink.com	assets.msn.com
1	ad-delivery.net
1	login.live.com	1 redirects
1	btloader.com	assets.msn.com
1	t.co
309	88

This site contains links to these domains. Also see Links.

Domain
www.techradar.com
project.tolunastart.com
www.bleepingcomputer.com
go.microsoft.com

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.msn.com Microsoft RSA TLS CA 01	`2021-09-22` - `2022-09-22`	a year	crt.sh
assets.msn.com Microsoft RSA TLS CA 02	`2021-09-23` - `2022-09-23`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-05` - `2022-09-04`	a year	crt.sh
secure.ace.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-12-08` - `2022-05-25`	6 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 01	`2022-02-15` - `2023-02-10`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 01	`2022-03-02` - `2023-02-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-21` - `2022-05-11`	2 months	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-12` - `2022-06-30`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
api.btloader.com GTS CA 1D4	`2022-02-23` - `2022-05-24`	3 months	crt.sh
*.idsync.analytics.yahoo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-02`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
viglink.com Amazon	`2021-11-13` - `2022-12-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-11` - `2022-07-06`	6 months	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-29` - `2022-08-29`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-14` - `2022-05-04`	2 months	crt.sh
*.civicscience.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-09` - `2022-05-10`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
jp.techcrunch.com DigiCert SHA2 High Assurance Server CA	`2022-03-30` - `2022-06-29`	3 months	crt.sh
*.vortex.data.microsoft.com Microsoft RSA TLS CA 01	`2022-01-13` - `2023-01-13`	a year	crt.sh
ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-02-02` - `2022-05-04`	3 months	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2022-03-28` - `2022-09-28`	6 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.im-apps.net Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.eyeota.net R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.geistm.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.yellowblue.io Amazon	`2021-05-23` - `2022-06-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72
Frame ID: B5909249FBF1B44252C4AEA1BAB28D3D
Requests: 233 HTTP requests in this frame

Frame: https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
Frame ID: 01AF3238FF32D712251DD232DBDE786F
Requests: 1 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Ft.co%2F
Frame ID: 4BBE418745CD031DAB220F50173F52B1
Requests: 2 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/jac.js
Frame ID: 44290B34ACD4C57967DBD6B901273ED1
Requests: 18 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.14.0/jac.js
Frame ID: B14E0745BCD7E7517C51305406ECEADD
Requests: 15 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 8304BE9986E6B7EB986E292B697F4582
Requests: 38 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FA7C3EF58274DAB77517FCDF8584DF9D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hackers have found a clever new way to steal your Microsoft 365 credentials

Page URL History Show full URLs

https://t.co/LinRwhsIeh Page URL
https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsof... Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:^[^/]*//[^/]*viglink\.com/api/|vglnk\.js)

Page Statistics

309
Requests

91 %
HTTPS

16 %
IPv6

62
Domains

88
Subdomains

62
IPs

8
Countries

3483 kB
Transfer

9912 kB
Size

87
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.techradar.com/news/buy-microsoft-office-prices
Title: Microsoft 365

Search URL Search Domain Scan URL

URL: https://www.techradar.com/best/free-office-software
Title: Office

Search URL Search Domain Scan URL

URL: https://project.tolunastart.com/s/Cy37RiA
Title: Click here to start the survey in a new window

Search URL Search Domain Scan URL

URL: https://www.techradar.com/best/best-identity-theft-protection
Title: identity

Search URL Search Domain Scan URL

URL: https://www.techradar.com/news/best-endpoint-security-software
Title: If you're looking to keep your devices secure, make sure to get one of the best endpoint protection services right now

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/microsoft/phishing-uses-azure-static-web-pages-to-impersonate-microsoft/
Title: BleepingComputer

Search URL Search Domain Scan URL

URL: http://www.techradar.com/

Search URL Search Domain Scan URL

URL: http://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy & Cookies

Search URL Search Domain Scan URL

URL: http://go.microsoft.com/fwlink/?LinkID=246338
Title: Terms of use

Search URL Search Domain Scan URL

URL: http://go.microsoft.com/fwlink/?LinkID=2003950
Title: Advertise

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/LinRwhsIeh Page URL
https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://login.live.com/login.srf?wa=wsignin1.0&checkda=1&wp=MBI_SSL&mkt=en-us&wreply=https%3A%2F%2Fapi.msn.com%2Fauth%2Fcookie%2Fsilentpassport%3Fapikey%3D0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM%26ocid%3DPeregrine%26pwo%3Dhttps%253A%252F%252Fwww.msn.com%26secure%3Dtrue HTTP 302
https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033

Request Chain 26

https://c.msn.com/c.gif?rnd=1648906978115&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=https%3A%2F%2Ft.co%2F&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72&cvs=Browser&di=7290&st.dpt=other&st.sdpt=&subcvs=finance&lng=en-us&rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&activityId=b0c3dcd388514ec1aa31f0b4d15b1f0c&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0 HTTP 302
https://c.bing.com/c.gif?rnd=1648906978115&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=https%3A%2F%2Ft.co%2F&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72&cvs=Browser&di=7290&st.dpt=other&st.sdpt=&subcvs=finance&lng=en-us&rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&activityId=b0c3dcd388514ec1aa31f0b4d15b1f0c&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=A44D8F1B0F35410A962052D897FB37B1&RedC=c.msn.com&MXFR=20890875BA506FB020C1190FBBB76EBB HTTP 302
https://c.msn.com/c.gif?rnd=1648906978115&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=https%3A%2F%2Ft.co%2F&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72&cvs=Browser&di=7290&st.dpt=other&st.sdpt=&subcvs=finance&lng=en-us&rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&activityId=b0c3dcd388514ec1aa31f0b4d15b1f0c&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=A44D8F1B0F35410A962052D897FB37B1&MUID=20890875BA506FB020C1190FBBB76EBB

Request Chain 27

https://sb.scorecardresearch.com/b?rn=1648906978115&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72%26content%3D1%26mkt%3Den-us&c8=Hackers+have+found+a+clever+new+way+to+steal+your+Microsoft+365+credentials&c9=https%3A%2F%2Ft.co%2F HTTP 302
https://sb.scorecardresearch.com/b2?rn=1648906978115&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72%26content%3D1%26mkt%3Den-us&c8=Hackers+have+found+a+clever+new+way+to+steal+your+Microsoft+365+credentials&c9=https%3A%2F%2Ft.co%2F

Request Chain 34

https://www138.civicscience.com/jspoll/4/civicscience-widget.js HTTP 302
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

Request Chain 180

https://c.bing.com/c.gif?Red3=MSOATH_pd HTTP 302
https://pr-bh.ybp.yahoo.com/sync/msn/20890875BA506FB020C1190FBBB76EBB

Request Chain 181

https://ib.adnxs.com/async_usersync_file HTTP 302
https://acdn.adnxs.com/dmp/async_usersync.html

Request Chain 182

https://c.bing.com/c.gif?Red3=MSAN_MI9_pd&rid=B0C3DCD388514EC1AA31F0B4D15B1F0C&lang=en-us&dgk=chrome&imd=1&pn=article&rf=https://t.co/&tp=https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72 HTTP 302
https://m.adnxs.com/seg?add=5159620&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D226%26user%3D20890875BA506FB020C1190FBBB76EBB%3B%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fmapuid%253Fmember%253D280%2526user%253D20890875BA506FB020C1190FBBB76EBB%253B HTTP 307
https://m.adnxs.com/bounce?%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fmapuid%253Fmember%253D226%2526user%253D20890875BA506FB020C1190FBBB76EBB%253B%2526redir%253Dhttps%25253A%25252F%25252Fm.adnxs.com%25252Fmapuid%25253Fmember%25253D280%252526user%25253D20890875BA506FB020C1190FBBB76EBB%25253B HTTP 302
https://m.adnxs.com/mapuid?member=226&user=20890875BA506FB020C1190FBBB76EBB;&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D280%26user%3D20890875BA506FB020C1190FBBB76EBB%3B HTTP 302
https://m.adnxs.com/mapuid?member=280&user=20890875BA506FB020C1190FBBB76EBB;

Request Chain 184

https://eb2.3lift.com/mapuid?suid=20890875BA506FB020C1190FBBB76EBB&sid=16 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=

Request Chain 186

https://cm.mgid.com/m?cdsp=516415&c=20890875BA506FB020C1190FBBB76EBB&mode=inverse&msn_src=ntp HTTP 307
https://cm.mgid.com/m?c=20890875BA506FB020C1190FBBB76EBB&cdsp=516415&mode=inverse&msn_src=ntp&sct=1

Request Chain 246

https://idsync.rlcdn.com/420046.gif?partner_uid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEtKOFM1Tjk2NmEyWndLMnltMzNPRjk3N2haWFA5OUVZc2lzaW1ST0dOMW5aNFFPUzJmTzB6bFJEaEtTVUg1ZnQQABoNCOOloZIGEgUI6AcQAEIASgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA7B4At2EEERjrXagEC69BY&google_cver=1

Request Chain 248

https://b1sync.zemanta.com/usersync/outbrain/?puid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&s=2&us_privacy=1--- HTTP 302
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=bbSw_WJZfCrYdHjWCtA_&gdpr=0&us_privacy=1---

Request Chain 249

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft HTTP 302
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8484296133233988585&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft

Request Chain 250

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=0&gdpr_pd=1&gdpr_consent=

Request Chain 252

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://sync.outbrain.com/cookie-sync?p=ttd&uid=fe617e27-a409-4c90-9cd7-b6e585d9869f

Request Chain 255

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft HTTP 302
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=5976e585-921c-458f-bb5b-33471eda11d5

Request Chain 256

https://x.bidswitch.net/sync?ssp=outbrain&user_id=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=outbrain&bsw_custom_parameter=a2a5d455-4ea4-479c-9995-498bac1f0424 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=outbrain&expires=10&bsw_param=a2a5d455-4ea4-479c-9995-498bac1f0424 HTTP 302
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=a2a5d455-4ea4-479c-9995-498bac1f0424&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&google_dbm=&google_tc= HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAQYji-NkqbbU3KsoXH67R8&google_cver=1 HTTP 302
https://cpm.convergeselect.net/user-sync?dsp=328334&t=image&gdpr=&gdpr_consent=&uid=a2a5d455-4ea4-479c-9995-498bac1f0424

Request Chain 259

https://dsp.adfarm1.adition.com/cookie/?ssp=25 HTTP 302
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7082001548965968022

Request Chain 262

https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
https://creativecdn.com/cm-notify?pi=outbrain&tc=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=06WgY7DlsNYWfUHNGKbd&pi=outbrain&tc=1

Request Chain 266

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft HTTP 302
https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&xl8blockcheck=1 HTTP 302
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft

Request Chain 267

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&s=193091&C=1 HTTP 302
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YkhS4-eni4BvmTlm1ztp5QAABIwAAAAB&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft

Request Chain 268

https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&__user_check__=1&sync_id=cf7b9c5f-b28a-11ec-a08e-18c6427b0206 HTTP 302
https://sync.outbrain.com/cookie-sync?p=spotx&uid=cf7b9c2a-b28a-11ec-a08e-18c6427b0206&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft

Request Chain 269

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft%2526uid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft%2526uid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODlENkRDNjctRkFFMy00MUQ1LUJGM0ItODg1QjRFM0NCOEVC&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft%26uid%3D89D6DC67-FAE3-41D5-BF3B-885B4E3CB8EB HTTP 302
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&uid=89D6DC67-FAE3-41D5-BF3B-885B4E3CB8EB

Request Chain 271

https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UPcf85dc29-b28a-11ec-a661-02d682d633bc HTTP 302
https://sync.outbrain.com/cookie-sync?p=oath&uid=UPcf85dc29-b28a-11ec-a661-02d682d633bc

Request Chain 273

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft HTTP 302
https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft HTTP 302
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=c153e6bb-303f-4dfd-84d0-962c8b0dbb31&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft

Request Chain 274

https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1648906979904 HTTP 302
https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D

Request Chain 276

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING HTTP 302
https://sync.outbrain.com/cookie-sync?p=smart&uid=7806786059367544665&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING

Request Chain 277

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true HTTP 302
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-aYxKh8pE2uF9z.SgK1jbpBSxB7AtoUO99zkjheE-~A&gdpr=0&gdpr_consent=

Request Chain 280

https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft%26uid%3D%7BUSER_ID%7D HTTP 302
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&uid=645e410d-13fd-4c18-9d03-b36459102b5a

Request Chain 297

https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286512;dc_trk_aid=524524606;dc_trk_cid=168638645;ord=2022-04-02+13%3A42%3A59;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?;dc_ref=msn.com HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286512;dc_pre=CM6AtJbB9fYCFRmXdwoduXcAIQ;dc_trk_aid=524524606;dc_trk_cid=168638645;ord=2022-04-02+13%3A42%3A59;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?;dc_ref=msn.com

309 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 LinRwhsIeh
t.co/ 695 B
642 B 149ms
128ms Document
text/html 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/LinRwhsIeh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 311
content-type: text/html; charset=utf-8
date: Sat, 02 Apr 2022 13:42:56 GMT
expires: Sat, 02 Apr 2022 13:47:56 GMT
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: aae42d2bb7f1c5c87e87a2fc101a9d6f05730a0f9708373310528541861eaadd
x-response-time: 121
x-xss-protection: 0

GET
H2 200 Primary Request ar-AAVLkH5 Show response
www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ 24 KB
25 KB 114ms
55ms Document
text/html 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72

Requested by

Host: t.co
URL: https://t.co/LinRwhsIeh

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

b4689355722d93735b3fbd419f6a068a785f7345326b1d203339f3c05c68965b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;worker-src 'self' https: blob:;
Strict-Transport-Security	max-age=1209600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,GET,OPTIONS
cache-control: no-store, no-cache
content-security-policy: block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;worker-src 'self' https: blob:;
content-type: text/html; charset=utf-8
date: Sat, 02 Apr 2022 13:42:55 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
pragma: no-cache
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
strict-transport-security: max-age=1209600; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-fabric-cluster: pmeprodneu
x-frame-options: SAMEORIGIN
x-msedge-ref: Ref A: B0C3DCD388514EC1AA31F0B4D15B1F0C Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:56Z
x-ua-compatible: IE=Edge;chrome=1
x-xss-protection: 1

GET
H2 200 vendors.c0ea297392ac6ed4e12f.js Show response
assets.msn.com/bundles/v1/views/latest/ 283 KB
84 KB 92ms
13ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/vendors.c0ea297392ac6ed4e12f.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c5ea0bd5599a5131cec0b19ec3d7f7a983ac381d16c0e86093bfed51c2433bf1

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:56 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: 84Wg1tfrtSXGp/sEzF5uVg==
server-timing: 12
content-length: 85589
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:20:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B869E9911
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: c240b899-b01e-0003-2124-43709e000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3cfd1

GET
H2 200 microsoft.530d0ba66b20811b2bc6.js Show response
assets.msn.com/bundles/v1/views/latest/ 385 KB
103 KB 119ms
41ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a35e648069e6bc72b36f39e93c87517ae7f0f9c4e9c3db76845de75558a9ad5b

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:56 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: 5eNJOla6ziel6qzkOB0L5w==
server-timing: 12
content-length: 104752
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:20:46 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B7F85195C
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: df0c275b-f01e-00af-6b24-4342e1000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3cfd8

GET
H2 200 common.5cac64af2f49f80d898d.js Show response
assets.msn.com/bundles/v1/views/latest/ 832 KB
229 KB 121ms
43ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 88379fda00aa8b09cac35f1fc3cbdc6f6bf0ab56b44b0ea562267a770f8905ea

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:56 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: FOqcRSUUl23eeT9OEZpRHw==
server-timing: 12
content-length: 233527
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:19:52 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3CB351BD2
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 62ea13fd-801e-0018-098d-44e5ab000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3cfde

GET
H2 200 experience.17d99c99e8653ecfba29.js Show response
assets.msn.com/bundles/v1/views/latest/ 103 KB
38 KB 122ms
45ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: eb77e4c3863212baf3ce3feb6948435f3a0cf8cceaa96ac5204b5b3bf45814c1

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:56 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: f8L0faK0eW3qG4jORhF2Bw==
server-timing: 12
content-length: 37779
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:19:31 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3BECEA8DD
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 3cc454af-c01e-00a4-4b8d-4467f6000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3cfe2

GET
H2 200 web-worker.16a3b9a09f9e461ff142.js
www.msn.com/bundles/v1/views/latest/ 108 KB
32 KB 21ms
21ms Other
application/javascript 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msn.com/bundles/v1/views/latest/web-worker.16a3b9a09f9e461ff142.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.dc-msedge.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3c8c39a8770f455c29bed4a0061a6d0799a4504288c2c36ab57e8dfe7232623a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:55 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: jvx0AdQ3WOUSOMkey3e82w==
x-cache: TCP_HIT
server-timing: 18
content-length: 32011
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref: Ref A: 6FE460962537474282D417C47B7F4558 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:56Z
etag: 0x8DA113B94B1B94B
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-ms-request-id: ab7c36e1-501e-00b5-7824-43fcd6000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 96.16.48.145
x-ms-version: 2009-09-19
akamai-request-id: 1152071b
x-cid: 7
x-ccc: US

GET
H2 200 eb-garamond-v14-latin-regular.woff2
assets.msn.com/statics/fonts/ 28 KB
29 KB 15ms
15ms Font
font/woff2 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/statics/fonts/eb-garamond-v14-latin-regular.woff2
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:56 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing: 12
content-length: 29088
last-modified: Thu, 01 Oct 2020 00:43:17 GMT
server: AkamaiNetStorage
etag: "6fbb1cf13dfeff58538dddd9e2ad485c:1601512997.736101"
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: font/woff2
access-control-allow-origin: https://www.msn.com
cache-control: public, max-age=31536000
akamai-server-ip: 23.36.161.81
accept-ranges: bytes
timing-allow-origin: *
akamai-request-id: 40b3d35d
access-control-allow-credentials: true

GET
H2 200 / Show response
www.msn.com/resolver/api/resolve/v3/config/ 367 KB
85 KB 22ms
21ms Fetch
application/json 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msn.com/resolver/api/resolve/v3/config/?expType=AppConfig&expInstance=default&apptype=views&v=20220330.495&targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browserType%22:%22chrome%22,%22version%22:%22100%22,%22ismobile%22:%22false%22},%22deviceFormFactor%22:%22desktop%22,%22domain%22:%22www.msn.com%22,%22locale%22:{%22content%22:{%22language%22:%22en%22,%22market%22:%22us%22},%22display%22:{%22language%22:%22en%22,%22market%22:%22us%22}},%22ocid%22:%22msedgntp%22,%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22article%22,%22pageExperiments%22:[%22prg-1s1-cryptd%22,%22prg-1sw-accu10%22,%22prg-1sw-acp-fzy%22,%22prg-1sw-c-refcnt%22,%22prg-1sw-cfbdg%22,%22prg-1sw-curr3%22,%22prg-1sw-grevtt%22,%22prg-1sw-hdukr%22,%22prg-1sw-l2icon%22,%22prg-1sw-ms-cloud%22,%22prg-1sw-mscloudn%22,%22prg-1sw-nen3di%22,%22prg-1sw-newsskip%22,%22prg-1sw-pbpf1%22,%22prg-1sw-pr2ctlal%22,%22prg-1sw-sp5mats%22,%22prg-1sw-sphfdycf%22,%22prg-1sw-sphn2msn%22,%22prg-1sw-sphnmsnncf%22,%22prg-1sw-splog%22,%22prg-1sw-wlsmy3%22,%22prg-adspeek%22,%22prg-cookiesync%22,%22prg-hprewflyout-t%22,%22prg-ias%22,%22prg-ms-cloud%22,%22prg-ndauthrf2%22,%22prg-nodualauth%22,%22prg-psovhigh1%22,%22prg-rsum-t1%22,%22prg-sh-adn%22,%22prg-sh-synadnt%22,%22prg-wea-skipauth%22,%22prg-wx-anmprns%22]}
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.dc-msedge.net
Software: Kestrel /
Resource Hash: 44b3dc23ae67f31d509c96054480446261a3efc1a401f1142925b5c24d9d4c6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:56 GMT
content-encoding: gzip
etag: "51xu6ebfK-czil_5cT_Pb2QskMA"
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: TCP_HIT
content-length: 87008
x-crs-env: Production
server: Kestrel
x-msedge-ref: Ref A: C941E83437AB47AF8562797E47113D21 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:56Z
x-crs-buildversion: 20220304.1_master
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: public, max-age=604800, immutable
x-fabric-cluster: pmeprodneu
x-cid: 7
x-ccc: US

GET
H2 200 viewspage Show response
assets.msn.com/service/news/feed/pages/ 15 KB
8 KB 141ms
141ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/news/feed/pages/viewspage?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=B0C3DCD3-8851-4EC1-AA31-F0B4D15B1F0C&ocid=winp1&market=en-us&user=m-20890875BA506FB020C1190FBBB76EBB&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&contentId=AAVLkH5
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6162eda216052f177c8686d214a0830018736d80be4a8e023021106daaf91a9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,1s-brsagexfee3,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,1s-brsageapcc0,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-wpo-ampwhprr,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,f-rel-all,blockdedupc,ads-msxdedupc,prg-wtchsocial-c,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-skic,prg-1sw-newsskip,prg-1sw-nwrc,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,ads-lockerdome,prg-spr-c-c0317,prg-spr-wpop,prg-shp-wpo-ts2,prg-sh-wpo,prg-spr-ewpot,prg-spr-shpwpoon,prg-spr-mo2c1,prg-sh-muct01,prg-spr-spddpfm,prg-spr-sbprnk2,prg-psovhigh1,prg-1sw-cldp1,prg-1sw-rcmdint,prg-1sw-splog,artglyrank1cf,artglyrank2cf,1s-brsageccl0tpb,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-sh-afgl-cm,prg-sh-affs,prg-sh-afpdps,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:56 PM
x-msedge-ref: Ref A: 06E60EB2C81D40D3822C08798211B134 Ref B: FRA31EDGE0615 Ref C: 2022-04-02T13:42:56Z
ddd-strategyexecutionlatency: 00:00:00.0966480
server-timing: 12
ddd-servername: BF4EB6E12761
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 97
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 97
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:57 GMT
date: Sat, 02 Apr 2022 13:42:57 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: News_PageFeedReadStrategy
ddd-usertype: AnonymousMuid
ddd-tmpl: RR:0;PageViewCount0;XFeed
content-length: 4248
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,platagyhz3=1s-brsagexfee3,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,sagenl2=1s-brsageapcc0,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid12=prg-wpo-ampwhprr,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,2z88=f-rel-all,anaheimmuidads1=blockdedupc,30jn=prg-wtchsocial-c,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-skic,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-c-c0317,wfeedsmuidshop6=prg-spr-wpop,wfeedsmuidshop7=prg-spr-mo2c1,wfeedsmuidshop8=prg-spr-spddpfm,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo2=prg-psovhigh1,wfeedsmuidwpo5=prg-1sw-cldp1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,artglyrank5=1s-brsageccl0tpb,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3nvk=prg-sh-afgl-cm,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset: 0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:wAAA;
ddd-activityid: 70d77b8f-3b91-419d-b8d1-c2e9debcc68f
ddd-storeexecutionlatency: 00:00:00.0966097
ddd-datastore: News_PageFeedDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3d470

GET
H2 200 article-page.8fdd4c4114b893b2dabf.js Show response
assets.msn.com/bundles/v1/views/latest/ 325 KB
90 KB 14ms
14ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/article-page.8fdd4c4114b893b2dabf.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b1ada6f833286622bd3fd80f0c08db2d895582fbc1b32d33aa5f759f5bca6559

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:56 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: jxOeaa4bgZ9XSQw6jhYx4Q==
server-timing: 17
content-length: 90932
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:20:16 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3D98710E3
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 62ea15ad-801e-0018-508d-44e5ab000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3d477

GET
H2 200 common-header.1bf47e51796ae0d09925.js Show response
assets.msn.com/bundles/v1/views/latest/ 174 KB
50 KB 18ms
17ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/common-header.1bf47e51796ae0d09925.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ef5f941cfc489a5371899b2c68b585468f1ad5412516865322783ea1bbfbfdb7

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:56 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: lSA8qwoV6SApTMuhMu6+bA==
server-timing: 13
content-length: 50610
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:19:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3CBDBF1B7
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 62ea160d-801e-0018-1f8d-44e5ab000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3d596

GET
H2 200 AAVLkH5 Show response
assets.msn.com/content/view/v2/Detail/en-us/ 9 KB
5 KB 18ms
18ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/content/view/v2/Detail/en-us/AAVLkH5
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b2b321266df13defea65ffc339667fa6c0a2964abae3af3addc3931617a85d74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:56 GMT
content-encoding: gzip
ddd-usertype: AnonymousMuid
akamai-request-id: 40b3d59a
server-timing: 13
content-length: 4391
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
ddd-authenticatedwithjwtflow: False
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: public, max-age=1800
akamai-server-ip: 23.36.161.81
x-msedge-responseinfo: 25
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 25
x-as-suppresssetcookie: 1
access-control-allow-credentials: true

GET
H2 200 AAd4FLD Show response
assets.msn.com/content/view/v2/provider/en-us/ 2 KB
2 KB 25ms
24ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/content/view/v2/provider/en-us/AAd4FLD
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5de753670b70aa985276277a94539389f9365cb2023435ab5866eafca1ab2b95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
ddd-usertype: PersonalMicrosoftAccount
akamai-request-id: 40b3d601
server-timing: 12
content-length: 738
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
ddd-authenticatedwithjwtflow: True
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: public, max-age=1800
akamai-server-ip: 23.36.161.81
x-msedge-responseinfo: 7
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 7
x-as-suppresssetcookie: 1
access-control-allow-credentials: true

GET
H2 200 rewards Show response
assets.msn.com/service/news/users/me/ 563 B
4 KB 50ms
50ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/news/users/me/rewards?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=B0C3DCD3-8851-4EC1-AA31-F0B4D15B1F0C&market=en-us&user=m-20890875BA506FB020C1190FBBB76EBB&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&version=2&muid=20890875BA506FB020C1190FBBB76EBB&scn=MSNRPSAuth
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/article-page.8fdd4c4114b893b2dabf.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e085568548a9430ca0e94d958ba3213fae9258d37b96043ce1a1be16a3c4675f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,1s-brsagexfee3,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,1s-brsageapcc0,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-wpo-ampwhprr,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,f-rel-all,blockdedupc,ads-msxdedupc,prg-wtchsocial-c,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-skic,prg-1sw-newsskip,prg-1sw-nwrc,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,ads-lockerdome,prg-spr-c-c0317,prg-spr-wpop,prg-shp-wpo-ts2,prg-sh-wpo,prg-spr-ewpot,prg-spr-shpwpoon,prg-spr-mo2c1,prg-sh-muct01,prg-spr-spddpfm,prg-spr-sbprnk2,prg-psovhigh1,prg-1sw-cldp1,prg-1sw-rcmdint,prg-1sw-splog,artglyrank1cf,artglyrank2cf,1s-brsageccl0tpb,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-sh-afgl-cm,prg-sh-affs,prg-sh-afpdps,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-activityid: dbb9a3c3-e626-4136-80d0-227d63648a0c
ddd-strategyid: News_RewardsReadStrategy
ddd-usertype: AnonymousMuid
ddd-strategyexecutionlatency: 00:00:00.0068628
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
server-timing: 12
content-length: 380
x-msedge-responseinfo: 7
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
x-fd-detection-corpnet: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,platagyhz3=1s-brsagexfee3,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,sagenl2=1s-brsageapcc0,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid12=prg-wpo-ampwhprr,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,2z88=f-rel-all,anaheimmuidads1=blockdedupc,30jn=prg-wtchsocial-c,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-skic,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-c-c0317,wfeedsmuidshop6=prg-spr-wpop,wfeedsmuidshop7=prg-spr-mo2c1,wfeedsmuidshop8=prg-spr-spddpfm,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo2=prg-psovhigh1,wfeedsmuidwpo5=prg-1sw-cldp1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,artglyrank5=1s-brsageccl0tpb,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3nvk=prg-sh-afgl-cm,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
akamai-server-ip: 23.36.161.81
x-msedge-ref: Ref A: 86E652A1A61F45FC8EB174D6128F6938 Ref B: FRA31EDGE0216 Ref C: 2022-04-02T13:42:57Z
akamai-request-id: 40b3d606
onewebservicelatency: 7
x-as-suppresssetcookie: 1
access-control-allow-credentials: true
expires: Sat, 02 Apr 2022 13:42:57 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tag Show response
btloader.com/ 10 KB
5 KB 78ms
34ms Script
application/javascript 2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=6208086025961472&upapi=true
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f17562f7f8ed57acfc1f1071044483dbc4cd7f1db718fd5626c31bd5dbf57c21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cf-ray: 6f59fd9f3bac83a6-MXP
date: Sat, 02 Apr 2022 13:42:57 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Sat, 02 Apr 2022 00:53:21 GMT
server: cloudflare
age: 2913
etag: W/"1b5cd4dec34c110a4408a5d5420d0e0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gUcMUgMwQurdKgFa2lUSWPVrDp31FosUmdVa5s77RKcRYZ%2FOn2mKVevnZqxlTIpwkVRPY1FvlwsHnQAlk7okJ6wVb6VG7RMFd3hd9%2Bq9AldcbPMEVjpbwjq3OQfXqPe4CoWXShjyhrT%2BfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br

GET
H2 200 SegoeUI-Roman-VF-subset_web.woff2
assets.msn.com/statics/fonts/ 40 KB
41 KB 14ms
13ms Font
font/woff2 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/statics/fonts/SegoeUI-Roman-VF-subset_web.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing: 12
content-length: 41006
last-modified: Thu, 04 Jul 2019 01:04:35 GMT
server: AkamaiNetStorage
etag: "72d13803e728b0ef3dfb6da311001643:1562269510.048951"
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: font/woff2
access-control-allow-origin: https://www.msn.com
cache-control: public, max-age=31536000
akamai-server-ip: 23.36.161.81
accept-ranges: bytes
timing-allow-origin: *
akamai-request-id: 40b3d7f6
access-control-allow-credentials: true

GET
H2 200 roboto-v20-latin-regular.woff2
assets.msn.com/statics/fonts/ 15 KB
16 KB 15ms
14ms Font
font/woff2 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/statics/fonts/roboto-v20-latin-regular.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing: 12
content-length: 15759
last-modified: Thu, 01 Oct 2020 00:44:24 GMT
server: AkamaiNetStorage
etag: "479970ffb74f2117317f9d24d9e317fe:1601513064.007103"
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: font/woff2
access-control-allow-origin: https://www.msn.com
cache-control: public, max-age=31536000
akamai-server-ip: 23.36.161.81
accept-ranges: bytes
timing-allow-origin: *
akamai-request-id: 40b3d7fa
access-control-allow-credentials: true

GET
H2 200 roboto-v20-latin-700.woff2
assets.msn.com/statics/fonts/ 15 KB
16 KB 15ms
15ms Font
font/woff2 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/statics/fonts/roboto-v20-latin-700.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing: 12
content-length: 15839
last-modified: Thu, 01 Oct 2020 00:44:10 GMT
server: AkamaiNetStorage
etag: "2735a3a69b509faf3577afd25bdf552e:1601513050.481879"
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: font/woff2
access-control-allow-origin: https://www.msn.com
cache-control: public, max-age=31536000
akamai-server-ip: 23.36.161.81
accept-ranges: bytes
timing-allow-origin: *
akamai-request-id: 40b3d7ff
access-control-allow-credentials: true

GET
H2 200 js Show response
jill.fc.yahoo.com/v1/client/msft/ 359 B
651 B 75ms
21ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jill.fc.yahoo.com/v1/client/msft/js

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a795b260ee6de68d124410b7912d1a6bdc1bc1e7e96bf5df13b68dcc9a994bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
vary: Accept-Encoding
content-length: 265
x-xss-protection: 1; mode=block
x-request-id: 26a8006a58c535ee015bfa09a305d4bc882444
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=900
x-robots-tag: noindex, noarchive, nosnippet, nofollow

GET
H2 404 LiveRampObjectStoreCaller Show response
api.msn.com/segments/recoitems/ 36 B
2 KB 278ms
245ms Fetch
application/json 204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?ocid=peregrine&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&market=en-us&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.a-msedge.net
Software: /
Resource Hash: 37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: br
x-fd-features: vebudumu04302020,btrecenus,iframeflex,prg-adspeek,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-hprewflyout-t,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-nwrc,prg-1sw-l2icon,1s-fcrypt,ads-lockerdome,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-hdukr,prg-wea-skipauth
ddd-storeentrytimeutc: 04/02/2022 13:42:57,4/2/2022 1:42:57 PM
ddd-strategyid: Segments_SingleSegmentReadStrategy
ddd-usertype: AnonymousMuid
ddd-strategyexecutionlatency: 00:00:00.2216586
x-cache: CONFIG_NOCACHE
x-fd-flight: 1ilc=vebudumu04302020,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuidheader2=prg-hprewflyout-t,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3fnb=prg-1sw-nwrc,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k7y=ads-lockerdome,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mi0=prg-1sw-hdukr,3p54=prg-wea-skipauth
ddd-servername: 264CA653CC90
x-fd-detection-corpnet: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5B438A6937564765BF083040A29E2B7D Ref B: FRAEDGE1521 Ref C: 2022-04-02T13:42:57Z
ddd-authenticatedwithjwtflow: False
vary: Accept-Encoding
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
ddd-activityid: 761d4bf8-24aa-43d4-9e12-eeba0805bb54
ddd-storeexecutionlatency: 00:00:00.2215347,00:00:00.2215359
ddd-datastore: Segments_SegmentAggregateDataStore,Segments_SegmentAggregateDataStore
x-msedge-responseinfo: 221
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 221
access-control-allow-credentials: true

GET
H2 200 BBsDH6t.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 92ms
41ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBsDH6t.img?w=36&h=36&q=60&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c83ec98b99c73cdb0e974ed35e079e22d48347e20271057ddbca123a5186b3a0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:57 GMT
last-modified: Wed, 30 Mar 2022 02:51:38 GMT
x-datacenter: eastus
x-source-length: 16004
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=133635
x-activityid: 43a0fd40-b9cd-4c99-8d42-38d64b61a08f
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/BBsDH6t?w=36&h=36&q=60&m=6&f=png&u=t
content-length: 1936
expires: Mon, 04 Apr 2022 02:50:12 GMT

GET
H2

200

silentpassport Show response
api.msn.com/auth/cookie/ Frame 01AF
Redirect Chain

https://login.live.com/login.srf?wa=wsignin1.0&checkda=1&wp=MBI_SSL&mkt=en-us&wreply=https%3A%2F%2Fapi.msn.com%2Fauth%2Fcookie%2Fsilentpassport%3Fapikey%3D0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM...
https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033

239 B
3 KB

52ms
33ms

Document
text/html

204.79.197.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.a-msedge.net
Software: /
Resource Hash: 0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date,Ent-Authorization,ent-authorization,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,UserIdToken,useridtoken
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin: *.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date,Ent-Authorization,ent-authorization,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,UserIdToken,useridtoken
content-length: 239
content-type: text/html; charset=utf-8
date: Sat, 02 Apr 2022 13:42:57 GMT
ddd-activityid: c203f875-1d0c-4ed1-b024-59b2a3515a64
ddd-authenticatedwithjwtflow: False
ddd-strategyexecutionlatency: 00:00:00.0001280
ddd-usertype: MUID
onewebservicelatency: 0
servertoserverauth: False
x-activity-id: 37CC30DA8CC44970B3AA5022C1B4C15A
x-cache: CONFIG_NOCACHE
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,wfeedsmuid1=prg-rsum-t1,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3fl0=prg-1sw-newsskip,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,wfeedsmuidwpo2=prg-psovhigh1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
x-msedge-ref: Ref A: 37CC30DA8CC44970B3AA5022C1B4C15A Ref B: FRAEDGE1410 Ref C: 2022-04-02T13:42:57Z
x-msedge-responseinfo: 0

Redirect headers

Cache-Control: no-store, no-cache
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2022 13:42:56 GMT
Expires: Sat, 02 Apr 2022 13:41:57 GMT
Location: https://api.msn.com/auth/cookie/silentpassport?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ocid=Peregrine&pwo=https%3A%2F%2Fwww.msn.com&secure=true&lc=1033
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer: PPV: 30 H: BL6PPF8F0C68590 V: 0
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
x-ms-request-id: 652eb2b6-5012-45ac-ac70-ec376dd9e37d
x-ms-route-info: R3_BL2

GET
H2 200 meversion Show response
mem.gfx.ms/ 28 KB
10 KB 133ms
10ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/meversion?partner=msnews&market=en-us

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common-header.1bf47e51796ae0d09925.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1a97c6f1b2508ffd814247768fe9233ef157f17e4f3d23c0ee57e536cf0a6dc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-azure-ref-originshield: 00R5IYgAAAABjKeejo9yKQKzZI6utp7C+QU1TMDRFREdFMTkxNwBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
date: Sat, 02 Apr 2022 13:42:57 GMT
x-azure-ref: 04VJIYgAAAABQdcbr0Lq+RbUIOZ63LKVmRlJBRURHRTEwMTIAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Sat, 02 Apr 2022 19:31:45 GMT

GET
H2 200 ms-rewards-wc.1a476fbbb403bd12c62b.js Show response
assets.msn.com/bundles/v1/views/latest/ 12 KB
5 KB 14ms
13ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/ms-rewards-wc.1a476fbbb403bd12c62b.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 0ead1edf6e49e87ca81d844b359945dfea4779b3289286e3e18513fe50ae8119

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: XBh/XvBtuQXCYfAeU3Y9dQ==
server-timing: 12
content-length: 4934
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:20:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3DD49F416
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: e809c475-901e-0085-328d-44ddc7000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3d963

GET
H2 200 rewards-data-connector.56a0e91b8d26d64ddaf6.js Show response
assets.msn.com/bundles/v1/views/latest/ 19 KB
6 KB 13ms
13ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/rewards-data-connector.56a0e91b8d26d64ddaf6.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e5c8c7c12792df49953707fe5cb50ecaafd06fd1a7d45f46058993105b8c994e

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: G/zlnuLU2xxcLBEwlbkSqg==
server-timing: 12
content-length: 5299
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:20:46 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B7F297246
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ebd61fec-e01e-0076-1825-430594000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3d96f

GET
H2

200

c.gif
c.msn.com/
Redirect Chain

https://c.msn.com/c.gif?rnd=1648906978115&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=https%3A%2F%2Ft.co%2F&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found...
https://c.bing.com/c.gif?rnd=1648906978115&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=https%3A%2F%2Ft.co%2F&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-foun...
https://c.msn.com/c.gif?rnd=1648906978115&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=https%3A%2F%2Ft.co%2F&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found...

42 B
278 B

28ms
28ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.msn.com/c.gif?rnd=1648906978115&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=https%3A%2F%2Ft.co%2F&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72&cvs=Browser&di=7290&st.dpt=other&st.sdpt=&subcvs=finance&lng=en-us&rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&activityId=b0c3dcd388514ec1aa31f0b4d15b1f0c&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=A44D8F1B0F35410A962052D897FB37B1&MUID=20890875BA506FB020C1190FBBB76EBB
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:57 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F1F3372C5E4C47FF82C642BAD7C01831 Ref B: FRAEDGE1212 Ref C: 2022-04-02T13:42:57Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.msn.com/c.gif?rnd=1648906978115&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime&rf=https%3A%2F%2Ft.co%2F&tp=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72&cvs=Browser&di=7290&st.dpt=other&st.sdpt=&subcvs=finance&lng=en-us&rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&activityId=b0c3dcd388514ec1aa31f0b4d15b1f0c&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=A44D8F1B0F35410A962052D897FB37B1&MUID=20890875BA506FB020C1190FBBB76EBB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?rn=1648906978115&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-...
https://sb.scorecardresearch.com/b2?rn=1648906978115&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365...

0
191 B

8ms
8ms

Image
text/plain

13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?rn=1648906978115&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72%26content%3D1%26mkt%3Den-us&c8=Hackers+have+found+a+clever+new+way+to+steal+your+Microsoft+365+credentials&c9=https%3A%2F%2Ft.co%2F
Protocol: H2
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: UEBOyh8xczWhxRulQfpIOUeeJePX7auZhtoO3kYIzXaLwPpRQC4jGg==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?rn=1648906978115&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72%26content%3D1%26mkt%3Den-us&c8=Hackers+have+found+a+clever+new+way+to+steal+your+Microsoft+365+credentials&c9=https%3A%2F%2Ft.co%2F
date: Sat, 02 Apr 2022 13:42:57 GMT
via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
content-length: 0
x-amz-cf-id: Lj8lYhpKKxp5MycBlbLShKIfjfCVbZJzQhNfBM2TUuwA7QK1SlOGOQ==
x-cache: Miss from cloudfront

POST
H2 200 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
743 B 694ms
228ms Fetch
application/json 40.74.98.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1648906978123&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=anon
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.74.98.195 Osaka, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 139897fcf1fdce2b33e2d0938be036e9ab3fc463a6e656bdaf5f219ad7701998

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: -338
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
content-length: 153

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 43ms
7ms Image
image/x-icon 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 18:36:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68769
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Apr 2022 18:36:48 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
938 B 84ms
37ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.6851566031480942
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Sat, 02 Apr 2022 13:42:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1867657
x-guploader-uploadid: ADPycdsh8GYxEsgK5z5qzA4JGMsog7O-yGD2LI2hbU_f91x5eoUCT4GMmUwbhCfVgrJx8LU0CQ9sNf_tS6nikYPvsmc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5H1AWnmYNBZEuro5cd0Uy%2F3Wz74G2M9Lk8CZEFmWl6L2NLSeYDUokCsaAO3TTAt%2FKF136ioQbyU4faNkUyFxTTCYyZM%2B3Jl3q7ITtX%2B4Y17%2FDBdCQXHOlkwKZvpSzntt%2BQtIIXzhWAz4RKtFsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6f59fd9ff8a25a1f-MXP
expires: Fri, 11 Mar 2022 23:55:20 GMT

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/0.14.0/ 153 KB
40 KB 70ms
21ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/0.14.0/jac.js

Requested by

Host: jill.fc.yahoo.com
URL: https://jill.fc.yahoo.com/v1/client/msft/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 06:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26820
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 40241
x-amz-id-2: nc/1aOGtDgTvfLlEZGmw39ym7xhMUBnvproWfdOuE95ZA8lTrTXzXk9I/xB1z6HkWijafTGQ+FY=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Feb 2022 09:58:30 GMT
server: ATS
etag: "aa505988e9b89104864232dd5ae7e916-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, OPTIONS
x-amz-request-id: 831E9GR73QR285QM
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 vglnk.js Show response
cdn.viglink.com/api/ 81 KB
28 KB 257ms
33ms Script
text/javascript 2606:4700::6810:a20d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viglink.com/api/vglnk.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/article-page.8fdd4c4114b893b2dabf.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a20d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 386113
cf-ray: 6f59fda16a4601fc-ZRH
content-length: 28567
x-amz-id-2: 6Yxs+y7PlSdNqjg7XrJGhP2st6LBQ1KFeHyv8O0WARn4VVwRniOCZliswqhKaexZgFnyVhp9sG8=
last-modified: Wed, 02 Dec 2020 18:57:12 GMT
server: cloudflare
etag: "072eaf64a771815874455704fca9301b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: KGP1VAKDJK33792N
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 09 Apr 2022 13:42:57 GMT

GET
H2 200 MSNOBVideo.js Show response
widgets.outbrain.com/external/publishers/msn/ 8 KB
3 KB 70ms
19ms Script
application/x-javascript 69.192.161.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/external/publishers/msn/MSNOBVideo.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/article-page.8fdd4c4114b893b2dabf.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 58effe6d65ad7f3a507140d5dac108bcead9e8fadb4ba495567356276d242614

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 08:29:08 GMT
server: AkamaiNetStorage
etag: "be074f7993928049615e39354149f4e8:1645014614.171368"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 3144
expires: Sat, 02 Apr 2022 14:42:57 GMT

GET
H2

200

csw-polyfills.js Show response
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain

https://www138.civicscience.com/jspoll/4/civicscience-widget.js
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js

112 KB
36 KB

31ms
6ms

Script
application/javascript

2600:9000:223f:8e00:f:c7b3:ce40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Protocol: H2
Server: 2600:9000:223f:8e00:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19e3a90b0ba228aa92871d864d4bae3bd650a41322e63d0bcf56d631a308436b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Fri, 01 Apr 2022 17:56:29 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 17:56:12 GMT
server: AmazonS3
age: 71189
etag: W/"a447e05213d4affbde5462797da6e9a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: m8wGFF1Vi6bkTgGzawxMgEA8-zY1k1aGxdWc2uiiiyTA26b8aAVScQ==

Redirect headers

location: https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date: Sat, 02 Apr 2022 13:42:57 GMT
server: awselb/2.0
content-length: 110
content-type: text/html

GET
H2 200 AAVLn1U.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 42 KB
42 KB 114ms
114ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVLn1U.img?w=634&h=400&q=60&m=6&f=jpg&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ca32f8df67ee98ccfa4f0c9bb012b8d851c1e76b2a793e439ba616375b199511

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
last-modified: Fri, 01 Apr 2022 16:32:50 GMT
x-datacenter: westus
x-source-length: 273879
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=355771
x-activityid: 26189f9e-2d8b-45f5-8d9a-e75179c307a8
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVLn1U?w=634&h=400&q=60&m=6&f=jpg&u=t
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 43050
expires: Wed, 06 Apr 2022 16:32:28 GMT

GET
H2 200 breaking-news.20a11f027137ab1f52d4.js Show response
assets.msn.com/bundles/v1/views/latest/ 8 KB
4 KB 13ms
13ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/breaking-news.20a11f027137ab1f52d4.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d315fa85ab77a755b2b573010b3dc4b268945ced696b0495a95712132c30757c

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: aq3Xp6OKcMFgkph9Evqiig==
server-timing: 12
content-length: 3070
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:27 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B9811A365
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ebd5d5da-e01e-0076-1824-430594000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db12

GET
H2 200 modern-right-rail.9db6232b38b633186d91.js Show response
assets.msn.com/bundles/v1/views/latest/ 155 KB
41 KB 15ms
15ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.9db6232b38b633186d91.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3759610afcc9cd25f3a48273e041e347fe076542f81279b7b0bb9cdd2bdfe535

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: cXSVKIifENxKidQRnxw90Q==
server-timing: 12
content-length: 40943
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B9B2F8532
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 8577afb8-301e-000b-0424-43288f000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db1a

GET
H2 200 content-sharing-toolbar.56a7b72445201bb5e003.js Show response
assets.msn.com/bundles/v1/views/latest/ 191 KB
54 KB 17ms
17ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/content-sharing-toolbar.56a7b72445201bb5e003.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f514062ec9d77fd8bfe5574f5c5a08d9de94300c644555f7228a37f72343bbc7

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: WAJRlir0/kcnux4TTRA2kw==
server-timing: 12
content-length: 54040
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:05 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B8B062F79
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 9baebd7c-701e-00e3-1124-4365e9000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db25

GET
H2 200 feedback-link.222152698c1af1199fc1.js Show response
assets.msn.com/bundles/v1/views/latest/ 9 KB
4 KB 19ms
19ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/feedback-link.222152698c1af1199fc1.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 24dbe7fc0b738f2f19e4dfc184a425e45e5addb3e6f980b66555c1620bc4a6c0

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: Y4qdvBWAKVYhe3/K/Z9P/w==
server-timing: 12
content-length: 3435
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:20:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B858F4CD4
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: df0c2f4c-f01e-00af-2e24-4342e1000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db34

GET
H2 200 one-footer.5aa865335a4ceca75b96.js Show response
assets.msn.com/bundles/v1/views/latest/ 141 KB
40 KB 21ms
20ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/one-footer.5aa865335a4ceca75b96.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1226066c8bbb387318ee8f6a7add9919daa489c59d7024a941eb189ee2e0d1da

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: WRBUiLy7wXgnORT/xY9VWw==
server-timing: 12
content-length: 40376
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:20:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B80F821E8
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 857780a2-301e-000b-5f24-43288f000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db41

GET
H2 200 social.9b0932b624d63da02a94.js Show response
assets.msn.com/bundles/v1/views/latest/ 436 KB
122 KB 23ms
23ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/social.9b0932b624d63da02a94.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ce161964a3bf674374a21bcd3544e3504331ac97f71df4a0d2c68c25b6c9427c

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: tWLdXxN0nhWuXtYZU3ouzg==
server-timing: 12
content-length: 123878
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:20:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3E5FCEAB1
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 62ea170b-801e-0018-7a8d-44e5ab000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db4d

GET
H2 200 toast.c851ff9bc3d8abf5f2ff.js Show response
assets.msn.com/bundles/v1/views/latest/ 134 KB
38 KB 28ms
28ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/toast.c851ff9bc3d8abf5f2ff.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e6d04adc7874e5fd333e9135f94cbb696826e4f3ea38d57ef4bc9d646b72f0ab

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: CnSD7DQVYMjrWS6aRCB4PQ==
server-timing: 12
content-length: 38361
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:22 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B94F2B057
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: df0c32c9-f01e-00af-3724-4342e1000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db6b

GET
H2 200 social-subscription-banner.efe25359df3f622fc51d.js Show response
assets.msn.com/bundles/v1/views/latest/ 63 KB
16 KB 29ms
29ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/social-subscription-banner.efe25359df3f622fc51d.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7e8497aab751cdec06c166e9d6c57d5eb5c0fe5643fc2e27fd1ddee280760457

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: 7TTspxeaDAceJLlRTf+LTg==
server-timing: 12
content-length: 16002
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:19:25 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3BADD1B4E
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 6458bb31-301e-00a3-1e8d-44b6f8000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db71

GET
H2 200 social-subscription-overlay.7c29a84ca9e12c7d7d58.js Show response
assets.msn.com/bundles/v1/views/latest/ 60 KB
16 KB 30ms
30ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/social-subscription-overlay.7c29a84ca9e12c7d7d58.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 96e7d7c4e2eeb847b78c9ee5236ba68d2105c70ebe2184f1ecd72e5062bcacef

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: J/ti0Ftqe1YMrL/RhRuVoQ==
server-timing: 12
content-length: 15322
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:19:37 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3C235BDF8
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 3cc4587a-c01e-00a4-5a8d-4467f6000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db76

GET
H2 200 social-subscription-notification.a321d5754c5aba7dd83f.js Show response
assets.msn.com/bundles/v1/views/latest/ 65 KB
16 KB 30ms
30ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/social-subscription-notification.a321d5754c5aba7dd83f.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cf7e2f919b327ec140ffc96f7f8182ba6e17569b7afdab5a320073eb1730843d

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: XWmBqwdGosrM/5KVprJn+Q==
server-timing: 12
content-length: 15622
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:19:44 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3C648D858
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: a4d6b520-901e-0069-4c8d-443ca9000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db7b

GET
H2 200 social-support-result.a3f4ae4a50d432d035fa.js Show response
assets.msn.com/bundles/v1/views/latest/ 83 KB
21 KB 31ms
30ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/social-support-result.a3f4ae4a50d432d035fa.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f6219c5f24eae977c80441d4cbe1bccc947998abb24cb7a9db574f808f3f3d1e

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: roiJHz2dr0W3MBWVsuBqMg==
server-timing: 12
content-length: 21033
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:20:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3D7959C22
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ba6bc7c4-401e-0028-098d-44c4ba000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db7e

GET
H2 200 views-native-mon.fb338c200e35bfdf4ac8.js Show response
assets.msn.com/bundles/v1/views/latest/ 359 KB
81 KB 32ms
30ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/views-native-mon.fb338c200e35bfdf4ac8.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c5761e0c41730ca1366f7cd0eaf3937fee6572bb27cccfc8eb9640ed42b9e94d

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: P9wig4GSsb+3qaJW2rpOyw==
server-timing: 12
content-length: 82359
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:20:44 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B7E44D927
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: df0c2d9c-f01e-00af-4a24-4342e1000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db83

GET
H2 200 libs_feed-layout_dist_FeedLayoutCard_js-libs_feed-layout_dist_card-templates_index_js-libs_on-c3bb45.de1a2f9cecced461aebb.js Show response
assets.msn.com/bundles/v1/views/latest/ 1 MB
313 KB 35ms
34ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/libs_feed-layout_dist_FeedLayoutCard_js-libs_feed-layout_dist_card-templates_index_js-libs_on-c3bb45.de1a2f9cecced461aebb.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d2cbcbc61b5ef156bde4d9da6eabe95ab11c83c0c24f9736c9a14cdf2917adde

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: RLd5NZ0ftn3DpXTTwOeG+A==
server-timing: 12
content-length: 319041
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:20:35 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3E4CC3890
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 62ea1755-801e-0018-3c8d-44e5ab000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db8a

GET
H2 200 desktop-feed-views.27f666511405c4b7be5c.js Show response
assets.msn.com/bundles/v1/views/latest/ 781 KB
128 KB 79ms
78ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/desktop-feed-views.27f666511405c4b7be5c.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 313c05541bb5638b81b6839bf965bb523a81045ef6798e1b7e95438dbe1ec095

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: BXdUHowwr6qz3jzD5w7MLg==
server-timing: 12
content-length: 129832
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:20:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3E52C4BD4
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 3cc4589e-c01e-00a4-798d-4467f6000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db95

GET
H2 200 upnext-paddle.ed72998a5f0a25dc25bb.js Show response
assets.msn.com/bundles/v1/views/latest/ 39 KB
12 KB 79ms
78ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/upnext-paddle.ed72998a5f0a25dc25bb.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: be489cc125e404d8948226ddb5123eb4c17b7d4d59fd95715c9a21928e435d64

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: q6ri3jXHx86tpRXAstOWnA==
server-timing: 12
content-length: 11914
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B8E03209E
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 48dbdc0e-a01e-00ca-0e24-4387c9000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db9c

GET
H2 200 social-tip-promotion.8617d755abf91a570ddf.js Show response
assets.msn.com/bundles/v1/views/latest/ 61 KB
16 KB 80ms
80ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/social-tip-promotion.8617d755abf91a570ddf.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 51eaaad8222258175cfc18d73f7de6b19ebe67ac978720ae65f8abbc8b6c9077

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: 8GDK7yS2XN2bcxbVRdSllw==
server-timing: 12
content-length: 16058
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:19:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3BA1184BD
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: fbefdef5-801e-0070-3f8d-44ff98000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3db9e

GET
H2 200 icon-assets-TextExpand.f5950aceb1e841f3922b.js Show response
assets.msn.com/bundles/v1/views/latest/ 2 KB
2 KB 96ms
95ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/icon-assets-TextExpand.f5950aceb1e841f3922b.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b03169a6a850e23b5a2c4d33ba7a4cad2c4a9b218658c2ea69b93b2b7b9f926b

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: dNkDq2rzwaaUiZA5cec4QQ==
server-timing: 12
content-length: 948
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:20:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B86547B9F
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: c03c8c32-a01e-009e-5824-4348f2000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3dba2

POST
H2 200 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
425 B 808ms
444ms Fetch
application/json 40.74.98.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1648906978224&w=0&anoncknm=anon
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.74.98.195 Osaka, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: e6b3a501b1aff8f42773f774ad81c7d96e76c628a7b2a4a3c244ca34a9ea011c

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: -439
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
content-length: 153

GET
H2 204 pv Show response
api.btloader.com/ 0
96 B 293ms
114ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=Iy23ioydRV&w=5671737388695552&o=6208086025961472&cv=2.0.3-5-ge73c7a6&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=6208086025961472&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Apr 2022 13:42:57 GMT
cache-control: no-cache, no-store, must-revalidate
vary: Origin
alt-svc: clear
via: 1.1 google

GET
H2 200 AA157JY Show response
assets.msn.com/breakingnews/v1/cms/api/amp/article/ 5 KB
3 KB 71ms
70ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/breakingnews/v1/cms/api/amp/article/AA157JY
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/breaking-news.20a11f027137ab1f52d4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 6d3380857d4a4b0fa3970ebc344ce81d5d6831223cb27f77bbd7a8918a26aab6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

appex-activity-id: d067d0fa-8456-4c41-919e-9d6dc5e65ef7
content-encoding: gzip
etag: W/"36869"
access-control-allow-origin: https://www.msn.com
x-cms-tenant: amp
x-cms-servicelocation: eastus:0
x-cms-type: article
x-cms-documentid: AA157JY
server-timing: 14
ms-cv: mnZrTcjnf0GyhPIr7MVx3Q.0
content-length: 2582
x-trace-context: {"ActivityId":"d067d0fa-8456-4c41-919e-9d6dc5e65ef7"}
x-cms-version: 10865
last-modified: Fri, 01 Apr 2022 23:16:53 GMT
server: Microsoft-HTTPAPI/2.0
date: Sat, 02 Apr 2022 13:42:57 GMT
vary: Origin
content-type: application/json; charset=utf-8
x-cms-executiontimeinmilliseconds: 48
access-control-expose-headers: X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control: max-age=30
akamai-server-ip: 23.36.161.81
akamai-request-id: 40b3dc0e
x-cms-documentstoragetier: Cache
x-cms-state: Published

GET
H2 200 feedback-data-connector.07fffa19c38bdc96a8b6.js Show response
assets.msn.com/bundles/v1/views/latest/ 2 KB
1 KB 67ms
67ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/feedback-data-connector.07fffa19c38bdc96a8b6.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 62fab6266a1f0a3b62122b1098c1633e6b5757afb3ede43d238234b14f06940d

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: WTt3RNTaimxTlMBE8+DOyA==
server-timing: 14
content-length: 693
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:34 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B9BF7E7E1
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 85778114-301e-000b-4124-43288f000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3dc24

GET
H2 200 publisher-carousel.15e6357425fb2193f3e8.js Show response
assets.msn.com/bundles/v1/views/latest/ 50 KB
14 KB 29ms
29ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/publisher-carousel.15e6357425fb2193f3e8.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9e685a481050084addb59ca2727fef53137b1ce96e9d73dbdb58f14a82a50614

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: cmcX4X6YbiPplpOeYB5aJw==
server-timing: 24
content-length: 13838
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:42 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113BA0AA37FE
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: c2411977-b01e-0003-0524-43709e000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3dcd2

GET
H2 200 sp-frame.html Show response
tag.idsync.analytics.yahoo.com/ Frame 4BBE 8 KB
3 KB 98ms
17ms Document
text/html 152.195.51.15
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Ft.co%2F
Requested by: Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lhb/6309) /
Resource Hash: e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age: 88
content-encoding: gzip
content-length: 3220
content-type: text/html
date: Sat, 02 Apr 2022 13:42:57 GMT
etag: "324f9bb044d7d71fa083c18b96aa4662+gzip"
last-modified: Wed, 18 Aug 2021 13:17:52 GMT
server: ECS (lhb/6309)
vary: Accept-Encoding
x-amz-id-2: pACtTCb57M9TqE0iI2zME+wlIyar4VUZKX1/2qTtMuh3w4chircoY3QQLSOAe+3L5CTRoKKaojA=
x-amz-request-id: 4DN820Q3VEAXCDPW
x-amz-server-side-encryption: AES256
x-cache: HIT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
123 B 121ms
31ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=MSFT

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
via: http/1.1 spdc0101.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8

GET
H2 200 social-data-connector.cca7fce74faca8c94520.js Show response
assets.msn.com/bundles/v1/views/latest/ 60 KB
15 KB 14ms
14ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/social-data-connector.cca7fce74faca8c94520.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e0548ca9881f20d20bbd4833178af6ef50db0b65f9733d3a95f08d0caf06e00a

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: FXxmBTOjs1QQw1FTgwDyZA==
server-timing: 13
content-length: 14829
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:20:50 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B81B90B92
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ebd5d615-e01e-0076-4c24-430594000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3ddaf

OPTIONS
H2 200 auction
srtb.msn.com/ Frame 0
0 123ms
74ms Preflight 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srtb.msn.com/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.dc-msedge.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
Access-Control-Request-Method: POST
Origin: https://www.msn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
access-control-allow-origin: https://www.msn.com
access-control-max-age: 86400
content-length: 0
date: Sat, 02 Apr 2022 13:42:57 GMT
vary: Origin
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 63BECE4F40C644059C26868B3544E6D3 Ref B: VIEEDGE3016 Ref C: 2022-04-02T13:42:57Z

OPTIONS
H2 200 auction
srtb.msn.com/ Frame 0
0 121ms
74ms Preflight 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srtb.msn.com/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.dc-msedge.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
Access-Control-Request-Method: POST
Origin: https://www.msn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
access-control-allow-origin: https://www.msn.com
access-control-max-age: 86400
content-length: 0
date: Sat, 02 Apr 2022 13:42:57 GMT
vary: Origin
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2441189EBC414B519BD78D8DE5C45555 Ref B: VIEEDGE3016 Ref C: 2022-04-02T13:42:57Z

GET
H2 200 BBI4MeJ Show response
assets.msn.com/content/v1/cms/api/amp/Document/ 14 KB
5 KB 14ms
14ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.msn.com/content/v1/cms/api/amp/Document/BBI4MeJ

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.9db6232b38b633186d91.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-109.deploy.static.akamaitechnologies.com

Software

Resource Hash

138f05026efb86a1336204e2af8edcb6402b0f41d62532d0e9f0dda672bf78b5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-cms-state: Published
appex-activity-id: 6b95149e-1358-4a85-99ad-eb33ab437338
content-encoding: gzip
etag: W/"15088"
access-control-allow-origin: https://www.msn.com
x-cms-tenant: amp
x-cms-servicelocation: eastus:5
x-cms-type: list
x-cms-documentid: BBI4MeJ
server-timing: 12
ms-cv: bWGVeJOrFEG9sK36CgUi7Q.0
content-length: 4373
x-trace-context: {"ActivityId":"6b95149e-1358-4a85-99ad-eb33ab437338"}
x-cms-version: 3244
last-modified: Sat, 02 Apr 2022 13:31:01 GMT
x-frame-options: deny
date: Sat, 02 Apr 2022 13:42:57 GMT
vary: Origin
content-type: application/json; charset=utf-8
x-cms-executiontimeinmilliseconds: 5
access-control-expose-headers: X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control: max-age=900
akamai-server-ip: 23.36.161.81
akamai-request-id: 40b3ded4
x-cms-documentstoragetier: Cache
expires: Sat, 02 Apr 2022 13:57:57 GMT

GET
H2 200 BBI4MeJ Show response
assets.msn.com/content/v1/cms/api/amp/Document/ 14 KB
5 KB 16ms
15ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.msn.com/content/v1/cms/api/amp/Document/BBI4MeJ

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.9db6232b38b633186d91.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-109.deploy.static.akamaitechnologies.com

Software

Resource Hash

138f05026efb86a1336204e2af8edcb6402b0f41d62532d0e9f0dda672bf78b5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-cms-state: Published
appex-activity-id: 6b95149e-1358-4a85-99ad-eb33ab437338
content-encoding: gzip
etag: W/"15088"
access-control-allow-origin: https://www.msn.com
x-cms-tenant: amp
x-cms-servicelocation: eastus:5
x-cms-type: list
x-cms-documentid: BBI4MeJ
server-timing: 12
ms-cv: bWGVeJOrFEG9sK36CgUi7Q.0
content-length: 4373
x-trace-context: {"ActivityId":"6b95149e-1358-4a85-99ad-eb33ab437338"}
x-cms-version: 3244
last-modified: Sat, 02 Apr 2022 13:31:01 GMT
x-frame-options: deny
date: Sat, 02 Apr 2022 13:42:57 GMT
vary: Origin
content-type: application/json; charset=utf-8
x-cms-executiontimeinmilliseconds: 5
access-control-expose-headers: X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control: max-age=900
akamai-server-ip: 23.36.161.81
akamai-request-id: 40b3dee4
x-cms-documentstoragetier: Cache
expires: Sat, 02 Apr 2022 13:57:57 GMT

POST
H2 204 auction Show response
srtb.msn.com/ 0
205 B 291ms
291ms XHR
text/plain 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://srtb.msn.com/auction

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-MSEdge-ClientID: 20890875BA506FB020C1190FBBB76EBB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
x-ms-flightId: msnallexpusers,muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
Content-Type: application/json
Cache-Control: no-cache
Referer: https://www.msn.com/
X-MSEdge-Market: en-us

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B55EB23C68E43AD8CFA82C215828FA7 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:57Z
vary: Origin
x-cache: CONFIG_NOCACHE
access-control-allow-origin: https://www.msn.com
access-control-allow-credentials: true
server-timing: total;dur=231
timing-allow-origin: https://www.msn.com

POST
H2 200 auction Show response
srtb.msn.com/ 11 KB
5 KB 378ms
377ms XHR
application/json 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://srtb.msn.com/auction

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

88f6dc09d34855b593846049b0096cf4b525f4840fc3666d96864aa823d6638c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-MSEdge-ClientID: 20890875BA506FB020C1190FBBB76EBB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
x-ms-flightId: msnallexpusers,muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
Content-Type: application/json
Cache-Control: no-cache
Referer: https://www.msn.com/
X-MSEdge-Market: en-us

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F30405CCA95F4EAD8070B50444480E0D Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:57Z
vary: Origin,Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-allow-credentials: true
server-timing: total;dur=325
timing-allow-origin: https://www.msn.com

GET
H2 200 js Show response
jill.fc.yahoo.com/v2/ads/ 6 KB
2 KB 448ms
448ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22params%22%3A%7B%22msft_jac%22%3A%221%22%2C%22msft_providerid%22%3A%22B4PIWQLC5%22%2C%22msft_rid%22%3A%22b0c3dcd388514ec1aa31f0b4d15b1f0c%22%2C%22msft_ext_inv_cd%22%3A%22us%22%2C%22msft_muid%22%3A%2220890875BA506FB020C1190FBBB76EBB%22%2C%22msft_pagetype%22%3A%22article%22%7D%2C%22region%22%3A%22US%22%2C%22adClientId%22%3A%221002%22%7D%7D%2C%22positions%22%3A%7B%22banner1_8a767c1_01%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221648906978420%7C632860827935129300%22%2C%22msft_refresh%22%3A%220%22%7D%2C%22alias%22%3A%22FINUSEN12%22%2C%22sizes%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22MSN-enus%22%2C%22pageSessionId%22%3A%2258364f6f7%22%2C%22referrer%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A4%2C%22applies%22%3A0%7D%7D%7D%2C%22requestId%22%3A1%2C%22metrics%22%3Atrue%7D

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

01fb8855a14c95eac5b8a1f781a0c079ea3a9e657fd486b1d99712add5a554ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store
strict-transport-security: max-age=15552000
x-robots-tag: noindex, noarchive, nosnippet, nofollow
x-content-type-options: nosniff
x-request-id: 28e9c294fd56fc145d0105302ffde7ff7a2858

POST
H2 200 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
426 B 582ms
443ms Fetch
application/json 40.74.98.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1648906978450&w=0&anoncknm=anon
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.74.98.195 Osaka, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 5ce0b2321b837220dee1771c725edc58e96fb800bfc2155a1b2f45a189a6fcbe

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: -665
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
content-length: 153

GET
H2 200 me Show response
assets.msn.com/service/MSN/Feed/ 92 KB
29 KB 290ms
289ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/MSN/Feed/me?$top=30&DisableTypeSerialization=true&activityId=B0C3DCD3-8851-4EC1-AA31-F0B4D15B1F0C&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&contentType=article,video,slideshow,webcontent&fdhead=msnallexpusers,muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth&infopaneCount=10&location=50.1109|8.6795&market=en-us&ocid=windows-windowshp-feeds&queryType=myfeed&responseSchema=cardview&timeOut=1000&user=m-20890875BA506FB020C1190FBBB76EBB&wrapodata=false
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 253a8b0121ff6a85212da6d8b733d4bb510d5b69d3d766762e04cd1a819ab9db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,1s-brsagexfee3,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,1s-brsageapcc0,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-wpo-ampwhprr,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,f-rel-all,blockdedupc,ads-msxdedupc,prg-wtchsocial-c,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-skic,prg-1sw-newsskip,prg-1sw-nwrc,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,ads-lockerdome,prg-spr-c-c0317,prg-spr-wpop,prg-shp-wpo-ts2,prg-sh-wpo,prg-spr-ewpot,prg-spr-shpwpoon,prg-spr-mo2c1,prg-sh-muct01,prg-spr-spddpfm,prg-spr-sbprnk2,prg-psovhigh1,prg-1sw-cldp1,prg-1sw-rcmdint,prg-1sw-splog,artglyrank1cf,artglyrank2cf,1s-brsageccl0tpb,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-sh-afgl-cm,prg-sh-affs,prg-sh-afpdps,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 04/02/2022 13:42:57,4/2/2022 1:42:57 PM
x-msedge-ref: Ref A: 4CD2FFE6CDA74C6C82923C6953595E5A Ref B: FRA31EDGE0210 Ref C: 2022-04-02T13:42:57Z
ddd-strategyexecutionlatency: 00:00:00.2429424
ddd-feedfeatures: 0101010001010101010000000000000000
ddd-servername: 8F67791047A3
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 244
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 244
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:57 GMT
date: Sat, 02 Apr 2022 13:42:57 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: MSN_FeedsNoCacheReadStrategy
ddd-usertype: AnonymousMuid
ddd-tmpl: MyFeed;Static:1;PageViewCount0;TSv3:50;0;60;ULatLon50.11:8.68;SageUser:0;SageUserStatus:0_0_0_0;TileID:u0yj;RR:0
server-timing: 12
content-length: 24955
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,platagyhz3=1s-brsagexfee3,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,sagenl2=1s-brsageapcc0,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid12=prg-wpo-ampwhprr,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,2z88=f-rel-all,anaheimmuidads1=blockdedupc,30jn=prg-wtchsocial-c,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-skic,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-c-c0317,wfeedsmuidshop6=prg-spr-wpop,wfeedsmuidshop7=prg-spr-mo2c1,wfeedsmuidshop8=prg-spr-spddpfm,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo2=prg-psovhigh1,wfeedsmuidwpo5=prg-1sw-cldp1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,artglyrank5=1s-brsageccl0tpb,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3nvk=prg-sh-afgl-cm,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset: 0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:2wAA;
ddd-activityid: 970aa3ed-fa5e-4697-8f59-aacc2f61f896
ddd-storeexecutionlatency: 00:00:00.2411816,00:00:00.2411870
ddd-datastore: MSN_ContentFeedDataStore,MSN_ContentFeedDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3dff5

GET
H2 200 feedback-dialog.38aef61742ee124d5bd2.js Show response
assets.msn.com/bundles/v1/views/latest/ 98 KB
24 KB 22ms
21ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/feedback-dialog.38aef61742ee124d5bd2.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2bdefd42be2431a3cc7a504e425366560be3a86ef8f85ef1f94b8d718dc09fc4

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: yZ0xIARUecbe9gJMmzcbCw==
server-timing: 12
content-length: 24166
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B897B0E9C
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: f30b6d70-901e-00d1-1d24-4312fc000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3e021

GET
H2 200 viewspage Show response
assets.msn.com/service/news/feed/pages/ 62 KB
20 KB 467ms
467ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/news/feed/pages/viewspage?market=en-us&activityId=B0C3DCD3-8851-4EC1-AA31-F0B4D15B1F0C&timeOut=3000&ocid=winp1&fdhead=1s-bing-news,1s-br30min,1s-fcrypt,1s-maps-latlongkey,1s-pagesegservice,1s-winauthservice,1s-winsegservice,prg-1s1-cryptd,prg-1sw-accu10,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-grevtt,prg-1sw-hdukr,prg-1sw-l2icon,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-1sw-nen3di,prg-1sw-newsskip,prg-1sw-pbpf1,prg-1sw-pr2ctlal,prg-1sw-sp5mats,prg-1sw-sphfdycf,prg-1sw-sphn2msn,prg-1sw-sphnmsnncf,prg-1sw-splog,prg-1sw-wlsmy3,prg-adspeek,prg-cookiesync,prg-hprewflyout-t,prg-ias,prg-ms-cloud,prg-ndauthrf2,prg-nodualauth,prg-psovhigh1,prg-rsum-t1,prg-sh-adn,prg-sh-synadnt,prg-wea-skipauth,prg-wx-anmprns&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ContentId=AAVLkH5&User=m-20890875BA506FB020C1190FBBB76EBB&$skip=2
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e38cef45a69ad24195b10c006b6e30697f6316d847e039d623a75307b566380e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: vebudumu04302020,btrecenus,iframeflex,prg-adspeek,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-hprewflyout-t,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-nwrc,prg-1sw-l2icon,1s-fcrypt,ads-lockerdome,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-hdukr,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:57 PM
x-msedge-ref: Ref A: 8564D23471E34986BA32AEE713751C47 Ref B: PRG01EDGE1015 Ref C: 2022-04-02T13:42:57Z
ddd-strategyexecutionlatency: 00:00:00.3739393
server-timing: 18
ddd-servername: 69701EC08B1F
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: public, max-age=300
x-msedge-responseinfo: 375
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 375
x-as-suppresssetcookie: 1
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: News_PageFeedReadStrategy
ddd-usertype: AnonymousMuid
ddd-tmpl: RR:0;RA:OB;XFeed;TileID:u0yj;SageUser:0;PageViewCount0
content-length: 17634
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: 1ilc=vebudumu04302020,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuidheader2=prg-hprewflyout-t,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3fnb=prg-1sw-nwrc,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k7y=ads-lockerdome,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mi0=prg-1sw-hdukr,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset: 0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:wgAA;
ddd-activityid: 552dde12-26e6-4792-b97e-5251d944c3d2
ddd-storeexecutionlatency: 00:00:00.3738940
ddd-datastore: News_PageFeedDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3e38a

GET
H2 200 MSNIdSyncV2.js Show response
widgets.outbrain.com/external/publishers/msn/ 6 KB
3 KB 44ms
16ms Script
application/x-javascript 69.192.161.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/external/publishers/msn/MSNIdSyncV2.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/desktop-feed-views.27f666511405c4b7be5c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b48f2def77b84b755922137b3d66ff03e57fe33e409802f997f290ef61f2faf2

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 08:29:08 GMT
server: AkamaiNetStorage
etag: "3f82249d573ae707d40bb55475569bd1:1645014611.876635"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2535
expires: Sat, 02 Apr 2022 17:42:57 GMT

POST
H/1.1 200
OK ping Show response
api.viglink.com/api/ 13 B
456 B 138ms
33ms XHR
text/javascript 34.250.51.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.viglink.com/api/ping
Requested by: Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.51.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-51-110.eu-west-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: 3c4f901bc8de3a31ca9d3620c31ca5fafd927a2aab575a77194786bd62ab21ca

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:57 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.msn.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 13
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 social-tip-selection.df7571b6507395b58476.js Show response
assets.msn.com/bundles/v1/views/latest/ 57 KB
17 KB 14ms
14ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/social-tip-selection.df7571b6507395b58476.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 10cf2d6611c92c88fd490bbd6c6a3b69fe0c80c3928cc038d48ce98d109a071b

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: Qn61IWy+y73eUOHFPE5Sfg==
server-timing: 18
content-length: 16376
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:20:08 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3D491A712
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ba6bcb7c-401e-0028-318d-44c4ba000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3e680

GET
H2 200 icon-assets-ShareV2.5504bf6eb86509df3888.js Show response
assets.msn.com/bundles/v1/views/latest/ 2 KB
2 KB 14ms
13ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/icon-assets-ShareV2.5504bf6eb86509df3888.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a89d7be30eb4c563639c892b204bad691b41b277e010daa4ca96591cb2e22bbd

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:57 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: h0ebBiYgmw5cCHamNo+Zzg==
server-timing: 13
content-length: 1359
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:29 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B98EC52E2
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 48dbdca6-a01e-00ca-0a24-4387c9000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3e702

GET
H2 200 AANokZv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 37ms
36ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AANokZv.img?w=56&h=56&q=60&m=6&f=jpg&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e17363169bcf25587a6451a2fc5cbabe8acc31f40269636708b0ed2e59156eb9

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Sat, 02 Apr 2022 12:40:34 GMT
x-datacenter: eastus
x-source-length: 113092
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=428351
x-activityid: 5d40ebca-30a7-4fb3-b7ea-fc27a4c77226
content-location: https://img.s-msn.com/tenant/amp/entityid/AANokZv?w=56&h=56&q=60&m=6&f=jpg&u=t
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 1743
expires: Thu, 07 Apr 2022 12:42:09 GMT

GET
H2 200 AAVMSp8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 22ms
21ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVMSp8.img?w=56&h=56&q=60&m=6&f=jpg&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6e12f10584a36229a2dead8dba4d96a02554fb575a2c371f79af307bd7889a0c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:57 GMT
last-modified: Sat, 02 Apr 2022 12:40:34 GMT
x-datacenter: westus
x-source-length: 558039
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=428206
x-activityid: 0405eb7f-c58a-4c46-b287-dd0e6db42007
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVMSp8?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length: 1590
expires: Thu, 07 Apr 2022 12:39:43 GMT

GET
H2 200 AAVMvTu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
2 KB 55ms
54ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVMvTu.img?w=56&h=56&q=60&m=6&f=jpg&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3258c8de2537d9554a16976aa366b9cc9dfde1ba464ce9a9a500c20b0ad4301

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Sat, 02 Apr 2022 11:04:33 GMT
x-datacenter: westus
x-source-length: 464263
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=422525
x-activityid: 392c099f-0c2e-4858-8181-e4257af946b6
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVMvTu?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length: 1284
expires: Thu, 07 Apr 2022 11:05:03 GMT

GET
H2 200 BBsDH6t.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
2 KB 29ms
29ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBsDH6t.img?w=56&h=56&q=60&m=2&f=jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3e8922397c7f9f79ffa777dd19010d03d1e4814477a45d22701dd7e64f3cee81

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Wed, 30 Mar 2022 03:54:48 GMT
x-datacenter: eastap
x-source-length: 16004
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=137555
x-activityid: 74cd27b7-9950-4fc3-ba14-b7002a1e2687
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/BBsDH6t?w=56&h=56&q=60&m=2&f=jpg
content-length: 1264
expires: Mon, 04 Apr 2022 03:55:33 GMT

GET
H2 200 me Show response
assets.msn.com/service/community/users/ 198 B
4 KB 47ms
46ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/users/me?version=1.1&profile=social&verify=false&market=en-us&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 997449c9eb2b80cc876bad6762c49fe81549bbf87c1a914b8279bd5b9beef813

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,1s-brsagexfee3,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,1s-brsageapcc0,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-wpo-ampwhprr,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,f-rel-all,blockdedupc,ads-msxdedupc,prg-wtchsocial-c,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-skic,prg-1sw-newsskip,prg-1sw-nwrc,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,ads-lockerdome,prg-spr-c-c0317,prg-spr-wpop,prg-shp-wpo-ts2,prg-sh-wpo,prg-spr-ewpot,prg-spr-shpwpoon,prg-spr-mo2c1,prg-sh-muct01,prg-spr-spddpfm,prg-spr-sbprnk2,prg-psovhigh1,prg-1sw-cldp1,prg-1sw-rcmdint,prg-1sw-splog,artglyrank1cf,artglyrank2cf,1s-brsageccl0tpb,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-sh-afgl-cm,prg-sh-affs,prg-sh-afpdps,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: 2E78F6567F1C483598BA7EEA5EA5CAB5 Ref B: FRA31EDGE0210 Ref C: 2022-04-02T13:42:57Z
ddd-strategyexecutionlatency: 00:00:00.0000825
server-timing: 12
ddd-servername: 450657F2362D
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 0
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 0
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 158
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,platagyhz3=1s-brsagexfee3,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,sagenl2=1s-brsageapcc0,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid12=prg-wpo-ampwhprr,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,2z88=f-rel-all,anaheimmuidads1=blockdedupc,30jn=prg-wtchsocial-c,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-skic,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-c-c0317,wfeedsmuidshop6=prg-spr-wpop,wfeedsmuidshop7=prg-spr-mo2c1,wfeedsmuidshop8=prg-spr-spddpfm,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo2=prg-psovhigh1,wfeedsmuidwpo5=prg-1sw-cldp1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,artglyrank5=1s-brsageccl0tpb,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3nvk=prg-sh-afgl-cm,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: f2ef1d0d-608f-438b-b7a0-82eea8bec89d
ddd-storeexecutionlatency: 00:00:00.0000585
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3e76f

GET
H2 200 / Show response
assets.msn.com/service/community/urls/ 7 KB
5 KB 78ms
78ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/urls/?cmsid=AAVLkH5&market=en-us&version=1.1&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: aed94dbd0b0aa5fd69d0234d68e21b189b5b80d611e40d838ad280ec9539a9ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,1s-brsagexfee3,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,1s-brsageapcc0,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-wpo-ampwhprr,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,f-rel-all,blockdedupc,ads-msxdedupc,prg-wtchsocial-c,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-skic,prg-1sw-newsskip,prg-1sw-nwrc,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,ads-lockerdome,prg-spr-c-c0317,prg-spr-wpop,prg-shp-wpo-ts2,prg-sh-wpo,prg-spr-ewpot,prg-spr-shpwpoon,prg-spr-mo2c1,prg-sh-muct01,prg-spr-spddpfm,prg-spr-sbprnk2,prg-psovhigh1,prg-1sw-cldp1,prg-1sw-rcmdint,prg-1sw-splog,artglyrank1cf,artglyrank2cf,1s-brsageccl0tpb,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-sh-afgl-cm,prg-sh-affs,prg-sh-afpdps,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: AD653A54901940E7850990145F93988C Ref B: PRG01EDGE0715 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0018883
server-timing: 12
ddd-servername: FD0AD047A749
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: public, max-age=60
x-msedge-responseinfo: 2
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 2
x-as-suppresssetcookie: 1
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 1467
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,platagyhz3=1s-brsagexfee3,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,sagenl2=1s-brsageapcc0,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid12=prg-wpo-ampwhprr,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,2z88=f-rel-all,anaheimmuidads1=blockdedupc,30jn=prg-wtchsocial-c,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-skic,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-c-c0317,wfeedsmuidshop6=prg-spr-wpop,wfeedsmuidshop7=prg-spr-mo2c1,wfeedsmuidshop8=prg-spr-spddpfm,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo2=prg-psovhigh1,wfeedsmuidwpo5=prg-1sw-cldp1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,artglyrank5=1s-brsageccl0tpb,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3nvk=prg-sh-afgl-cm,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: e7f9c75c-2b2f-4219-a331-262f1a8ae27a
ddd-storeexecutionlatency: 00:00:00.0018597
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3e778

GET
H2 200 js Show response
jill.fc.yahoo.com/v2/ads/ 6 KB
2 KB 136ms
136ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.14.0&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22params%22%3A%7B%22msft_jac%22%3A%221%22%2C%22msft_providerid%22%3A%22B4PIWQLC5%22%2C%22msft_rid%22%3A%22b0c3dcd388514ec1aa31f0b4d15b1f0c%22%2C%22msft_ext_inv_cd%22%3A%22us%22%2C%22msft_muid%22%3A%2220890875BA506FB020C1190FBBB76EBB%22%2C%22msft_pagetype%22%3A%22article%22%7D%2C%22region%22%3A%22US%22%2C%22adClientId%22%3A%221002%22%7D%7D%2C%22positions%22%3A%7B%22rectangle1_e8db_11%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221648906978895%7C745067526028587300%22%2C%22msft_refresh%22%3A%220%22%7D%2C%22alias%22%3A%22FINUSEN11%22%2C%22sizes%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22MSN-enus%22%2C%22pageSessionId%22%3A%2258364f6f7%22%2C%22referrer%22%3A%22https%3A%2F%2Ft.co%2F%22%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A4%2C%22applies%22%3A0%7D%7D%7D%2C%22requestId%22%3A2%2C%22metrics%22%3Atrue%7D

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

a4cd674e88165dbf2ee6d51d5499070cca16a29548b874758f5e15895baf5643

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store
strict-transport-security: max-age=15552000
x-robots-tag: noindex, noarchive, nosnippet, nofollow
x-content-type-options: nosniff
x-request-id: 26a445699e89464719ae768ae42b1ed07f2859

GET
H2 404 user Show response
assets.msn.com/service/msn/ 74 B
4 KB 47ms
47ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/msn/user?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=B0C3DCD3-8851-4EC1-AA31-F0B4D15B1F0C&ocid=Peregrine&market=en-us&user=m-20890875BA506FB020C1190FBBB76EBB&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 612536c784a4f93e935879bb68c6508d30b783407214239e3fdad3a046c2f41b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,1s-brsagexfee3,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,1s-brsageapcc0,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-wpo-ampwhprr,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,f-rel-all,blockdedupc,ads-msxdedupc,prg-wtchsocial-c,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-skic,prg-1sw-newsskip,prg-1sw-nwrc,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,ads-lockerdome,prg-spr-c-c0317,prg-spr-wpop,prg-shp-wpo-ts2,prg-sh-wpo,prg-spr-ewpot,prg-spr-shpwpoon,prg-spr-mo2c1,prg-sh-muct01,prg-spr-spddpfm,prg-spr-sbprnk2,prg-psovhigh1,prg-1sw-cldp1,prg-1sw-rcmdint,prg-1sw-splog,artglyrank1cf,artglyrank2cf,1s-brsageccl0tpb,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-sh-afgl-cm,prg-sh-affs,prg-sh-afpdps,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM,4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: E5FB826C1AD846A79E73820F98CDC880 Ref B: FRA31EDGE0615 Ref C: 2022-04-02T13:42:57Z
ddd-strategyexecutionlatency: 00:00:00.0019147,00:00:00.0021136
server-timing: 12
ddd-servername: 6BAA5D15EA99,6BAA5D15EA99
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 2
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 2
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Graph_AipUserAndActionReadStrategy,Graph_BestNewsReadStrategy
ddd-usertype: AnonymousMuid
content-length: 92
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,platagyhz3=1s-brsagexfee3,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,sagenl2=1s-brsageapcc0,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid12=prg-wpo-ampwhprr,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,2z88=f-rel-all,anaheimmuidads1=blockdedupc,30jn=prg-wtchsocial-c,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-skic,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-c-c0317,wfeedsmuidshop6=prg-spr-wpop,wfeedsmuidshop7=prg-spr-mo2c1,wfeedsmuidshop8=prg-spr-spddpfm,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo2=prg-psovhigh1,wfeedsmuidwpo5=prg-1sw-cldp1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,artglyrank5=1s-brsageccl0tpb,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3nvk=prg-sh-afgl-cm,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: 49537683-1328-453b-9f90-2be414dc1aef
ddd-storeexecutionlatency: 00:00:00.0018687,00:00:00.0020842
ddd-datastore: Graph_UserAndActionAipStore,Graph_BestNewsDataStoreGraph
access-control-allow-credentials: true
akamai-request-id: 40b3e787

GET
H2 200 Actions Show response
assets.msn.com/service/Graph/ 79 B
2 KB 49ms
48ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/Graph/Actions?%24filter=actionType+eq+%27Save%27+and+targetId+eq+%27AAVLkH5%27&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=B0C3DCD3-8851-4EC1-AA31-F0B4D15B1F0C&ocid=feeds&market=en-us&user=m-20890875BA506FB020C1190FBBB76EBB&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/content-sharing-toolbar.56a7b72445201bb5e003.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 04f1e1c9f69347bbe7ba328d9ec45ab0f4f67a22e0e33258ca488a479d117c36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: vebudumu04302020,btrecenus,iframeflex,prg-adspeek,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-hprewflyout-t,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-nwrc,prg-1sw-l2icon,1s-fcrypt,ads-lockerdome,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-hdukr,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: CAA6C3CD80B04BE084A13206EF3C3B2F Ref B: FRA31EDGE0219 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0019795
server-timing: 13
ddd-servername: 5B836ACC0858
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 2
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 2
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Graph_BestNewsReadStrategy
ddd-usertype: AnonymousMuid
content-length: 97
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: 1ilc=vebudumu04302020,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuidheader2=prg-hprewflyout-t,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3fnb=prg-1sw-nwrc,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k7y=ads-lockerdome,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mi0=prg-1sw-hdukr,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: 35770832-4050-40c4-bf91-7c708e8d85b4
ddd-storeexecutionlatency: 00:00:00.0019580
ddd-datastore: Graph_BestNewsDataStoreGraph
access-control-allow-credentials: true
akamai-request-id: 40b3e79c

GET
H2 200 roboto-v20-latin-500.woff2
assets.msn.com/statics/fonts/ 16 KB
16 KB 18ms
17ms Font
font/woff2 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/statics/fonts/roboto-v20-latin-500.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing: 13
content-length: 15895
last-modified: Thu, 01 Oct 2020 00:44:04 GMT
server: AkamaiNetStorage
etag: "020c97dc8e0463259c2f9df929bb0c69:1601513044.306165"
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: font/woff2
access-control-allow-origin: https://www.msn.com
cache-control: public, max-age=31536000
akamai-server-ip: 23.36.161.81
accept-ranges: bytes
timing-allow-origin: *
akamai-request-id: 40b3e7a5
access-control-allow-credentials: true

GET
H2 200 meBoot.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 155 KB
28 KB 9ms
9ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meBoot.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=msnews&market=en-us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 20 Jan 2022 20:37:20 GMT
x-azure-ref-originshield: 0N61HYgAAAABUr9WVWjiZQ4a/AAdzosLrQU1TMDRFREdFMTkwNgBlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag: "1d80e809377acb6"
x-azure-ref: 04lJIYgAAAABr0pB/FaXTTJUGROMiPG76RlJBRURHRTEwMTIAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
date: Sat, 02 Apr 2022 13:42:57 GMT
x-ua-compatible: IE=edge

GET
H2 200 AAVL0LY
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 19 KB
19 KB 14ms
13ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVL0LY?w=624&h=350&q=60&m=6&f=jpg&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0799f48dbcb8c23f0b4de3ba07730c6a021efe64db360a0d0c4d6babbb8d9e70

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Fri, 01 Apr 2022 15:01:02 GMT
x-datacenter: westus
x-source-length: 109435
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=350232
x-activityid: 582edddf-842b-46ad-9ab2-e129be42bcc7
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVL0LY?w=624&h=350&q=60&m=6&f=jpg&u=t
content-length: 19187
expires: Wed, 06 Apr 2022 15:00:10 GMT

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 4BBE 38 B
211 B 56ms
13ms XHR
application/json 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=undefined&euconsent=undefined&us_privacy=undefined&referrer=https%3A%2F%2Ft.co%2F

Requested by

Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Ft.co%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tag.idsync.analytics.yahoo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: https://tag.idsync.analytics.yahoo.com
cache-control: no-cache
access-control-allow-credentials: true

POST
H/1.1 200
OK uidmap Show response
sync.outbrain.com/ 90 B
729 B 376ms
89ms XHR
application/json 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.outbrain.com/uidmap
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/external/publishers/msn/MSNIdSyncV2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 4f73b1bce34df24e144885f281670feb99af0983d666810d309ac36bf0b1456d

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
Content-Type: application/json
Access-Control-Allow-Origin: https://www.msn.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-TraceId: e2eeef0bcc42c70c98ddf305c120cadb
Content-Length: 115

GET
H/1.1 200
OK /
b1sync.zemanta.com/usersync/msn/ 26 B
127 B 448ms
113ms Image
image/gif 50.31.142.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/msn/?puid=20890875BA506FB020C1190FBBB76EBB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.63 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:58 GMT
Content-Length: 26
Content-Type: image/gif

POST
H2 200 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
426 B 223ms
222ms Fetch
application/json 40.74.98.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1648906978978&w=0&anoncknm=anon
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.74.98.195 Osaka, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 2226479588931c475132ca831f2ec435e5bd97cc10583ce427633d110e96be2b

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: -803
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
content-length: 153

GET
H2 200 AAyWcN3.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 731 B
1 KB 23ms
22ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAyWcN3.img?w=16&h=16&q=60&m=6&f=jpg&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b8cc3e13cd4a719c5d068a0a79c6c8a4aedb7f8d7e022bb2753d20c9f810db3d

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Sat, 02 Apr 2022 04:04:16 GMT
x-datacenter: westus
x-source-length: 1984
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=397278
x-activityid: 475f451c-aff6-4737-a33d-db3559f4a2f9
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAyWcN3?w=16&h=16&q=60&m=6&f=jpg&u=t
content-length: 731
expires: Thu, 07 Apr 2022 04:04:16 GMT

GET
H2 200 th
www.bing.com/ 3 KB
3 KB 95ms
19ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.6a6aeca6a6915390878c0ab994eda719&pid=Wdp&w=80&h=80&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5070b023d7608161235140a46e0e88a7bed3a9220374b36f9110a7d73e037196

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D476890E6C944FAB895F391BCC7AC632 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 3035

GET
H2 200 AACl4vY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 744 B
1 KB 21ms
20ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl4vY.img?w=16&h=16&q=60&m=6&f=jpg&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

eb13db5a7b283a02b069ec04f86dc4be3e64ee7dccc8d4d9fb9a5129c9a642d9

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Wed, 30 Mar 2022 01:47:16 GMT
x-datacenter: eastus
x-source-length: 4142
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=129881
x-activityid: a559b60b-6f09-4a32-b1b7-b109c76a881f
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AACl4vY?w=16&h=16&q=60&m=6&f=jpg&u=t
content-length: 744
expires: Mon, 04 Apr 2022 01:47:39 GMT

GET
H2 200 th
www.bing.com/ 2 KB
2 KB 94ms
20ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.62f16f4d7f6f181bdc11c733e543297c&pid=Wdp&w=80&h=80&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 92226e8ad309fdd66a14c9d0ca5f85cf7c60347e01db04c33eb6f1d6c6b0a5f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 99F4B148B0E64BC6894D174D9554CB59 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 2346

GET
H2 204 served
srtb.msn.com/notify/ 0
151 B 53ms
52ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=eoab&i=1&p=webcompar&l=en-us&d=gemini&b=chrome&a=7df5ac8a-956b-4ef8-bed3-33b98fb5c9bd&ii=1&c=8788172166082307269

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 142CCFBF3D69442AA128F70291DEEAC5 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 served
srtb.msn.com/notify/ 0
120 B 68ms
68ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=eoab&i=2&p=webcompar&l=en-us&d=gemini&b=chrome&a=85e9e233-19dc-4f4d-bd9d-6ebe34cb0be9&ii=1&c=8794996022741161133

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C01ECA4018B4487BB4F6F1FBB639FE78 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 200 1639473959435-2260.jpg
s.yimg.com/lo/api/res/1.2/oDvnAkUJYzHpVYnZyQAuiA--~A/Zmk9ZmlsbDt3PTMwMDtoPTMwMDthcHBpZD1nZW1pbmk7cT0xMDA-/https://s.yimg.com/av/ads/ 73 KB
74 KB 71ms
23ms Image
image/jpeg 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/lo/api/res/1.2/oDvnAkUJYzHpVYnZyQAuiA--~A/Zmk9ZmlsbDt3PTMwMDtoPTMwMDthcHBpZD1nZW1pbmk7cT0xMDA-/https://s.yimg.com/av/ads/1639473959435-2260.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ae85b6854d8135e34db94b3e33099769c273c040963120e0724e6062ad360bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 31 Mar 2022 15:54:35 GMT
x-content-type-options: nosniff
age: 164903
cld_latency: 1
edge-cache-tag: 388448751386887029950277767841362384330,493954629721902160681572778518128216419,ae7a14591aaf8d474cdb3f92111c923e
cld_cache: HIT
cld_hits: 1
x-cache: HIT
strict-transport-security: max-age=15552000
content-length: 75106
x-xss-protection: 1; mode=block
cld_by: cache-iad-kiad7000070-IAD
x-served-by: cache-iad-kiad7000070-IAD
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jan 2022 16:02:45 GMT
server: ATS
x-timer: S1648742075.068214,VS0,VE1
etag: "b70d43e7785ea7bfc0663d51f5cf4969"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
cache-tag: 388448751386887029950277767841362384330,493954629721902160681572778518128216419,ae7a14591aaf8d474cdb3f92111c923e
x-cache-hits: 1

GET
H2 200 th
www.bing.com/ 13 KB
13 KB 67ms
20ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?c=12&h=300&id=OPE.Gplt3GPb7VxPXw300C300&pid=21.1&w=300
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5cbd29a55518869a650127924a161c638c05611e713c649e35c07d03d577fac9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9477B8B25324E09A2A421187BFD5CB0 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 12871

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/0.14.0/ Frame 4429 153 KB
39 KB 21ms
21ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/0.14.0/jac.js

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 06:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26821
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 40241
x-amz-id-2: nc/1aOGtDgTvfLlEZGmw39ym7xhMUBnvproWfdOuE95ZA8lTrTXzXk9I/xB1z6HkWijafTGQ+FY=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Feb 2022 09:58:30 GMT
server: ATS
etag: "aa505988e9b89104864232dd5ae7e916-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, OPTIONS
x-amz-request-id: 831E9GR73QR285QM
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa Show response
assets.msn.com/service/community/users/ 733 B
4 KB 43ms
43ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/users/vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa?version=1.1&profile=social&verify=false&market=en-us&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3ef12983f639e92c4c9e65d0cb90cc3e448e651f47a6b129034ea3208aa0d087

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,1s-brsagexfee3,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,1s-brsageapcc0,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-wpo-ampwhprr,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,f-rel-all,blockdedupc,ads-msxdedupc,prg-wtchsocial-c,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-skic,prg-1sw-newsskip,prg-1sw-nwrc,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,ads-lockerdome,prg-spr-c-c0317,prg-spr-wpop,prg-shp-wpo-ts2,prg-sh-wpo,prg-spr-ewpot,prg-spr-shpwpoon,prg-spr-mo2c1,prg-sh-muct01,prg-spr-spddpfm,prg-spr-sbprnk2,prg-psovhigh1,prg-1sw-cldp1,prg-1sw-rcmdint,prg-1sw-splog,artglyrank1cf,artglyrank2cf,1s-brsageccl0tpb,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-sh-afgl-cm,prg-sh-affs,prg-sh-afpdps,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: 99150308B8E84C0091419B569F832E1E Ref B: FRA31EDGE0217 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0016049
server-timing: 15
ddd-servername: D141D6E5EBED
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 1
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 1
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 479
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,platagyhz3=1s-brsagexfee3,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,sagenl2=1s-brsageapcc0,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid12=prg-wpo-ampwhprr,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,2z88=f-rel-all,anaheimmuidads1=blockdedupc,30jn=prg-wtchsocial-c,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-skic,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-c-c0317,wfeedsmuidshop6=prg-spr-wpop,wfeedsmuidshop7=prg-spr-mo2c1,wfeedsmuidshop8=prg-spr-spddpfm,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo2=prg-psovhigh1,wfeedsmuidwpo5=prg-1sw-cldp1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,artglyrank5=1s-brsageccl0tpb,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3nvk=prg-sh-afgl-cm,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: ee959c8b-7cbb-46bf-bb68-ad1a04dd4529
ddd-storeexecutionlatency: 00:00:00.0015752
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3ea96

GET
H2 404 / Show response
assets.msn.com/service/community/follows/ 79 B
3 KB 46ms
46ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/follows/?targetId=vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa&queryType=follow&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1f8e7a68ed674e016dc8bf0403059cb20494578cb7f9ee1a5f5bdb940c3f1846

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: 172D2B4DB54442F5AECD243EC71A6FED Ref B: FRA31EDGE0209 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0043861
server-timing: 15
ddd-servername: BF9F61F9C93E
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 4
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 4
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 94
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,wfeedsmuid1=prg-rsum-t1,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3fl0=prg-1sw-newsskip,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,wfeedsmuidwpo2=prg-psovhigh1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: de3c1732-48fd-4778-b196-f3dd3a5e55d5
ddd-storeexecutionlatency: 00:00:00.0043556
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3ea9a

GET
H2 200 icon-assets-SaveV4.959e5d41d82c739817a8.js Show response
assets.msn.com/bundles/v1/views/latest/ 1 KB
1 KB 13ms
13ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/icon-assets-SaveV4.959e5d41d82c739817a8.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 45b144a3488cd41b351d5bd7966ae78651bbcfe168a1eb6856ecfe86664000d9

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: k0hvQ8+/uW0EjmQgY51Y6g==
server-timing: 12
content-length: 725
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:07 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B8BF9BA84
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ebd5d6c5-e01e-0076-5324-430594000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3eaec

POST
H2 200 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
427 B 224ms
223ms Fetch
application/json 40.74.98.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1648906979118&w=0&anoncknm=anon
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.74.98.195 Osaka, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: f20924f569ec18c3a49311d73bf41cc907c4a56ffd96cc61987ac158ac8e7c75

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: -802
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
content-length: 153

GET
H2 200 jot
www.civicscience.com/ 0
0 304ms
100ms Fetch
text/plain 18.214.246.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=2580642776.2628759805&n=0&s=poll&t=created&d=%7B%22target%22%3A%22dc47b0af-1755-c124-4d1b-758f0eee9014%22%2C%22instance%22%3A%22civsci-id-76398579-AAVLkH5%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A4%2C%22cy%22%3A1364%7D
Requested by: Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.246.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-246-74.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 bootstrap Show response
www.civicscience.com/widget/api/2/ 306 B
412 B 126ms
120ms Script
text/javascript 34.233.224.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/bootstrap?target=dc47b0af-1755-c124-4d1b-758f0eee9014&instance=civsci-id-76398579-AAVLkH5&context=%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72&mv=5&_=1648906979122&callback=jsonp_1648906979122_1068
Requested by: Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.224.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-224-198.compute-1.amazonaws.com
Software: Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: 577d49bac687fa3af020ab793c90e7e5a6984b629217399b6aa22215194e5c73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
server: Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26a621a1e1f8298b87bbbf5946f4517a104ca51267d098cc8e29fa02e3361872

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 235 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca7ee6d75a89f45f4573c35b27a39596e1f63a48fe74b21993ea8ec8e86ffdd0

Request headers

Referer
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 387 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2

Request headers

Referer
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 reactions Show response
assets.msn.com/service/community/urls/AAVLkH5_en-us/ 1 KB
4 KB 45ms
44ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/urls/AAVLkH5_en-us/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a22f24d0aa8f8dba9c63b901d939a05456fe33d52b0bd887518e0dc37685015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: 4F9BABB45EC440EE858BBA47BA7AA3BE Ref B: FRA31EDGE0217 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0037780
server-timing: 15
ddd-servername: 8C457B7D7B9B
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 3
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 3
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 636
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,wfeedsmuid1=prg-rsum-t1,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3fl0=prg-1sw-newsskip,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,wfeedsmuidwpo2=prg-psovhigh1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: df624f3e-f819-4cb0-b199-6c11f360e06c
ddd-storeexecutionlatency: 00:00:00.0037447
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3eb6c

GET
H2 200 / Show response
assets.msn.com/service/community/comments/ 14 KB
6 KB 52ms
52ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/comments/?contentId=AAVLkH5_en-us&$top=6&$skip=0&$orderby=Rating&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 207e70fe00cc725c64c13b3ab0255e227e196dbd38846731d9bf36df5a2789b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: 00DB5DA75FD54BC5B210A8A8EA678A96 Ref B: FRA31EDGE0221 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0066250
server-timing: 15
ddd-servername: CAA0D7AB1002
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 6
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 6
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 3267
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,wfeedsmuid1=prg-rsum-t1,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3fl0=prg-1sw-newsskip,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,wfeedsmuidwpo2=prg-psovhigh1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: d1eb6e5e-540d-432a-82e1-1aad3b71864c
ddd-storeexecutionlatency: 00:00:00.0065963
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3eb72

GET
H2 200 AANokZv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 15ms
14ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AANokZv.img?w=56&h=56&q=60&m=6&f=jpg&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.c0ea297392ac6ed4e12f.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e17363169bcf25587a6451a2fc5cbabe8acc31f40269636708b0ed2e59156eb9

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Sat, 02 Apr 2022 12:40:34 GMT
x-datacenter: eastus
x-source-length: 113092
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=428351
x-activityid: 5d40ebca-30a7-4fb3-b7ea-fc27a4c77226
content-location: https://img.s-msn.com/tenant/amp/entityid/AANokZv?w=56&h=56&q=60&m=6&f=jpg&u=t
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 1743
expires: Thu, 07 Apr 2022 12:42:09 GMT

GET
H2 200 AAVMSp8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 2 KB
2 KB 15ms
15ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVMSp8.img?w=56&h=56&q=60&m=6&f=jpg&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.c0ea297392ac6ed4e12f.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6e12f10584a36229a2dead8dba4d96a02554fb575a2c371f79af307bd7889a0c

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Sat, 02 Apr 2022 12:40:34 GMT
x-datacenter: westus
x-source-length: 558039
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=428205
x-activityid: 0405eb7f-c58a-4c46-b287-dd0e6db42007
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVMSp8?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length: 1590
expires: Thu, 07 Apr 2022 12:39:43 GMT

GET
H2 200 AAVMvTu.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
2 KB 16ms
16ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVMvTu.img?w=56&h=56&q=60&m=6&f=jpg&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.c0ea297392ac6ed4e12f.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3258c8de2537d9554a16976aa366b9cc9dfde1ba464ce9a9a500c20b0ad4301

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Sat, 02 Apr 2022 11:04:33 GMT
x-datacenter: westus
x-source-length: 464263
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=422525
x-activityid: 392c099f-0c2e-4858-8181-e4257af946b6
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVMvTu?w=56&h=56&q=60&m=6&f=jpg&u=t
content-length: 1284
expires: Thu, 07 Apr 2022 11:05:03 GMT

GET
H2 200 BBsDH6t.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 1 KB
2 KB 15ms
15ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBsDH6t.img?w=56&h=56&q=60&m=2&f=jpg

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.c0ea297392ac6ed4e12f.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3e8922397c7f9f79ffa777dd19010d03d1e4814477a45d22701dd7e64f3cee81

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Wed, 30 Mar 2022 03:54:48 GMT
x-datacenter: eastap
x-source-length: 16004
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=137555
x-activityid: 74cd27b7-9950-4fc3-ba14-b7002a1e2687
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/BBsDH6t?w=56&h=56&q=60&m=2&f=jpg
content-length: 1264
expires: Mon, 04 Apr 2022 03:55:33 GMT

GET
H2 200 reactions Show response
assets.msn.com/service/community/urls/AAVLkH5_en-us/ 1 KB
4 KB 45ms
44ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/urls/AAVLkH5_en-us/reactions?friends=true&$top=2&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 244491ccbf502178b3ce05f2e74c41aca36168fd3c744a294756b530d36f9c3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: 5F0D4AD1D4C74A978EF942A88DB69DBB Ref B: FRA31EDGE0216 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0029301
server-timing: 15
ddd-servername: 6FFB84D94626
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 3
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 3
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 637
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,wfeedsmuid1=prg-rsum-t1,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3fl0=prg-1sw-newsskip,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,wfeedsmuidwpo2=prg-psovhigh1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: 8be7fb38-9502-4654-b7e6-7ffb64a1307f
ddd-storeexecutionlatency: 00:00:00.0028997
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3ebf4

GET
H2 200 jac.js Show response
jac.yahoosandbox.com/0.14.0/ Frame B14E 153 KB
39 KB 21ms
21ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://jac.yahoosandbox.com/0.14.0/jac.js

Requested by

Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.14.0/jac.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 06:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26821
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 40241
x-amz-id-2: nc/1aOGtDgTvfLlEZGmw39ym7xhMUBnvproWfdOuE95ZA8lTrTXzXk9I/xB1z6HkWijafTGQ+FY=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Feb 2022 09:58:30 GMT
server: ATS
etag: "aa505988e9b89104864232dd5ae7e916-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, OPTIONS
x-amz-request-id: 831E9GR73QR285QM
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,s-maxage=31536000
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 meCore.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/ 100 KB
16 KB 11ms
11ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meCore.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=msnews&market=en-us

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 20 Jan 2022 20:37:26 GMT
x-azure-ref-originshield: 00ppHYgAAAAAPYAbzl/CVTYrREX2sFbPFQU1TMDRFREdFMTkyMABlYWM1ZjQ5Zi1lMDJkLTRmNDEtYjBhNi0yZDUwZjlmY2Y4NGE=
etag: "1d80e809708c940"
x-azure-ref: 04lJIYgAAAACFi92kOL6XSIKTO94wKnbNRlJBRURHRTEwMTIAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
x-ua-compatible: IE=edge

GET
H2 200 adServe.do Show response
web.ssp.yahoo.com/admax/ Frame 4429 3 KB
3 KB 318ms
273ms Script
application/x-javascript 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FINUSEN12&tp=msft_muid%3D20890875BA506FB020C1190FBBB76EBB!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Db0c3dcd388514ec1aa31f0b4d15b1f0c!msft_year%3D!msft_asid%3D1648906978420|632860827935129300!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5&gdpr=0&euconsent=&of=js
Requested by: Host: t.co
URL: https://t.co/LinRwhsIeh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 593b01fc7d9ca8d073ed396b7315dac8005413bd547b3a7bbdb33f3634986b5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
server: ATS/9.1.0.33
age: 0
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 3106
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C3780003%7C0%7C225%7CAdId=11043949;BnId=3;ct=313494803;st=5504;adcid=1;itime=906977224;reqtype=5;guid=ejtfun1h4gkn1&b=3&s=1h;;impref=16489069772173028451;imprefseq=219016132...
26.at.atwola.com/ Frame 4429 1 B
307 B 163ms
113ms Image
application/x-javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3780003%7C0%7C225%7CAdId=11043949;BnId=3;ct=313494803;st=5504;adcid=1;itime=906977224;reqtype=5;guid=ejtfun1h4gkn1&b=3&s=1h;;impref=16489069772173028451;imprefseq=219016132286237934;imprefts=1648906977;adclntid=1002;pvid=58364f6f7;kvgrp=58364f6f7;kvmsft_asid=1648906978420%7C632860827935129300;kvpg=www.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-aavlkh5;kvmn=finusen12;kvmsft_refresh=0;kvmsft_jac=1;kvmsft_providerid=b4piwqlc5;kvsecure=true;kvmsft_pagetype=article;kvmsft_rid=b0c3dcd388514ec1aa31f0b4d15b1f0c;kvmsft_muid=20890875BA506FB020C1190FBBB76EBB;kvmsft_ext_inv_cd=us;gdpr=0;

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/x-javascript
x-xss-protection: 1; mode=block
cache-control: no-store, no-cache
content-length: 1
x-content-type-options: nosniff
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
DATA 200
OK truncated
/ 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 143ms
28ms Image
image/gif 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-04-02T13%3A42%3A58.951Z%27&appId=%27JS%3AMeControl%27&cV=%27hVLXc30WTEs9S90T.4%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=134&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27eddecefc-d813-4f49-1a32-e8250132f1b4%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A889.1000001430511%2C%22perfDuration%22%3A134.20000004768372%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnews%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.21162.3%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnews%22%2C%22gfx%22%3A%22https%3A%2F%2Fmem.gfx.ms%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Facctcdn.msauth.net%2Foneds_Xr2D7Nex80v7A-8bxF8jgQ2.js%3Fv%3D1%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graph%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22env%22%3Anull%2C%22role%22%3A%22AccountControls%22%2C%22roleInst%22%3Anull%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3D**%26cvid%3D**%22%2C%22accts%22%3A%220-0%22%7D%27

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:57 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: sTjt1K9I5UycK/81R02QVA.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 144ms
29ms Image
image/gif 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-04-02T13%3A42%3A59.200Z%27&appId=%27JS%3AMeControl%27&cV=%27hVLXc30WTEs9S90T.6%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=11&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.21162.3%2Fen-US%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27eddecefc-d813-4f49-1a32-e8250132f1b4%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A244.29999995231628%2C%22perfDuration%22%3A10.599999904632568%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnews%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.21162.3%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnews%22%2C%22gfx%22%3A%22https%3A%2F%2Fmem.gfx.ms%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Facctcdn.msauth.net%2Foneds_Xr2D7Nex80v7A-8bxF8jgQ2.js%3Fv%3D1%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graph%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22env%22%3Anull%2C%22role%22%3A%22AccountControls%22%2C%22roleInst%22%3Anull%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3D**%26cvid%3D**%22%2C%22accts%22%3A%220-0%22%7D%27

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:57 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: KnM7RY7xiUCUjjnU/FURTQ.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 143ms
29ms Image
image/gif 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-04-02T13%3A42%3A59.208Z%27&appId=%27JS%3AMeControl%27&cV=%27hVLXc30WTEs9S90T.8%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msnews%27&*controlVersion=%2710.21162.3%27&*market=%27en-US%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=255.19999980926514&*details=%27load%27

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:57 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: sSluTGwOykyam3rXGZzVcg.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 social-bar-wc.1f68987a5b09304185b3.js Show response
assets.msn.com/bundles/v1/views/latest/ 131 KB
37 KB 14ms
13ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/social-bar-wc.1f68987a5b09304185b3.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c531032b81f1a3d2555e96f9b2d2b526558c54d139cd860dc45a98dcd7d9d4ef

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: 4ZnsQGaIisc3mZ+78HoUuA==
server-timing: 12
content-length: 37237
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:29 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B98CC4C7B
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 9bae8126-701e-00e3-6924-4365e9000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3ed37

GET
H2 200 BBI4MeJ Show response
assets.msn.com/content/v1/cms/api/amp/Document/ 14 KB
5 KB 14ms
13ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.msn.com/content/v1/cms/api/amp/Document/BBI4MeJ

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/modern-right-rail.9db6232b38b633186d91.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-163-109.deploy.static.akamaitechnologies.com

Software

Resource Hash

138f05026efb86a1336204e2af8edcb6402b0f41d62532d0e9f0dda672bf78b5

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-cms-state: Published
appex-activity-id: 6b95149e-1358-4a85-99ad-eb33ab437338
content-encoding: gzip
etag: W/"15088"
access-control-allow-origin: https://www.msn.com
x-cms-tenant: amp
x-cms-servicelocation: eastus:5
x-cms-type: list
x-cms-documentid: BBI4MeJ
server-timing: 12
ms-cv: bWGVeJOrFEG9sK36CgUi7Q.0
content-length: 4373
x-trace-context: {"ActivityId":"6b95149e-1358-4a85-99ad-eb33ab437338"}
x-cms-version: 3244
last-modified: Sat, 02 Apr 2022 13:31:01 GMT
x-frame-options: deny
date: Sat, 02 Apr 2022 13:42:58 GMT
vary: Origin
content-type: application/json; charset=utf-8
x-cms-executiontimeinmilliseconds: 5
access-control-expose-headers: X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
cache-control: max-age=900
akamai-server-ip: 23.36.161.81
akamai-request-id: 40b3ed60
x-cms-documentstoragetier: Cache
expires: Sat, 02 Apr 2022 13:57:58 GMT

POST
H2 200 auction Show response
srtb.msn.com/ 89 KB
10 KB 411ms
410ms XHR
application/json 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://srtb.msn.com/auction

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e36d500a8ea83c2e2d68d26b3bdb2592f9273ee52d59a2918252b00215b235a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

X-MSEdge-ClientID: 20890875BA506FB020C1190FBBB76EBB
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
x-ms-flightId: msnallexpusers,muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
Content-Type: application/json
Cache-Control: no-cache
Referer: https://www.msn.com/
X-MSEdge-Market: en-us

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4B039CD6F366460AB6A429FBD60E8BE2 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
vary: Origin,Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-allow-credentials: true
server-timing: total;dur=356
timing-allow-origin: https://www.msn.com

OPTIONS
H2 200 auction
srtb.msn.com/ Frame 0
0 52ms
52ms Preflight 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srtb.msn.com/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.dc-msedge.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
Access-Control-Request-Method: POST
Origin: https://www.msn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: cache-control,content-type,x-ms-flightid,x-msedge-clientid,x-msedge-market
access-control-allow-origin: https://www.msn.com
access-control-max-age: 86400
content-length: 0
date: Sat, 02 Apr 2022 13:42:57 GMT
vary: Origin
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 8034E063F3C7411886C1ECE3E772EED3 Ref B: VIEEDGE3016 Ref C: 2022-04-02T13:42:58Z

POST
H2 200 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
426 B 223ms
223ms Fetch
application/json 40.74.98.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1648906979273&w=0&anoncknm=anon
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.74.98.195 Osaka, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: a71f035deaac5569bf29f78ed9e30d0f9f37aecce24f5290fb00f07d02092679

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Apr 2022 13:42:57 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: -801
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
content-length: 153

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 115ms
29ms Image
image/gif 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-04-02T13%3A42%3A59.254Z%27&appId=%27JS%3AMeControl%27&cV=%27hVLXc30WTEs9S90T.9%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msnews%27&*controlVersion=%2710.21162.3%27&*market=%27en-US%27&*scenario=%27Interactive%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=301.2999999523163&*details=%27Web%20header%27

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:57 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: nXUEoLHZJ0qQv3mC1atImw.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 adServe.do Show response
web.ssp.yahoo.com/admax/ Frame B14E 3 KB
3 KB 256ms
256ms Script
application/x-javascript 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FINUSEN11&tp=msft_muid%3D20890875BA506FB020C1190FBBB76EBB!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Db0c3dcd388514ec1aa31f0b4d15b1f0c!msft_year%3D!msft_asid%3D1648906978895|745067526028587300!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5&gdpr=0&euconsent=&of=js
Requested by: Host: t.co
URL: https://t.co/LinRwhsIeh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: f40ed2fb1a7c171b65c6a8a09f182f299fb0b36ed568be920e1235d527da33c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
server: ATS/9.1.0.33
age: 0
content-type: application/x-javascript;charset=utf-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length: 3113
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adcount%7C2.0%7C5113.1%7C3780001%7C0%7C170%7CAdId=11043949;BnId=4;ct=313653884;st=4270;adcid=1;itime=906978235;reqtype=5;guid=ejtfun1h4gkn1&b=3&s=1h;;impref=16489069782198188782;imprefseq=232245469...
26.at.atwola.com/ Frame B14E 1 B
33 B 111ms
111ms Image
application/x-javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3780001%7C0%7C170%7CAdId=11043949;BnId=4;ct=313653884;st=4270;adcid=1;itime=906978235;reqtype=5;guid=ejtfun1h4gkn1&b=3&s=1h;;impref=16489069782198188782;imprefseq=232245469076540662;imprefts=1648906978;adclntid=1002;pvid=58364f6f7;kvgrp=58364f6f7;kvmsft_asid=1648906978895%7C745067526028587300;kvpg=www.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-aavlkh5;kvmn=finusen11;kvmsft_refresh=0;kvmsft_jac=1;kvmsft_providerid=b4piwqlc5;kvsecure=true;kvmsft_pagetype=article;kvmsft_rid=b0c3dcd388514ec1aa31f0b4d15b1f0c;kvmsft_muid=20890875BA506FB020C1190FBBB76EBB;kvmsft_ext_inv_cd=us;gdpr=0;

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/x-javascript
x-xss-protection: 1; mode=block
cache-control: no-store, no-cache
content-length: 1
x-content-type-options: nosniff
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 AAVKnKv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 21 KB
22 KB 28ms
28ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVKnKv.img?w=300&h=225&q=90&m=6&f=jpg&x=300&y=176&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bff453614d54cbe1b3785fa5845014965bdeaae1b76a1a322d47db53652a6b83

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Fri, 01 Apr 2022 16:38:28 GMT
x-datacenter: westus
x-source-length: 79382
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=355984
x-activityid: d65a6eb6-7bd1-4355-90b0-53752abe6f4f
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVKnKv?w=300&h=225&q=90&m=6&f=jpg&x=300&y=176&u=t
content-length: 21687
expires: Wed, 06 Apr 2022 16:36:02 GMT

GET
H2 200 BBERG9W
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 828 B
1 KB 19ms
18ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBERG9W?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

628148539d801d34a49a7f7997e17b633b96fe68f2f095dc6293d8fe0f54d9c7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Thu, 31 Mar 2022 13:21:35 GMT
x-datacenter: eastus
x-source-length: 1622
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=257916
x-activityid: 57576a13-e7b4-4821-9d3a-2148a35d14d5
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/BBERG9W?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 828
expires: Tue, 05 Apr 2022 13:21:34 GMT

GET
H2 200 AAVLiAb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 39 KB
39 KB 40ms
39ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVLiAb.img?w=300&h=225&q=90&m=6&f=jpg&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

da59c103715348800c5954e765cc997eef7d30b52214147cfce5a954aa85161a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Fri, 01 Apr 2022 17:32:26 GMT
x-datacenter: westus
x-source-length: 392284
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=359372
x-activityid: 3c5a73d2-346e-49e3-85a9-75922642f3bd
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVLiAb?w=300&h=225&q=90&m=6&f=jpg&u=t
content-length: 39925
expires: Wed, 06 Apr 2022 17:32:30 GMT

GET
H2 200 AAU2Dsv
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 447 B
777 B 43ms
42ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAU2Dsv?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8fb2f738870e714b0d9fc01dcbf3770271ded49cb0e7b0f1410ad44999fa31c8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Thu, 31 Mar 2022 08:05:25 GMT
x-datacenter: eastap
x-source-length: 4760
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=238882
x-activityid: 782871a4-249e-491b-a78b-48cd43e7ae70
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAU2Dsv?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 447
expires: Tue, 05 Apr 2022 08:04:20 GMT

GET
H2 200 AATLpZL.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 20 KB
20 KB 48ms
47ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AATLpZL.img?w=300&h=225&q=90&m=6&f=jpg&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

73c20215164f06634292ae0314a05afd2ae6f8f357a3321fa70334172ac762ed

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Fri, 01 Apr 2022 11:01:47 GMT
x-datacenter: eastus
x-source-length: 123940
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=335917
x-activityid: 895e71f2-ab82-4749-adfc-a40fe48b8538
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AATLpZL?w=300&h=225&q=90&m=6&f=jpg&u=t
content-length: 20033
expires: Wed, 06 Apr 2022 11:01:35 GMT

GET
H2 200 BB11f0Qb
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 409 B
811 B 71ms
69ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB11f0Qb?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

441b6f49858ec289fff6c29ab29d179596019169e3a2ea78d384648e0c3baa76

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB11f0Qb
date: Sat, 02 Apr 2022 13:42:58 GMT
x-source-length: 1200
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB11f0Qb?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid: 75d902f8-a1d6-4b10-ad30-9739df2a26d1
last-modified: Thu, 31 Mar 2022 07:11:20 GMT
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-length: 409
x-resizerversion: 1.0
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=235680
timing-allow-origin: *
expires: Tue, 05 Apr 2022 07:10:58 GMT

GET
H2 200 th
www.bing.com/ 15 KB
15 KB 22ms
20ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.003e9208d908afb635798d452f363988&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8be4fc7c93f250e46d1f811976f75983a4f6ac552dad3a821f4c4fab6ef3663c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 267065E4CF66425FB08885C2E362C0B9 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 15443

GET
H2 200 AAykw7c
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 571 B
904 B 30ms
27ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAykw7c?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d108ffef6e8b8adf05fa7720e109ee115a1651075705c724aca770d2814b392

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Fri, 01 Apr 2022 20:13:49 GMT
x-datacenter: westus
x-source-length: 18737
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=369018
x-activityid: b67ddd4f-82e2-46be-b356-5086d329edf4
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAykw7c?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 571
expires: Wed, 06 Apr 2022 20:13:16 GMT

GET
H2 200 th
www.bing.com/ 18 KB
18 KB 21ms
19ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.cd27b9c87c732205cb2b363b92d9cf49&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a204b63326e1b81145f5102bd4e0ef017423efa151aa278dc92ad5508d577849

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F830A3B50D8412F8E63CE63E5116DDA Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 18624

GET
H2 200 BBUvpML
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 899 B
1 KB 50ms
47ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBUvpML?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3659bc4ae6fa9dbba50be28b28d7bd9ea6ef9ed81e9ca1b9102ff7bd5690e85e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBUvpML
date: Sat, 02 Apr 2022 13:42:58 GMT
x-source-length: 941
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBUvpML?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid: 22980f59-4106-4b1c-bd37-f73e5766c351
last-modified: Thu, 31 Mar 2022 03:39:29 GMT
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-length: 899
x-resizerversion: 1.0
x-datacenter: eastus
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=222987
timing-allow-origin: *
expires: Tue, 05 Apr 2022 03:39:25 GMT

GET
H2 200 th
www.bing.com/ 16 KB
16 KB 37ms
34ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.54e943a5a32bfc12dde7a7ff6942d0e7&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f67b40073ad493421bbdbc9af6dd9589b3797afd0e28e63dc7c5082e7298d8fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AE73626738384B109291456FCBD53103 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 16543

GET
H2 200 AAVBb3C
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 327 B
657 B 45ms
41ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVBb3C?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5d94b8b98eb1e31150afcc8ca3438f67fefa77271ebd8ddfeabea26adb4f38d1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Wed, 30 Mar 2022 05:11:47 GMT
x-datacenter: eastap
x-source-length: 1369
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=142101
x-activityid: 236aa0c9-6596-4ccc-abf8-85f0ed5c2dd7
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVBb3C?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 327
expires: Mon, 04 Apr 2022 05:11:19 GMT

GET
H2 200 th
www.bing.com/ 28 KB
28 KB 38ms
34ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.f1ada14be404964a9f39eab9d04cc5a2&pid=Wdp&w=468&h=304&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ed225e4be6f55848d0d089d9f3cef1eb17ff940aea865db1c6a02d8b514ad13a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A1B8D472FE49485ABC39FEE6B9A8F40B Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 28336

GET
H2 200 BBAJ56P
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 825 B
1 KB 101ms
98ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBAJ56P?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

eb1a6b8c2beb495046dae0e5722e319786ab78d9a5d75b00dfa1050cbea829b8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Wed, 30 Mar 2022 09:10:02 GMT
x-datacenter: eastus
x-source-length: 18777
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=156424
x-activityid: 19f0b71a-21d2-4fdb-9b7c-2a8c5c1302a3
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/BBAJ56P?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 825
expires: Mon, 04 Apr 2022 09:10:02 GMT

GET
H2 200 th
www.bing.com/ 14 KB
14 KB 39ms
35ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.0e5c05d7d64c9fe1dbbb194fdb8620b5&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6bc954c55ae410250c9e13e7139ce04a257270da79f438bcc8cd396b96fa00cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BCFBBA9AC6064650A569BD61FF608224 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 14424

GET
H2 200 BBphlIt
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 697 B
1 KB 33ms
30ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBphlIt?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d947ee8e02802f10c1a27907a528aef68102256f25611e1b30b51e6c4dfac33

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Tue, 29 Mar 2022 20:24:01 GMT
x-datacenter: northeu
x-source-length: 19025
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=110499
x-activityid: 356bbccd-c7bd-46bd-826b-5e14ae5a9c2e
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/BBphlIt?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 697
expires: Sun, 03 Apr 2022 20:24:37 GMT

GET
H2 200 th
www.bing.com/ 16 KB
17 KB 53ms
50ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.d25910198d927ce7f9c6779ccc745f81&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7b1f017f036293d55ef38b4a220eb2e0b7fc0a0a17be0a7e99113761d3fe9c98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FC3DA051E3C849B0BFA345315B8F6FF0 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 16882

GET
H2 200 AAxspu1
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 469 B
801 B 35ms
32ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAxspu1?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5d43b6a723d79ac626c72f04380ed9df8140b08bbd4184cf50299c051d2f93a4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Wed, 30 Mar 2022 21:41:34 GMT
x-datacenter: westus
x-source-length: 19025
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=201478
x-activityid: 907f5b09-eaa3-4a09-94d1-aa44b75008ba
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAxspu1?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 469
expires: Mon, 04 Apr 2022 21:40:56 GMT

GET
H2 200 th
www.bing.com/ 17 KB
17 KB 53ms
51ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.cc3b2ccbc913ebbc9bc8042c0357c3ce&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 07eaa9c3f5266f72943d54e147305272b415df938e585e25e832235193c3121c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 19437490C606489DA52619A8286DA102 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 17711

GET
H2 200 AALER5n
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 602 B
932 B 38ms
36ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6ea15ce50030095c00cd5861862b133f821dca77413bb2ee7d740bab42894ffb

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Wed, 30 Mar 2022 13:38:14 GMT
x-datacenter: westus
x-source-length: 3337
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=172509
x-activityid: 60d483f7-0361-4134-9781-4c8073f15ece
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 602
expires: Mon, 04 Apr 2022 13:38:07 GMT

GET
H2 200 th
www.bing.com/ 16 KB
16 KB 54ms
51ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.767b2d6b5e6b50a5c91249f0ea36bfd3&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 147088448b9c3197cb0447f96f7a1297b157e0be9daf3831e1356cfd8a0f31a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CE3097BC46A241FE8C206899A9E6A176 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 16524

GET
H2 200 AA4QDcg
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 406 B
806 B 40ms
38ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA4QDcg?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d5f645227c51a6e4d711befe18f139271389054428914a4206bd5590bff60a42

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AA4QDcg
date: Sat, 02 Apr 2022 13:42:58 GMT
x-source-length: 260
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA4QDcg?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid: 47402664-f181-4a93-9bb4-62dc872b6f48
last-modified: Tue, 29 Mar 2022 22:35:04 GMT
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-length: 406
x-resizerversion: 1.0
x-datacenter: westus
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=118272
timing-allow-origin: *
expires: Sun, 03 Apr 2022 22:34:10 GMT

GET
H2 200 th
www.bing.com/ 24 KB
24 KB 53ms
51ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.15f757e94398b7846b723abe057b22ac&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4a4a515c111dd870edbb81a16997a84970ed442418c3bb9862aef58f64dcf5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5536156EEFCD454D8DD7D30B07F4C9BD Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 24562

GET
H2 200 AADeC24
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 759 B
1 KB 42ms
40ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AADeC24?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c81ecf2ba711de85ddc66ab010a2e1cb0374ecca2daa69257bb637ff0fadca21

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Thu, 31 Mar 2022 01:48:02 GMT
x-datacenter: westus
x-source-length: 4101
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216302
x-activityid: 55dcb060-4a53-4be7-9494-9873cbe769e4
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AADeC24?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 759
expires: Tue, 05 Apr 2022 01:48:00 GMT

GET
H2 200 th
www.bing.com/ 20 KB
20 KB 54ms
52ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.e627e1bbfa54c40817e548d74ddaf875&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a6da60b373fcaf6cd61842f49955c20e24ace2e65e8b6c7a5339bb72951b6ee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 31C5A6DAEF724297926B15E395539A5D Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 20754

GET
H2 200 AAV6eAn
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 329 B
659 B 43ms
42ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAV6eAn?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1dac8195bf71015f538e51575a3ce3675890c16dce42f3a83a6637092d7bafb0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Wed, 30 Mar 2022 00:18:32 GMT
x-datacenter: westus
x-source-length: 310
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=124587
x-activityid: 81805731-5768-4c19-a91f-fff617331f3f
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAV6eAn?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 329
expires: Mon, 04 Apr 2022 00:19:25 GMT

GET
H2 200 th
www.bing.com/ 16 KB
16 KB 55ms
54ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.30c1930b3f7ae45a74c06647916101e5&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9decaed7b6fc585db3154f96a62b530cdf2fc975f5bbbe2dbbd0f2929e72a121

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6975D7459307425085CAB4FAB7186205 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 16524

GET
H2 200 AAywOab
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 640 B
971 B 72ms
70ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5647d6e4fe65dadc8621ea2af7af33e586f7badd85f252d6132903cd0da80889

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Thu, 31 Mar 2022 22:33:55 GMT
x-datacenter: eastap
x-source-length: 18737
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=291054
x-activityid: 3ad902d8-3fa8-4c84-b252-162ece0b8fa2
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 640
expires: Tue, 05 Apr 2022 22:33:52 GMT

GET
H2 200 reactions Show response
assets.msn.com/service/community/comments/235435e1-913a-4009-896d-0715bd4306de/ 847 B
4 KB 45ms
44ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/comments/235435e1-913a-4009-896d-0715bd4306de/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 73df147cea3436152d5dbbed0e48f6255e90bc895c6d01a1795d978c0460691d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: F4B32B3467BE41ADA0EDE12CAB4BC125 Ref B: FRA31EDGE0219 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0033518
server-timing: 19
ddd-servername: D418EC05BC70
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 3
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 3
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 510
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,wfeedsmuid1=prg-rsum-t1,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3fl0=prg-1sw-newsskip,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,wfeedsmuidwpo2=prg-psovhigh1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: fbbdfcb4-92f2-4ed3-8900-46f2e675ed1a
ddd-storeexecutionlatency: 00:00:00.0033209
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3f1b5

GET
H2 200 reactions Show response
assets.msn.com/service/community/comments/87e30727-5966-4eb5-b06c-fc62f97d191f/ 769 B
4 KB 49ms
49ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/comments/87e30727-5966-4eb5-b06c-fc62f97d191f/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 42af4292bb09633817c85b33be1c3237d36c620e2e003ebd9d69196ad00eac0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: 85D9207966944E7D9AE9CC12781A38E9 Ref B: FRA31EDGE0210 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0032449
server-timing: 19
ddd-servername: AD5FAF50ECC4
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 3
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 3
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 477
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,wfeedsmuid1=prg-rsum-t1,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3fl0=prg-1sw-newsskip,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,wfeedsmuidwpo2=prg-psovhigh1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: ccf74526-3a7c-417e-b410-4e5e3ab51fdf
ddd-storeexecutionlatency: 00:00:00.0032143
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3f1ca

GET
H2 200 reactions Show response
assets.msn.com/service/community/comments/65f452fb-ac09-45ce-8ddc-226f0a93a318/ 784 B
4 KB 54ms
53ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/comments/65f452fb-ac09-45ce-8ddc-226f0a93a318/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6c4fa375c592b5248cfcc640fb6040d02ee43eb9e1b821419d284a4e3995a8ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: D2241018DC6D4EF4B96569B2B7DD3433 Ref B: FRA31EDGE0206 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0031851
server-timing: 19
ddd-servername: C7E1E6A2C067
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 3
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 3
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 465
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,wfeedsmuid1=prg-rsum-t1,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3fl0=prg-1sw-newsskip,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,wfeedsmuidwpo2=prg-psovhigh1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: cb18dcf6-a68a-4627-b09b-1237a5e16a6d
ddd-storeexecutionlatency: 00:00:00.0031553
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3f1ce

GET
H2 200 reactions Show response
assets.msn.com/service/community/comments/7dfbeb85-04c6-4fca-accb-dd8ba14b7e7a/ 537 B
4 KB 50ms
49ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/comments/7dfbeb85-04c6-4fca-accb-dd8ba14b7e7a/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9b8d0503fe1e1635bce8c42f41cd687618f1926a76b03aab41c464f83771755b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: BD16955AFC784F978AE6D30654C25889 Ref B: FRA31EDGE0615 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0035385
server-timing: 19
ddd-servername: ED8824F7CAA9
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 3
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 3
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 367
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,wfeedsmuid1=prg-rsum-t1,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3fl0=prg-1sw-newsskip,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,wfeedsmuidwpo2=prg-psovhigh1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: 092a5de4-8e3a-4d53-8bfd-436c66f1cfa7
ddd-storeexecutionlatency: 00:00:00.0035102
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3f1d2

GET
H2 200 reactions Show response
assets.msn.com/service/community/comments/cb5b2771-657d-4aff-87af-9f5bb40589d6/ 564 B
4 KB 53ms
52ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/comments/cb5b2771-657d-4aff-87af-9f5bb40589d6/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a0f97c4b22c1bf75ca37f4bba2d8727e7a594f95f18338ef0bd09c770d76e4b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: B1D94EA7C5A34B828E53116C977E60C9 Ref B: FRA31EDGE0613 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0033926
server-timing: 19
ddd-servername: 7C980C21022E
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 3
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 3
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 390
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,wfeedsmuid1=prg-rsum-t1,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3fl0=prg-1sw-newsskip,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,wfeedsmuidwpo2=prg-psovhigh1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: d2528a91-fe2e-4f23-a881-3ae9bdca2923
ddd-storeexecutionlatency: 00:00:00.0033619
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3f1d6

GET
H2 200 reactions Show response
assets.msn.com/service/community/comments/d6a17ef9-21e2-4265-b9ea-7392e51498a5/ 525 B
4 KB 49ms
45ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/comments/d6a17ef9-21e2-4265-b9ea-7392e51498a5/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1d5548774d84367ade7dd969ff4bd0c3e788445bd47d48e127ddc6d8130e684d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,prg-rsum-t1,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-1sw-cfbdg,prg-1sw-sphnmsnncf,prg-adspeek,1s-br30min,btrecrow1,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-newsskip,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,prg-psovhigh1,prg-1sw-splog,artglyrank1cf,artglyrank2cf,prg-1sw-nen3di,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:58 PM
x-msedge-ref: Ref A: 35DFA806AAAB4F81A128BCC723538383 Ref B: FRA31EDGE0208 Ref C: 2022-04-02T13:42:58Z
ddd-strategyexecutionlatency: 00:00:00.0033743
server-timing: 19
ddd-servername: C55BF6ED9995
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: private, max-age=0
x-msedge-responseinfo: 3
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 3
x-as-suppresssetcookie: 1
expires: Sat, 02 Apr 2022 13:42:58 GMT
date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 362
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,wfeedsmuid1=prg-rsum-t1,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid13=prg-1sw-cfbdg,wfeedsmuid14=prg-1sw-sphnmsnncf,2ml4=prg-adspeek,2pgg=1s-br30min,2ray=btrecrow1,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3fl0=prg-1sw-newsskip,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,wfeedsmuidwpo2=prg-psovhigh1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,3lzh=prg-1sw-nen3di,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: 39df74a6-ed02-43e3-8cc8-260af15f5d99
ddd-storeexecutionlatency: 00:00:00.0033437
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3f1de

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 8304 17 KB
6 KB 35ms
7ms Document
text/html 69.192.161.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/external/publishers/msn/MSNIdSyncV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4ba5146eb33e639576b0befa39a523230a21b504b6a68f57bb1a32ea9b514c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 5861
content-type: text/html
date: Sat, 02 Apr 2022 13:42:58 GMT
etag: "2f2b7a716f5b20c4b13adcdfd51e461b:1646323178.713502"
expires: Sat, 09 Apr 2022 13:42:58 GMT
last-modified: Thu, 03 Mar 2022 15:52:32 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 jot
www.civicscience.com/ 0
0 108ms
98ms Fetch
text/plain 18.214.246.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/jot?j=2580642776.2628759805&n=1&s=poll&t=metatarget&d=%7B%22target%22%3A3832%2C%22instance%22%3A%22civsci-id-76398579-AAVLkH5%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A4%2C%22cy%22%3A1364%2C%22otarget%22%3A3223%7D
Requested by: Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.246.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-246-74.compute-1.amazonaws.com
Software: Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Fri, 30 Aug 2019 14:44:32 GMT
server: Apache/2.4.39 (Amazon)
accept-ranges: bytes
etag: "0-59156a8fe3400"
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 30ms
28ms Ping
application/json 40.77.226.250
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.21162.3/en-US/meCore.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 reaction-breakdown-dialog.7e729e1a28d843fa4f82.js Show response
assets.msn.com/bundles/v1/views/latest/ 46 KB
17 KB 17ms
17ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/reaction-breakdown-dialog.7e729e1a28d843fa4f82.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 4c18345ab7ae64bfeceec84c8265bd7248046765934615f57f46f93686f755a5

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: B/uN2mwrxKS2TrivabCZ4w==
server-timing: 18
content-length: 16794
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 04:21:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA113B88CD8308
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ebd5d8cf-e01e-0076-0b24-430594000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3f3e6

GET
DATA 200
OK truncated
/ 239 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9

Request headers

Referer
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 loader.js Show response
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 4429 2 KB
2 KB 31ms
30ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Requested by: Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FINUSEN12&tp=msft_muid%3D20890875BA506FB020C1190FBBB76EBB!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Db0c3dcd388514ec1aa31f0b4d15b1f0c!msft_year%3D!msft_asid%3D1648906978420|632860827935129300!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5&gdpr=0&euconsent=&of=js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a4b2cf6785131aac799f2faf2bdacbf2990e1f25791fffd13585afa2e4bddef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: aBLVLynt4VtpFbIXfhXgTw==
server-timing: 12
content-length: 980
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 16:00:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA119D4B0D7466
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e6d1308c-101e-0031-38aa-436e4f000000
cache-control: public, max-age=86400
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
akamai-request-id: 40b3f5c6

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame 4429 19 B
61 B 14ms
13ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=55940,58294,55953,58292,58160,55829,55859,57926,55939,56554,58267,55938&referrer=www.msn.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FINUSEN12&tp=msft_muid%3D20890875BA506FB020C1190FBBB76EBB!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Db0c3dcd388514ec1aa31f0b4d15b1f0c!msft_year%3D!msft_asid%3D1648906978420|632860827935129300!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5&gdpr=0&euconsent=&of=js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
cache-control: no-cache
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript

GET
H2 200 adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame 4429 43 B
175 B 41ms
8ms Image
image/gif 18.192.248.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770909769&dcn=8a9691540170705f2c9b79e3d4f900df&posi=986877&grp=%3F%3F%3F&nl=1648906978624&rts=1648906978362&pix=1&et=1&a=37200eb0f565482d92ea5f5dc4e9f61b&m=aXAtMTAtMjItMTAxLTM4&b=MTMwNzE7U0FNIFBhc3NiYWNrOz8_Pzs7Ozs4ZGZjMjhiNTg3ZjE0NTBhYjI5YmQxYzdkMzU5MWE1MzszMTU1OTk1NDsxNjQ4OTAyNjUwOzswOzswOztwYXNzYmFjay05NDQ3Ozsx&uid=y-EvIgJzdE2up.x1neTD2.r0jKhsyM%7EA&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&af=7&dety=5
Requested by: Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FINUSEN12&tp=msft_muid%3D20890875BA506FB020C1190FBBB76EBB!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Db0c3dcd388514ec1aa31f0b4d15b1f0c!msft_year%3D!msft_asid%3D1648906978420|632860827935129300!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5&gdpr=0&euconsent=&of=js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.248.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-248-81.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Mon, 28 Mar 2022 21:13:56 GMT
server: nginx/1.20.1
accept-ranges: bytes
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.39.js Show response
cdn.js7k.com/ix/ Frame 4429 69 KB
16 KB 30ms
24ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.39.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

901a381a532d64712970ae6d21bf80742c1a8088e7bd9f6eb551ebf8d812a390

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3322
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 16530
x-amz-id-2: 9yAJvMgN5JmlD/PorWa9Q3n4eUa5LMsjHTZIMbj5MvcimzKkq5XHAiWayEvSd8JQ/jfb9QvWVuk=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 Jan 2022 22:21:14 GMT
server: ATS
etag: "a3d122d2b21ea5999c557bdb1d26ca54-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: Z8AEAAC91KGK2MBV
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 loader.js Show response
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame B14E 2 KB
2 KB 33ms
31ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Requested by: Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FINUSEN11&tp=msft_muid%3D20890875BA506FB020C1190FBBB76EBB!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Db0c3dcd388514ec1aa31f0b4d15b1f0c!msft_year%3D!msft_asid%3D1648906978895|745067526028587300!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5&gdpr=0&euconsent=&of=js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a4b2cf6785131aac799f2faf2bdacbf2990e1f25791fffd13585afa2e4bddef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: aBLVLynt4VtpFbIXfhXgTw==
server-timing: 12
content-length: 980
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 16:00:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA119D4B0D7466
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e6d1308c-101e-0031-38aa-436e4f000000
cache-control: public, max-age=86400
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
akamai-request-id: 40b3f5fc

GET
H2 200 pixels Show response
service.idsync.analytics.yahoo.com/sp/v0/ Frame B14E 19 B
44 B 13ms
12ms Script
application/javascript 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58294,55953,55936,58292,58160,55859,57926,55965,55939,58267,55829,55853&referrer=www.msn.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=

Requested by

Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FINUSEN11&tp=msft_muid%3D20890875BA506FB020C1190FBBB76EBB!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Db0c3dcd388514ec1aa31f0b4d15b1f0c!msft_year%3D!msft_asid%3D1648906978895|745067526028587300!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5&gdpr=0&euconsent=&of=js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
cache-control: no-cache
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript

GET
H2 200 adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame B14E 43 B
176 B 37ms
8ms Image
image/gif 18.192.248.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770909769&dcn=8a9691540170705f2c9b79e3d4f900df&posi=986874&grp=%3F%3F%3F&nl=1648906978626&rts=1648906978382&pix=1&et=1&a=ba333b5ed6434e1fb868ceef4cbf9f8e&m=aXAtMTAtMjItMTIwLTIxOA..&b=MTMwNzE7U0FNIFBhc3NiYWNrOz8_Pzs7OzsyMTk0MzBlZWE2MjU0OTY3YTQxZGM3ZDdlZjlkZmJhNTszMTU1OTk1NDsxNjQ4OTAyNjUwOzswOzswOztwYXNzYmFjay05NDQxOzsx&uid=y-EvIgJzdE2up.x1neTD2.r0jKhsyM%7EA&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&af=7&dety=5
Requested by: Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=FINUSEN11&tp=msft_muid%3D20890875BA506FB020C1190FBBB76EBB!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3Db4piwqlc5!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Db0c3dcd388514ec1aa31f0b4d15b1f0c!msft_year%3D!msft_asid%3D1648906978895|745067526028587300!msft_jac%3D1!msft_refresh%3D0&us_privacy=&req(url)=https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5&gdpr=0&euconsent=&of=js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.248.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-248-81.eu-central-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Mon, 28 Mar 2022 21:13:56 GMT
server: nginx/1.20.1
accept-ranges: bytes
content-length: 43
content-type: image/gif

GET
H2 200 talon-1.0.39.js Show response
cdn.js7k.com/ix/ Frame B14E 69 KB
16 KB 26ms
23ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.js7k.com/ix/talon-1.0.39.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

901a381a532d64712970ae6d21bf80742c1a8088e7bd9f6eb551ebf8d812a390

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 12:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3322
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 16530
x-amz-id-2: 9yAJvMgN5JmlD/PorWa9Q3n4eUa5LMsjHTZIMbj5MvcimzKkq5XHAiWayEvSd8JQ/jfb9QvWVuk=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 Jan 2022 22:21:14 GMT
server: ATS
etag: "a3d122d2b21ea5999c557bdb1d26ca54-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: Z8AEAAC91KGK2MBV
x-xss-protection: 1; mode=block
cache-control: public,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2

200

20890875BA506FB020C1190FBBB76EBB
pr-bh.ybp.yahoo.com/sync/msn/
Redirect Chain

https://c.bing.com/c.gif?Red3=MSOATH_pd
https://pr-bh.ybp.yahoo.com/sync/msn/20890875BA506FB020C1190FBBB76EBB

43 B
992 B

112ms
34ms

Image
image/gif

2a05:d018:d29:3601:b883:24d:29e5:b600
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/msn/20890875BA506FB020C1190FBBB76EBB

Protocol

Server

2a05:d018:d29:3601:b883:24d:29e5:b600 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:59 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

Redirect headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 14AB6C3300EB4A17B5CAB6D274EADED9 Ref B: FRAEDGE1212 Ref C: 2022-04-02T13:42:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://pr-bh.ybp.yahoo.com/sync/msn/20890875BA506FB020C1190FBBB76EBB
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FA7C
Redirect Chain

https://ib.adnxs.com/async_usersync_file
https://acdn.adnxs.com/dmp/async_usersync.html

52 KB
17 KB

30ms
8ms

Document
text/html

151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/desktop-feed-views.27f666511405c4b7be5c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 29320
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sat, 02 Apr 2022 13:42:58 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 01 Apr 2022 05:34:16 GMT
Fastly-Original-Body-Size: 17053
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 484859
X-Served-By: cache-lga21970-LGA, cache-hhn4065-HHN
X-Timer: S1648906979.926999,VS0,VE0

Redirect headers

AN-X-Request-Uuid: b0ba0ee1-561b-4a8c-b1a3-902b884016bb
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Sat, 02 Apr 2022 13:42:58 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://acdn.adnxs.com/dmp/async_usersync.html
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200
OK

mapuid
m.adnxs.com/
Redirect Chain

https://c.bing.com/c.gif?Red3=MSAN_MI9_pd&rid=B0C3DCD388514EC1AA31F0B4D15B1F0C&lang=en-us&dgk=chrome&imd=1&pn=article&rf=https://t.co/&tp=https://www.msn.com/en-us/money/other/hackers-have-found-a-...
https://m.adnxs.com/seg?add=5159620&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D226%26user%3D20890875BA506FB020C1190FBBB76EBB%3B%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fmapuid%253Fmem...
https://m.adnxs.com/bounce?%2Fseg%3Fadd%3D5159620%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fmapuid%253Fmember%253D226%2526user%253D20890875BA506FB020C1190FBBB76EBB%253B%2526redir%253Dhttps%2525...
https://m.adnxs.com/mapuid?member=226&user=20890875BA506FB020C1190FBBB76EBB;&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D280%26user%3D20890875BA506FB020C1190FBBB76EBB%3B
https://m.adnxs.com/mapuid?member=280&user=20890875BA506FB020C1190FBBB76EBB;

43 B
959 B

24ms
17ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.adnxs.com/mapuid?member=280&user=20890875BA506FB020C1190FBBB76EBB;

Protocol

HTTP/1.1

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:59 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5185f323-3ff9-4e80-92de-f6e7e42acdf2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:59 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 523574dc-a350-44f7-96ee-ca0445db3e8e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://m.adnxs.com/mapuid?member=280&user=20890875BA506FB020C1190FBBB76EBB;
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 c.gif
c.bing.com/ 42 B
228 B 36ms
34ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=MSNLI_pd&rid=B0C3DCD388514EC1AA31F0B4D15B1F0C&lang=en-us&dgk=chrome&imd=1&pn=article&rf=https://t.co/&tp=https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
etag: "8120eaf0ff3ad81:0"
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2310442C7A41464BA1236AB7F4024A02 Ref B: FRAEDGE1212 Ref C: 2022-04-02T13:42:58Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2

200

getuid
eb2.3lift.com/
Redirect Chain

https://eb2.3lift.com/mapuid?suid=20890875BA506FB020C1190FBBB76EBB&sid=16
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

7ms
7ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
date: Sat, 02 Apr 2022 13:42:58 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cksync.php
hbx.media.net/ 44 B
289 B 84ms
35ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbx.media.net/cksync.php?type=nms&cs=3&ovsid=20890875BA506FB020C1190FBBB76EBB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Sat, 02 Apr 2022 13:42:58 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 44
x-mnet-hl2: E
expires: Sat, 02 Apr 2022 13:42:58 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://cm.mgid.com/m?cdsp=516415&c=20890875BA506FB020C1190FBBB76EBB&mode=inverse&msn_src=ntp
https://cm.mgid.com/m?c=20890875BA506FB020C1190FBBB76EBB&cdsp=516415&mode=inverse&msn_src=ntp&sct=1

43 B
172 B

132ms
129ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?c=20890875BA506FB020C1190FBBB76EBB&cdsp=516415&mode=inverse&msn_src=ntp&sct=1
Protocol: H2
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6f59fdac6ecc926d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
location: https://cm.mgid.com/m?c=20890875BA506FB020C1190FBBB76EBB&cdsp=516415&mode=inverse&msn_src=ntp&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 6f59fdaa2b20926d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 200 setuid
px.ads.linkedin.com/ 95 B
853 B 212ms
190ms Image
image/png 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=microsoftSsp&dbredirect=true&dnt=0&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: BE1B02E55D4A4E4988249B040A978F2B Ref B: FRAEDGE1410 Ref C: 2022-04-02T13:42:58Z
linkedin-action: 1
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-type: image/png
content-length: 108
x-li-uuid: AAXbrBK/220PKlGAHjxVPQ==

GET
H2 204 target Show response
www.civicscience.com/widget/api/2/ 0
98 B 104ms
104ms Script
text/plain 34.233.224.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.civicscience.com/widget/api/2/target?target=dc47b0af-1755-c124-4d1b-758f0eee9014&instance=civsci-id-76398579-AAVLkH5&context=%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72&mv=5&_=1648906979778&callback=jsonp_1648906979778_11539
Requested by: Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.233.224.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-224-198.compute-1.amazonaws.com
Software: Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
x-powered-by: PHP/7.2.34
server: Apache/2.4.52 () OpenSSL/1.0.2k-fips PHP/7.2.34

GET
H2 204 recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 0
57 B 47ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__610868360063259d0faaa6718e14e4cf__%7E%7EV1%7E%7E6383849827559042078%7E%7ERM8MsDli8yCnojJh5uLBzhrUMgsVuPte5UpDgg4E0Z7TxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLBtrUp7ugJTB6EFSNTmEWERRRy3sfoUPKj8AA89jD382ROTmuMmGsAz5HXiYX1A24hMYEBlkMfNnnx_H6WiPHMu39i8RVLZQ5fGtrqAU567LYsVEDAopXrGsuAR5klhjb0AS34z9vIeMHcU7FIpBGWcriKf_MipKJPAYGvlxrJEA__text&response.session=v2_ba68e8c12a279654cb23df775fbcd97e_20890875BA506FB020C1190FBBB76EBB_1648906978_1648906978_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906979.945584,VS0,VE8
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 served
srtb.msn.com/notify/ 0
120 B 75ms
70ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=riverdb&i=3&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=03f5d518-b043-4b10-8f27-c641e3e901bb&ii=1&c=14423933740401430797

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 937402081FCD4C6F839B87CA620E7B14 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 0
59 B 47ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__e8dcf5d25619bb3fdd69ce8ba918f156__%7E%7EV1%7E%7E370277234479669885%7E%7EQ3EGEBOcyZhkokq1x7ohms0LjRZ2kJz-ilZGpRL74bjTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RI0Z105TotBgOdpwml9KhgFl-LjFwSRJQN4ZQsVKnNOI5dC76bNFYSQFKD43hmwM-c8QJvsIlKPkMuRqTliwc6h7W88v6HJ5MumvKXz7pFmSAc69kZ52-VwDAR5sRlr5QzAlq5nHcJGcliCEnYlzTQitW0XVsBfiy9I6vcbRINv9g__text&response.session=v2_ba68e8c12a279654cb23df775fbcd97e_20890875BA506FB020C1190FBBB76EBB_1648906978_1648906978_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906979.945698,VS0,VE9
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 served
srtb.msn.com/notify/ 0
120 B 74ms
70ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=river&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=97a53f03-d1bb-4ab3-91cd-a323239a4184&ii=1&c=7660743193822372692

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 78F90204439E44B1BC16B299A2ACBA5C Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 0
327 B 46ms
14ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__ceeafeba348d5640b24111b8a8a3a411__%7E%7EV1%7E%7E-8683766884149376056%7E%7EFdivFTW0t_l1YbvfrKLcySJBEuZcPxVbXcdf7yUKgvwndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Ayqe_UOnRK3j-LvYjEsLVV4Ey3YGzfNvtUvaFUCqanP7CQ5uPSc3khTzRU-uuRpiN0GPAHGgKRP4ibk3aUgM--0bdS1bW9XCeWPvg161oYkuySdL_YBSPTEHDzF0p9_30zGEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_ba68e8c12a279654cb23df775fbcd97e_20890875BA506FB020C1190FBBB76EBB_1648906978_1648906978_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906979.945780,VS0,VE8
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 served
srtb.msn.com/notify/ 0
120 B 55ms
51ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=river&i=2&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=95e35d75-b3c0-46cf-9228-35f43ed87c82&ii=1&c=11118091727593276974

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C55AD596024D4E889EA683A6610660F5 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 0
55 B 46ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__8bb84a93e3be0551a1edc588330e6888__%7E%7EV1%7E%7E5538884295069466092%7E%7ErG-9GfN1qY8GfY6w3gqSau6iFZVn56KGj4z3VOG-aZjTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RLKsHLEGKR6GRak5z5-eBR2RRRy3sfoUPKj8AA89jD382ROTmuMmGsAz5HXiYX1A24hMYEBlkMfNnnx_H6WiPHMu1IxySc4C6QW7xzLK4Eb4Bv2t-ZRdE7KkbT0JIp2OcL0AS34z9vIeMHcU7FIpBGWcriKf_MipKJPAYGvlxrJEA__text&response.session=v2_ba68e8c12a279654cb23df775fbcd97e_20890875BA506FB020C1190FBBB76EBB_1648906978_1648906978_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906979.945911,VS0,VE8
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 served
srtb.msn.com/notify/ 0
119 B 72ms
69ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=river&i=10&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=21e8e981-6cec-404b-9ffb-d3766b78fea0&ii=1&c=2864465767762823967

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ED14615A2E05462781B6A1913D12CFAB Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 0
56 B 45ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__24d0f3e6e309ea4c5ef14717866b8fff__%7E%7EV1%7E%7E-5964095311520834669%7E%7ETL-Hq8atr6Lxw3zPVlhR-xC0tG1ess06wQFrmE8tSOcndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AytP8lADP-K2hIDjhG5Lw6Boy3YGzfNvtUvaFUCqanP7CQ5uPSc3khTzRU-uuRpiN0Gb_G5BNJhadUPW9Y5hNlSuf0ur7ggkV1z23pYTO0ifB1AEATMf8WjJ0RKA51GfCy2EyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_ba68e8c12a279654cb23df775fbcd97e_20890875BA506FB020C1190FBBB76EBB_1648906978_1648906978_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906979.945968,VS0,VE8
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 served
srtb.msn.com/notify/ 0
119 B 72ms
70ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=river&i=11&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=62c267ff-c35f-4c4c-8284-4fc0f35709ee&ii=1&c=5278718427498643855

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 79526F17123C444299827186506BBB2C Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 0
56 B 46ms
16ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__c7c120a7989994d2e378fa16c988e019__%7E%7EV1%7E%7E2059770723939875414%7E%7EFYqQfxPfsv6P9JQSgDKt_fmAsGAuZPT5qPWUUtnt9KDTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKJO5i1do0mpwGHeasqPYesRRRy3sfoUPKj8AA89jD382ROTmuMmGsAz5HXiYX1A24hMYEBlkMfNnnx_H6WiPHMDKjym6Sj7R5ER5ysbj6TBjt-WzD4Lr5CStnqM10zkIMmz64Lf5ZaatQ__nUXMCL4RMiMsWt_J59zH-ihmwYd_g__photo&response.session=v2_ba68e8c12a279654cb23df775fbcd97e_20890875BA506FB020C1190FBBB76EBB_1648906978_1648906978_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906979.946129,VS0,VE8
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 served
srtb.msn.com/notify/ 0
121 B 71ms
69ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=river&i=12&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=7883175e-36c5-4f20-9881-625799ec6508&ii=1&c=9562056162349318963

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C5B8B7B53CCF494EA3055789FC6D9630 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 0
56 B 15ms
14ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__3a01976e0d5e0aa75ee6158b7e38095c__%7E%7EV1%7E%7E2697475560232841139%7E%7EclNYrHz8PPxpEddFdrVCAIlK56NctVxFBwgI938iH3YndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AylpSKsmMBtMvMKyugDldOPEy3YGzfNvtUvaFUCqanP7CQ5uPSc3khTzRU-uuRpiN0Gb_G5BNJhadUPW9Y5hNlSvalieUqzPy1XDo6Rv9x-YGoR7JNitWNtGOD_R1BcQr1WEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_ba68e8c12a279654cb23df775fbcd97e_20890875BA506FB020C1190FBBB76EBB_1648906978_1648906978_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906979.954244,VS0,VE8
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 served
srtb.msn.com/notify/ 0
120 B 71ms
69ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=river&i=13&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=c2e0a3e7-9bc2-4f24-b3bf-e5a69cb4eef4&ii=1&c=1758839888012487787

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3D9B6F50543D45F391726E5740EC813C Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 0
55 B 15ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__7aaa301df0e0b518934c68368417e254__%7E%7EV1%7E%7E-9071426387291185423%7E%7E95mJxBn9c_T7528ldEbE93pDkYtzJSGOY0AnrRUZmg0ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AypCfbD-1-iPeOijqwXQDouUy3YGzfNvtUvaFUCqanP7CQ5uPSc3khTzRU-uuRpiN0KP-1QQS2b4kaSZVmEc4ze5jzejbH1RwMgOgdjj-5p6em2fxNrhp1QqOIVRf1A3sUmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_ba68e8c12a279654cb23df775fbcd97e_20890875BA506FB020C1190FBBB76EBB_1648906978_1648906978_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906979.954311,VS0,VE9
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 served
srtb.msn.com/notify/ 0
120 B 69ms
68ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=river&i=18&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=7db9211a-fa05-4dbb-91d5-3f5254a5cce7&ii=1&c=7996723449476105577

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DE836A03CC8348F59BA4D98D43345C31 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ 0
56 B 15ms
15ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__dbb13d65979f0d5dc677703dcfb92260__%7E%7EV1%7E%7E1216397845008460189%7E%7EQNcqUD9OOXFKOieICu_XrEnqU5-RlLfURiHP4yJm60sndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69Aym2rQAiwO-aMzG_KHVTV-c4y3YGzfNvtUvaFUCqanP7CQ5uPSc3khTzRU-uuRpiN0Dy-PkZ8QBL803CJ98IWgxgPAvRqsR6HhNgSYm_TYxBDjxfAtsj75Zm6PzSBS4yNydvLk_3rifMxcl1xvYRQEr0__text&response.session=v2_ba68e8c12a279654cb23df775fbcd97e_20890875BA506FB020C1190FBBB76EBB_1648906978_1648906978_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906979.954430,VS0,VE8
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 served
srtb.msn.com/notify/ 0
120 B 70ms
69ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=river&i=23&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=0391f81d-f687-44f1-a978-436540a0f287&ii=1&c=11809880819244990153

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7A10C3FDA48C4A7B9F7D385C35C673C9 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:58Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 200 card-actions-wc.852e9e6557aaf6f0227e.js Show response
assets.msn.com/bundles/v1/views/latest/ 179 KB
46 KB 13ms
13ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/card-actions-wc.852e9e6557aaf6f0227e.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.17d99c99e8653ecfba29.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c6d265d46dcdf7a48f2f70a78c7af6b7970e078a2af4b7c3dd9e8ca5a9efb3b9

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:58 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: Ou59S0jY9YwWrJjFibXigA==
server-timing: 16
content-length: 45879
x-ms-lease-status: unlocked
last-modified: Wed, 30 Mar 2022 23:19:58 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA12A3CF182C8C
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ba6bd504-401e-0028-398d-44c4ba000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3f746

GET
H2 200 AAVKnKv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 21 KB
22 KB 14ms
13ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVKnKv.img?w=300&h=225&q=90&m=6&f=jpg&x=300&y=176&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bff453614d54cbe1b3785fa5845014965bdeaae1b76a1a322d47db53652a6b83

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Fri, 01 Apr 2022 16:38:28 GMT
x-datacenter: westus
x-source-length: 79382
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=355984
x-activityid: d65a6eb6-7bd1-4355-90b0-53752abe6f4f
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVKnKv?w=300&h=225&q=90&m=6&f=jpg&x=300&y=176&u=t
content-length: 21687
expires: Wed, 06 Apr 2022 16:36:02 GMT

GET
H2 200 BBERG9W
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 828 B
1 KB 14ms
14ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBERG9W?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

628148539d801d34a49a7f7997e17b633b96fe68f2f095dc6293d8fe0f54d9c7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Thu, 31 Mar 2022 13:21:35 GMT
x-datacenter: eastus
x-source-length: 1622
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=257916
x-activityid: 57576a13-e7b4-4821-9d3a-2148a35d14d5
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/BBERG9W?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 828
expires: Tue, 05 Apr 2022 13:21:34 GMT

GET
H2 200 AAVLiAb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 39 KB
39 KB 14ms
14ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVLiAb.img?w=300&h=225&q=90&m=6&f=jpg&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

da59c103715348800c5954e765cc997eef7d30b52214147cfce5a954aa85161a

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Fri, 01 Apr 2022 17:32:26 GMT
x-datacenter: westus
x-source-length: 392284
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=359372
x-activityid: 3c5a73d2-346e-49e3-85a9-75922642f3bd
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVLiAb?w=300&h=225&q=90&m=6&f=jpg&u=t
content-length: 39925
expires: Wed, 06 Apr 2022 17:32:30 GMT

GET
H2 200 AAU2Dsv
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 447 B
777 B 15ms
15ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAU2Dsv?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8fb2f738870e714b0d9fc01dcbf3770271ded49cb0e7b0f1410ad44999fa31c8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Thu, 31 Mar 2022 08:05:25 GMT
x-datacenter: eastap
x-source-length: 4760
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=238882
x-activityid: 782871a4-249e-491b-a78b-48cd43e7ae70
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAU2Dsv?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 447
expires: Tue, 05 Apr 2022 08:04:20 GMT

GET
H2 200 AATLpZL.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 20 KB
20 KB 14ms
13ms Image
image/jpeg 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AATLpZL.img?w=300&h=225&q=90&m=6&f=jpg&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

73c20215164f06634292ae0314a05afd2ae6f8f357a3321fa70334172ac762ed

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Fri, 01 Apr 2022 11:01:47 GMT
x-datacenter: eastus
x-source-length: 123940
x-frame-options: deny
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=335917
x-activityid: 895e71f2-ab82-4749-adfc-a40fe48b8538
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AATLpZL?w=300&h=225&q=90&m=6&f=jpg&u=t
content-length: 20033
expires: Wed, 06 Apr 2022 11:01:35 GMT

GET
H2 200 BB11f0Qb
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 409 B
811 B 15ms
15ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB11f0Qb?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

441b6f49858ec289fff6c29ab29d179596019169e3a2ea78d384648e0c3baa76

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BB11f0Qb
date: Sat, 02 Apr 2022 13:42:58 GMT
x-source-length: 1200
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB11f0Qb?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid: 75d902f8-a1d6-4b10-ad30-9739df2a26d1
last-modified: Thu, 31 Mar 2022 07:11:20 GMT
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-length: 409
x-resizerversion: 1.0
x-datacenter: northeu
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=235680
timing-allow-origin: *
expires: Tue, 05 Apr 2022 07:10:58 GMT

GET
H2 200 th
www.bing.com/ 15 KB
15 KB 25ms
19ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.003e9208d908afb635798d452f363988&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8be4fc7c93f250e46d1f811976f75983a4f6ac552dad3a821f4c4fab6ef3663c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AFCE0CC67CA241C880945E358A499E69 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 15443

GET
H2 200 AAykw7c
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 571 B
904 B 21ms
17ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAykw7c?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d108ffef6e8b8adf05fa7720e109ee115a1651075705c724aca770d2814b392

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:58 GMT
last-modified: Fri, 01 Apr 2022 20:13:49 GMT
x-datacenter: westus
x-source-length: 18737
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=369018
x-activityid: b67ddd4f-82e2-46be-b356-5086d329edf4
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAykw7c?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 571
expires: Wed, 06 Apr 2022 20:13:16 GMT

GET
H2 200 th
www.bing.com/ 18 KB
18 KB 22ms
19ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.cd27b9c87c732205cb2b363b92d9cf49&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a204b63326e1b81145f5102bd4e0ef017423efa151aa278dc92ad5508d577849

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E4C1422787234B0C86B41F843EFC3874 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 18624

GET
H2 200 BBUvpML
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 899 B
1 KB 22ms
19ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBUvpML?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3659bc4ae6fa9dbba50be28b28d7bd9ea6ef9ed81e9ca1b9102ff7bd5690e85e

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:BBUvpML
date: Sat, 02 Apr 2022 13:42:59 GMT
x-source-length: 941
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBUvpML?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid: 22980f59-4106-4b1c-bd37-f73e5766c351
last-modified: Thu, 31 Mar 2022 03:39:29 GMT
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-length: 899
x-resizerversion: 1.0
x-datacenter: eastus
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=222986
timing-allow-origin: *
expires: Tue, 05 Apr 2022 03:39:25 GMT

GET
H2 200 th
www.bing.com/ 16 KB
16 KB 20ms
20ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.54e943a5a32bfc12dde7a7ff6942d0e7&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f67b40073ad493421bbdbc9af6dd9589b3797afd0e28e63dc7c5082e7298d8fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 91296E550817494CBBC87A40C076C275 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:58Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 16543

GET
H2 200 AAVBb3C
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 327 B
657 B 22ms
22ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAVBb3C?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5d94b8b98eb1e31150afcc8ca3438f67fefa77271ebd8ddfeabea26adb4f38d1

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:59 GMT
last-modified: Wed, 30 Mar 2022 05:11:47 GMT
x-datacenter: eastap
x-source-length: 1369
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=142100
x-activityid: 236aa0c9-6596-4ccc-abf8-85f0ed5c2dd7
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAVBb3C?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 327
expires: Mon, 04 Apr 2022 05:11:19 GMT

GET
H2 200 th
www.bing.com/ 28 KB
28 KB 21ms
20ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.f1ada14be404964a9f39eab9d04cc5a2&pid=Wdp&w=468&h=304&qlt=90&c=1&rs=1
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ed225e4be6f55848d0d089d9f3cef1eb17ff940aea865db1c6a02d8b514ad13a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 57E4E01A78494677908EDECA5BE2A7C3 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:59Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 28336

GET
H2 200 BBAJ56P
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 825 B
1 KB 14ms
13ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBAJ56P?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

eb1a6b8c2beb495046dae0e5722e319786ab78d9a5d75b00dfa1050cbea829b8

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:59 GMT
last-modified: Wed, 30 Mar 2022 09:10:02 GMT
x-datacenter: eastus
x-source-length: 18777
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=156423
x-activityid: 19f0b71a-21d2-4fdb-9b7c-2a8c5c1302a3
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/BBAJ56P?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 825
expires: Mon, 04 Apr 2022 09:10:02 GMT

GET
H2 200 th
www.bing.com/ 14 KB
14 KB 20ms
20ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.0e5c05d7d64c9fe1dbbb194fdb8620b5&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6bc954c55ae410250c9e13e7139ce04a257270da79f438bcc8cd396b96fa00cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DC5D158B44C74C569B89CF3F7CFAA916 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:59Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 14424

GET
H2 200 BBphlIt
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 697 B
1 KB 15ms
15ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBphlIt?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d947ee8e02802f10c1a27907a528aef68102256f25611e1b30b51e6c4dfac33

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:59 GMT
last-modified: Tue, 29 Mar 2022 20:24:01 GMT
x-datacenter: northeu
x-source-length: 19025
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=110498
x-activityid: 356bbccd-c7bd-46bd-826b-5e14ae5a9c2e
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/BBphlIt?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 697
expires: Sun, 03 Apr 2022 20:24:37 GMT

GET
H2 200 th
www.bing.com/ 16 KB
17 KB 21ms
20ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.d25910198d927ce7f9c6779ccc745f81&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 7b1f017f036293d55ef38b4a220eb2e0b7fc0a0a17be0a7e99113761d3fe9c98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E4A49E6FF8374510A93A5142FDCB5C40 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:59Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 16882

GET
H2 200 AAxspu1
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 469 B
801 B 19ms
19ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAxspu1?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5d43b6a723d79ac626c72f04380ed9df8140b08bbd4184cf50299c051d2f93a4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:59 GMT
last-modified: Wed, 30 Mar 2022 21:41:34 GMT
x-datacenter: westus
x-source-length: 19025
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=201477
x-activityid: 907f5b09-eaa3-4a09-94d1-aa44b75008ba
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAxspu1?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 469
expires: Mon, 04 Apr 2022 21:40:56 GMT

GET
H2 200 th
www.bing.com/ 17 KB
17 KB 23ms
20ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.cc3b2ccbc913ebbc9bc8042c0357c3ce&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 07eaa9c3f5266f72943d54e147305272b415df938e585e25e832235193c3121c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EFB70F03FB4E4981A037CACFE2F25148 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:59Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 17711

GET
H2 200 AALER5n
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 602 B
932 B 17ms
16ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6ea15ce50030095c00cd5861862b133f821dca77413bb2ee7d740bab42894ffb

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:59 GMT
last-modified: Wed, 30 Mar 2022 13:38:14 GMT
x-datacenter: westus
x-source-length: 3337
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=172508
x-activityid: 60d483f7-0361-4134-9781-4c8073f15ece
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AALER5n?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 602
expires: Mon, 04 Apr 2022 13:38:07 GMT

GET
H2 200 th
www.bing.com/ 16 KB
17 KB 24ms
20ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.767b2d6b5e6b50a5c91249f0ea36bfd3&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 147088448b9c3197cb0447f96f7a1297b157e0be9daf3831e1356cfd8a0f31a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C00081DF1B244E0906061470A2BC9CF Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:59Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 16524

GET
H2 200 AA4QDcg
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 406 B
806 B 16ms
14ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA4QDcg?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d5f645227c51a6e4d711befe18f139271389054428914a4206bd5590bff60a42

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-cms-cdninvalkey: amp:AA4QDcg
date: Sat, 02 Apr 2022 13:42:59 GMT
x-source-length: 260
content-location: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA4QDcg?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid: 47402664-f181-4a93-9bb4-62dc872b6f48
last-modified: Tue, 29 Mar 2022 22:35:04 GMT
x-deployment: 72c3fde762c149e9ae8e86fd76d57772
content-length: 406
x-resizerversion: 1.0
x-datacenter: westus
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=118271
timing-allow-origin: *
expires: Sun, 03 Apr 2022 22:34:10 GMT

GET
H2 200 th
www.bing.com/ 24 KB
24 KB 21ms
20ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.15f757e94398b7846b723abe057b22ac&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4a4a515c111dd870edbb81a16997a84970ed442418c3bb9862aef58f64dcf5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 96AE9020E34244258AFBAE5A6CE08547 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:59Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 24562

GET
H2 200 AADeC24
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 759 B
1 KB 15ms
14ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AADeC24?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c81ecf2ba711de85ddc66ab010a2e1cb0374ecca2daa69257bb637ff0fadca21

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:59 GMT
last-modified: Thu, 31 Mar 2022 01:48:02 GMT
x-datacenter: westus
x-source-length: 4101
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216301
x-activityid: 55dcb060-4a53-4be7-9494-9873cbe769e4
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AADeC24?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 759
expires: Tue, 05 Apr 2022 01:48:00 GMT

GET
H2 200 th
www.bing.com/ 20 KB
20 KB 21ms
20ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.e627e1bbfa54c40817e548d74ddaf875&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a6da60b373fcaf6cd61842f49955c20e24ace2e65e8b6c7a5339bb72951b6ee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 20B714BD7B9C4427BC10655F44B40FD2 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:59Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 20754

GET
H2 200 AAV6eAn
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 329 B
659 B 14ms
13ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAV6eAn?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1dac8195bf71015f538e51575a3ce3675890c16dce42f3a83a6637092d7bafb0

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:59 GMT
last-modified: Wed, 30 Mar 2022 00:18:32 GMT
x-datacenter: westus
x-source-length: 310
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=124586
x-activityid: 81805731-5768-4c19-a91f-fff617331f3f
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAV6eAn?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 329
expires: Mon, 04 Apr 2022 00:19:25 GMT

GET
H2 200 th
www.bing.com/ 16 KB
16 KB 44ms
43ms Image
image/jpeg 2a01:111:202c::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.30c1930b3f7ae45a74c06647916101e5&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9decaed7b6fc585db3154f96a62b530cdf2fc975f5bbbe2dbbd0f2929e72a121

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 257A2CD13549416CB3839F02A13ECD06 Ref B: VIEEDGE3318 Ref C: 2022-04-02T13:42:59Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 16524

GET
H2 200 AAywOab
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 640 B
971 B 15ms
15ms Image
image/png 2a02:26f0:3500:7::17d8:4dc9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.530d0ba66b20811b2bc6.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:3500:7::17d8:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5647d6e4fe65dadc8621ea2af7af33e586f7badd85f252d6132903cd0da80889

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:59 GMT
last-modified: Thu, 31 Mar 2022 22:33:55 GMT
x-datacenter: eastap
x-source-length: 18737
x-frame-options: deny
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=291053
x-activityid: 3ad902d8-3fa8-4c84-b252-162ece0b8fa2
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAywOab?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 640
expires: Tue, 05 Apr 2022 22:33:52 GMT

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8768e0f917d65084dd985b031ed827d7.png
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 8 KB
9 KB 38ms
30ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8768e0f917d65084dd985b031ed827d7.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 44888dbc834fb18e3bdd3d873b81bc16407059d88c990b89c476b392dec48a6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 790133
edge-cache-tag: 549217223171186335615949030763468643845,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag: 549217223171186335615949030763468643845,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 105
expiration: expiry-date="Wed, 30 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8768e0f917d65084dd985b031ed827d7.png
content-length: 8030
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sun, 27 Feb 2022 21:02:35 GMT
server: nginx
x-timer: S1648906979.088104,VS0,VE1
etag: "6035baaa4c0f8b5d5a08910170b43d96"
x-served-by: cache-iad-kjyo7100132-IAD, cache-iad-kcgs7200064-IAD, cache-chi-kigq8000060-CHI, cache-iad-kjyo7100098-IAD, cache-hhn4052-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fcd3bacd4876d3e6e0f09abcc277472a8.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 13 KB
14 KB 36ms
29ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fcd3bacd4876d3e6e0f09abcc277472a8.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ef054ca14dd341e7cdbc5eff1aaa1f8043afa1ae223408100536770073fe864

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish, 1.1 varnish
fastly-original-body-size: 13242
age: 1495677
edge-cache-tag: 587567397553241663533271733998135972810,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag: 587567397553241663533271733998135972810,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 117
expiration: expiry-date="Mon, 11 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fcd3bacd4876d3e6e0f09abcc277472a8.jpg
content-length: 13242
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Fri, 11 Mar 2022 12:48:05 GMT
server: nginx
x-timer: S1648906979.087988,VS0,VE1
etag: "96597ed1d003bdad381c0f2f1ea3855a"
x-served-by: cache-wdc5572-WDC, cache-iad-kcgs7200032-IAD, cache-hhn4052-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0e4eb11f4960ed35d0041af205bf6266.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_304%2Cw_468%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 25 KB
25 KB 36ms
30ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_304%2Cw_468%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0e4eb11f4960ed35d0041af205bf6266.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 04b1c47b8990805e5f7cc9c9b5cc216accf7158e713c7cc538cdfaf49d5db8d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish, 1.1 varnish
fastly-original-body-size: 25184
age: 1301519
edge-cache-tag: 481501623397697704642380798566235740047,531251317501073307919544072836677194697,29ecf9b93bbf306179626feeda1fab70
cache-tag: 481501623397697704642380798566235740047,531251317501073307919544072836677194697,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 604
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_304%2Cw_468%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0e4eb11f4960ed35d0041af205bf6266.jpg
content-length: 25184
x-request-id: 7486d4ce800f3e40f95634702ca41238
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Tue, 15 Mar 2022 10:03:17 GMT
server: nginx
x-timer: S1648906979.088161,VS0,VE1
etag: "a45b0d76316a8ee432b63503117c3d5e"
x-served-by: cache-wdc5527-WDC, cache-iad-kjyo7100103-IAD, cache-hhn4052-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F74d41e498179f8f28dc7fcfc4976c48a.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 13 KB
13 KB 18ms
7ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F74d41e498179f8f28dc7fcfc4976c48a.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1269ef30864de2aa809ed2f19265c71fb0c2d50256b40adfcdd0ec34c3633b8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish, 1.1 varnish
fastly-original-body-size: 12946
age: 1544962
edge-cache-tag: 511399504168481062012476218531592153705,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag: 511399504168481062012476218531592153705,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 105
expiration: expiry-date="Tue, 15 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F74d41e498179f8f28dc7fcfc4976c48a.jpg
content-length: 12946
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Sat, 12 Feb 2022 18:17:12 GMT
server: nginx
x-timer: S1648906979.130913,VS0,VE1
etag: "0764f6c5f09294943950a1e898f25645"
x-served-by: cache-bwi5065-BWI, cache-iad-kcgs7200175-IAD, cache-hhn4052-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5ff8fb1bf63befc29982c8b6bbab416b.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 8 KB
8 KB 13ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5ff8fb1bf63befc29982c8b6bbab416b.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ad981141a519fb3df78db27ceb6c987392489448d8d3011f0a19004628dfd62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 1408075
edge-cache-tag: 537555113518884005202560548345921778966,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537555113518884005202560548345921778966,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 180
expiration: expiry-date="Sat, 26 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F5ff8fb1bf63befc29982c8b6bbab416b.jpg
content-length: 7730
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified: Wed, 23 Feb 2022 15:09:51 GMT
server: nginx
x-timer: S1648906979.131229,VS0,VE1
etag: "a132a3ea81b06f15d38f73b3cad004fd"
x-served-by: cache-wdc5524-WDC, cache-iad-kjyo7100175-IAD, cache-hhn4052-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6eb60cc61b08727818d1a4dd1c080a37.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 6 KB
7 KB 14ms
9ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6eb60cc61b08727818d1a4dd1c080a37.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f8d2dbcc40d35f77cd6110eedcbb17c88ce82c416bdee58247ceab53ff99c8a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish, 1.1 varnish
fastly-original-body-size: 6456
age: 875263
edge-cache-tag: 431549089842961911999047659763286761419,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag: 431549089842961911999047659763286761419,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 119
expiration: expiry-date="Fri, 01 Apr 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6eb60cc61b08727818d1a4dd1c080a37.jpg
content-length: 6456
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Tue, 01 Mar 2022 12:01:05 GMT
server: nginx
x-timer: S1648906979.131331,VS0,VE1
etag: "5c8f26a6abb2861629d63f713bcdcfcd"
x-served-by: cache-iad-kcgs7200023-IAD, cache-iad-kiad7000171-IAD, cache-chi-kigq8000043-CHI, cache-iad-kcgs7200035-IAD, cache-hhn4052-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 8, 1

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F71b0f361486fcce1ef73a9af544ea3e7.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 8 KB
9 KB 14ms
10ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F71b0f361486fcce1ef73a9af544ea3e7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 42e0e958450a5223e3fa0c3802fe892d419523fc520529a728756915d2856a6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 2672847
edge-cache-tag: 619432764529356930478689761430913743162,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag: 619432764529356930478689761430913743162,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 105
expiration: expiry-date="Fri, 11 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F71b0f361486fcce1ef73a9af544ea3e7.jpg
content-length: 8080
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified: Tue, 08 Feb 2022 07:48:00 GMT
server: nginx
x-timer: S1648906979.131406,VS0,VE1
etag: "4b8c8316d9036e3c2af725f717b84c99"
x-served-by: cache-wdc5562-WDC, cache-iad-kjyo7100086-IAD, cache-hhn4052-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1d2dc10b1a5cbca4b861101f0e7b59c1.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 9 KB
10 KB 8ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1d2dc10b1a5cbca4b861101f0e7b59c1.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f3ce72e87dacc22ab8b64ac715a69dc05ad1d1cf0b8a39778f502329a628011

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish, 1.1 varnish
fastly-original-body-size: 9502
age: 2602819
edge-cache-tag: 495200428587886488436543103414084568460,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
cache-tag: 495200428587886488436543103414084568460,533847855634330505656663989683055549682,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 91
expiration: expiry-date="Fri, 18 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_225%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F1d2dc10b1a5cbca4b861101f0e7b59c1.jpg
content-length: 9502
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Tue, 15 Feb 2022 18:50:17 GMT
server: nginx
x-timer: S1648906979.143922,VS0,VE2
etag: "a04068048ff059043aef7d823b7e282d"
x-served-by: cache-wdc5570-WDC, cache-iad-kjyo7100128-IAD, cache-hhn4052-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 / Show response
assets.msn.com/service/community/urls/ 7 KB
5 KB 78ms
78ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/urls/?cmsid=AAVKxwX&market=en-us&version=1.1&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e34dc4daf668ce0135325c0058371ca23d7dfe42f0bc17a34a9e24e4e45b8bfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,muidflt19cf,muidflt21cf,muidflt58cf,muidflt300cf,mmxios1cf,moneyedge3cf,pnehp3cf,pnehz2cf,starthz3cf,1s-brsagexfee3,audexhz2cf,moneyhz1cf,1s-bing-news,vebudumu04302020,prg-ndauthrf2,prg-nodualauth,shophp2cf,sagehz1cf,weather5cf,1s-brsageapcc0,prg-1sw-wlsmy3,prg-1sw-c-refcnt,prg-1sw-curr3,prg-1sw-acp-fzy,prg-wpo-ampwhprr,prg-1sw-v15more,prg-1s-badge,prg-1sw-badge,prg-1sw-bdgns,prg-1sw-nbdgw,prg-1sw-pnp,prg-1sw-shbdg,prg-1sw-toregion,prg-1sw-wbdg,prg-1sw-sphnmsnncf,btrecenus,iframeflex,prg-adspeek,23bh6703,1s-br30min,1s-winauthservice,1s-winsegservice,prg-1sw-grevtt,prg-1sw-sphn2msn,prg-hprewflyout-t,wf-sunny-first,msnapp10cf,prg-1sw-sphfdycf,f-rel-all,blockdedupc,ads-msxdedupc,prg-wtchsocial-c,1s-maps-latlongkey,1s-pagesegservice,prg-ias,prg-1sw-ms-cloud,prg-1sw-mscloudn,prg-ms-cloud,prg-1sw-pr1loc,prg-1sw-loc-hd,prg-1sw-skic,prg-1sw-newsskip,prg-1sw-nwrc,prg-1sw-l2icon,1s-fcrypt,prg-cookiesync,ads-lockerdome,prg-spr-c-c0317,prg-spr-wpop,prg-shp-wpo-ts2,prg-sh-wpo,prg-spr-ewpot,prg-spr-shpwpoon,prg-spr-mo2c1,prg-sh-muct01,prg-spr-spddpfm,prg-spr-sbprnk2,prg-psovhigh1,prg-1sw-cldp1,prg-1sw-rcmdint,prg-1sw-splog,artglyrank1cf,artglyrank2cf,1s-brsageccl0tpb,prg-sh-bulauchv,prg-sh-bullautoarr,prg-1sw-pbpf1,prg-1sw-accu10,prg-1sw-pr2ctlal,prg-wx-anmprns,prg-1sw-hdukr,prg-sh-adn,prg-sh-synadnt,prg-sh-afgl-cm,prg-sh-affs,prg-sh-afpdps,prg-1sw-sp5mats,prg-1s1-cryptd,prg-wea-skipauth
ddd-storeentrytimeutc: 4/2/2022 1:42:59 PM
x-msedge-ref: Ref A: EA693E69BD0F40F788884A779A9FC290 Ref B: PRG01EDGE1112 Ref C: 2022-04-02T13:42:59Z
ddd-strategyexecutionlatency: 00:00:00.0019713
server-timing: 12
ddd-servername: 45F1505FA4EF
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
cache-control: public, max-age=60
x-msedge-responseinfo: 2
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref
onewebservicelatency: 2
x-as-suppresssetcookie: 1
date: Sat, 02 Apr 2022 13:42:59 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
content-length: 1501
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt19=muidflt19cf,muidflt21=muidflt21cf,muidflt58=muidflt58cf,muidflt300=muidflt300cf,mmxios1=mmxios1cf,moneyedge3=moneyedge3cf,pnehp3=pnehp3cf,pnehz2=pnehz2cf,starthz3=starthz3cf,platagyhz3=1s-brsagexfee3,audexhz2=audexhz2cf,moneyhz1=moneyhz1cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,anaheimmuidr5=prg-ndauthrf2,shophp2=shophp2cf,sagehz1=sagehz1cf,weather5=weather5cf,sagenl2=1s-brsageapcc0,wfeedsmuid2=prg-1sw-wlsmy3,wfeedsmuid4=prg-1sw-c-refcnt,wfeedsmuid6=prg-1sw-curr3,wfeedsmuid9=prg-1sw-acp-fzy,wfeedsmuid12=prg-wpo-ampwhprr,wfeedsmuid13=prg-1sw-v15more,wfeedsmuid14=prg-1sw-sphnmsnncf,275g=btrecenus,2922=iframeflex,2ml4=prg-adspeek,cstraffic3=23bh6703,2pgg=1s-br30min,2tpu=1s-winauthservice,2uns=1s-winsegservice,wfeedsmuid18=prg-1sw-grevtt,wfeedsmuid19=prg-1sw-sphn2msn,wfeedsmuidheader2=prg-hprewflyout-t,weather6=wf-sunny-first,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-sphfdycf,2z88=f-rel-all,anaheimmuidads1=blockdedupc,30jn=prg-wtchsocial-c,30xj=1s-maps-latlongkey,30y9=1s-pagesegservice,314c=prg-ias,3btl=prg-1sw-ms-cloud,3bvi=prg-1sw-mscloudn,3bvm=prg-ms-cloud,3ezk=prg-1sw-pr1loc,3f0x=prg-1sw-skic,3fl0=prg-1sw-newsskip,3fnb=prg-1sw-nwrc,3gae=prg-1sw-l2icon,3gk6=1s-fcrypt,3k4p=prg-cookiesync,3k7y=ads-lockerdome,wfeedsmuidshop5=prg-spr-c-c0317,wfeedsmuidshop6=prg-spr-wpop,wfeedsmuidshop7=prg-spr-mo2c1,wfeedsmuidshop8=prg-spr-spddpfm,wfeedsmuidshop9=prg-spr-sbprnk2,wfeedsmuidwpo2=prg-psovhigh1,wfeedsmuidwpo5=prg-1sw-cldp1,3l73=prg-1sw-splog,artglyrank1=artglyrank1cf,artglyrank2=artglyrank2cf,artglyrank5=1s-brsageccl0tpb,3lse=prg-sh-bulauchv,3lzo=prg-1sw-pbpf1,3mbu=prg-1sw-accu10,prong2wpo2=prg-1sw-pr2ctlal,3mhb=prg-wx-anmprns,3mi0=prg-1sw-hdukr,3nv7=prg-sh-adn,3nvk=prg-sh-afgl-cm,3o1l=prg-1sw-sp5mats,3ouw=prg-1s1-cryptd,3p54=prg-wea-skipauth
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: 3e0cb534-b541-40ca-a1f2-15a114d6f124
ddd-storeexecutionlatency: 00:00:00.0019386
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: 40b3fabd

POST
H2 200 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
442 B 227ms
227ms Fetch
application/json 40.74.98.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1648906980122&w=0&anoncknm=anon
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.74.98.195 Osaka, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: d1ab4c233328de4dff75c278204a647ee2cc94d9e302ee923d365777dc4b0e91

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: -802
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
content-length: 153

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 8304
Redirect Chain

https://idsync.rlcdn.com/420046.gif?partner_uid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQEtKOFM1Tjk2NmEyWndLMnltMzNPRjk3N2haWFA5OUVZc2lzaW1ST0dOMW5aNFFPUzJmTzB6bFJEaEtTVUg1ZnQQABoNCOOloZIGEgUI6AcQAEIASgA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA7B4At2EEERjrXagEC69BY&google_cver=1

42 B
317 B

17ms
16ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA7B4At2EEERjrXagEC69BY&google_cver=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEA7B4At2EEERjrXagEC69BY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 400
Bad Request 29859
tags.bluekai.com/site/ Frame 8304 0
225 B 250ms
168ms Image
text/plain 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29859?id=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://b1sync.zemanta.com/usersync/outbrain/?puid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=0&gdpr_consent=&us_privacy=1---
https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&s=2&us_privacy=1---
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=bbSw_WJZfCrYdHjWCtA_&gdpr=0&us_privacy=1---

0
292 B

190ms
88ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=zemanta&uid=bbSw_WJZfCrYdHjWCtA_&gdpr=0&us_privacy=1---
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: d3a72d398b89ddb7a13a3e3360075140
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:59 GMT
P3p: CP="We do not support P3P header."
Location: https://sync.outbrain.com/cookie-sync?p=zemanta&uid=bbSw_WJZfCrYdHjWCtA_&gdpr=0&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 130
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8484296133233988585&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft

0
291 B

92ms
91ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8484296133233988585&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: a60df4ec0506ec4610898e4d09606d42
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:59 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 962d7138-62f6-49d0-929e-a3fac09e9757
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.outbrain.com/cookie-sync?p=appnexus&uid=8484296133233988585&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 8304
Redirect Chain

https://dpm.demdex.net/ibs:dpid=133726&dpuuid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=0&gdpr_pd=1&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=0&gdpr_pd=1&gdpr_consent=

42 B
945 B

44ms
40ms

Image
image/gif

52.16.213.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=0&gdpr_pd=1&gdpr_consent=

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

HTTP/1.1

Server

52.16.213.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-213-80.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-00570eae8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: F1JURmyATnQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v030-01115f9c3.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: yJ0MDVTZTIA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 set
sync-jp.im-apps.net/imid/ Frame 8304 43 B
203 B 741ms
239ms Image
image/gif 54.250.154.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.250.154.224 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-250-154-224.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:59 GMT
cache-control: no-cache
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
content-length: 43
expires: Sat, 02 Apr 2022 13:42:58 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent=
https://sync.outbrain.com/cookie-sync?p=ttd&uid=fe617e27-a409-4c90-9cd7-b6e585d9869f

0
306 B

174ms
86ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=ttd&uid=fe617e27-a409-4c90-9cd7-b6e585d9869f
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: adb85b03a867f8f9f7df613586279dba
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.outbrain.com/cookie-sync?p=ttd&uid=fe617e27-a409-4c90-9cd7-b6e585d9869f
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 8304 0
338 B 114ms
34ms Image
text/plain 54.72.202.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.202.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-202-157.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:59 GMT
cache-control: private, no-cache, no-store
x-request-time: D=31 t=1648906979
x-served-by: beacon-n012-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 8304 43 B
348 B 81ms
24ms Image
image/gif 35.178.150.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.178.150.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-178-150-13.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=5976e585-921c-458f-bb5b-33471eda11d5

0
308 B

114ms
88ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=5976e585-921c-458f-bb5b-33471eda11d5
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: 6e5d0e4153eb7474ca4de3d4b311f2ec
Content-Length: 0

Redirect headers

Location: //sync.outbrain.com/cookie-sync?p=mediaforce&uid=5976e585-921c-458f-bb5b-33471eda11d5
Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://x.bidswitch.net/sync?ssp=outbrain&user_id=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=outbrain&bsw_custom_parameter=a2a5d455-4ea4-479c-9995-498bac1f0424
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=outbrain&expires=10&bsw_param=a2a5d455-4ea4-479c-9995-498bac1f0424
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=a2a5d455-4ea4-479c-9995-498bac1f0424&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=

0
309 B

249ms
89ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=a2a5d455-4ea4-479c-9995-498bac1f0424&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: bd8aa9b8562c2b84ca8b166fbf1c1206
Content-Length: 0

Redirect headers

Location: //sync.outbrain.com/cookie-sync?p=bidswitch&uid=a2a5d455-4ea4-479c-9995-498bac1f0424&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 8304 43 B
363 B 62ms
16ms Image
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft%26uid%3D%40%40CRITEO_USERID%40%40

Requested by

Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
server: Kestrel
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 314962
content-type: image/gif
expires: Sat, 02 Apr 2022 00:00:00 GMT

GET
H/1.1

200
OK

user-sync
cpm.convergeselect.net/ Frame 8304
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&google_dbm=&google_tc=
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAQYji-NkqbbU3KsoXH67R8&google_cver=1
https://cpm.convergeselect.net/user-sync?dsp=328334&t=image&gdpr=&gdpr_consent=&uid=a2a5d455-4ea4-479c-9995-498bac1f0424

42 B
228 B

71ms
11ms

Image
image/gif

77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cpm.convergeselect.net/user-sync?dsp=328334&t=image&gdpr=&gdpr_consent=&uid=a2a5d455-4ea4-479c-9995-498bac1f0424
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:59 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: close
Content-Length: 42

Redirect headers

Location: //cpm.convergeselect.net/user-sync?dsp=328334&t=image&gdpr=&gdpr_consent=&uid=a2a5d455-4ea4-479c-9995-498bac1f0424
Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=25
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7082001548965968022

0
294 B

234ms
90ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7082001548965968022
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: 07312c838a2fce5a11a44762fcd74585
Content-Length: 0

Redirect headers

Location: https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7082001548965968022
Date: Sat, 02 Apr 2022 13:42:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 8304 0
344 B 47ms
12ms Image
text/plain 18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=1mpn7m0&uid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 204 KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
id.geistm.com/m/OB/ Frame 8304 0
159 B 309ms
97ms Image
text/plain 3.222.216.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.geistm.com/m/OB/KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.216.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-216-235.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:59 GMT
x-powered-by: Express

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://creativecdn.com/cm-notify?pi=outbrain
https://creativecdn.com/cm-notify?pi=outbrain&tc=1
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=06WgY7DlsNYWfUHNGKbd&pi=outbrain&tc=1

0
292 B

203ms
91ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=06WgY7DlsNYWfUHNGKbd&pi=outbrain&tc=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: 54bfeab61dee3a363bc47c81a198c074
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=06WgY7DlsNYWfUHNGKbd&pi=outbrain&tc=1
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT, Sat, 02 Apr 2022 13:42:59 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 8304 0
239 B 393ms
94ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78008fe701b681dce86a72fc23cacc40
Content-Type: image/gif

GET
H/1.1 200
OK cookiesyncredir
bttrack.com/Pixel/ Frame 8304 35 B
380 B 390ms
97ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

X-ServerName: Track002-iad
Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:58 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2 403 tpid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame 8304 49 B
269 B 100ms
28ms Image
image/gif 54.220.157.118
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.220.157.118 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-220-157-118.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.5.229
content-type: image/gif
content-length: 49
expires: 0

GET
H2

204

/
loadus.exelator.com/load/ Frame 8304
Redirect Chain

https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&xl8blockcheck=1
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft

0
1 KB

36ms
36ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sat, 02 Apr 2022 13:42:59 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0z...
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YkhS4-eni4BvmTlm1ztp5QAABIwAAAAB&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft

0
307 B

90ms
88ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YkhS4-eni4BvmTlm1ztp5QAABIwAAAAB&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: 51f0f9c3e5112a3d88be102c358e9a17
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YkhS4-eni4BvmTlm1ztp5QAABIwAAAAB&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 348
Expires: Sat, 02 Apr 2022 13:42:59 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1...
https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1...
https://sync.outbrain.com/cookie-sync?p=spotx&uid=cf7b9c2a-b28a-11ec-a08e-18c6427b0206&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft

0
308 B

90ms
88ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=spotx&uid=cf7b9c2a-b28a-11ec-a08e-18c6427b0206&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: 76b02c8dcbcfd78dc6e0f1800ab07243
Content-Length: 0

Redirect headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Server: nginx
Location: https://sync.outbrain.com/cookie-sync?p=spotx&uid=cf7b9c2a-b28a-11ec-a08e-18c6427b0206&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 125
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODlENkRDNjctRkFFMy00MUQ1LUJGM0ItODg1QjRFM0NCOEVC&gdpr=0&gdpr_consent=PM_CONSENT
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft%2...
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&uid=89D6DC67-FAE3-41D5-BF3B-885B4E3CB8EB

0
311 B

89ms
89ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&uid=89D6DC67-FAE3-41D5-BF3B-885B4E3CB8EB
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:43:00 GMT
Cache-Control: no-cache
X-TraceId: b33226017918c7a8b663b821fb8a7ffe
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&uid=89D6DC67-FAE3-41D5-BF3B-885B4E3CB8EB
date: Sat, 02 Apr 2022 08:06:01 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 cm
u.openx.net/w/1.0/ Frame 8304 43 B
305 B 53ms
22ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft%26uid%3D
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UPcf85dc29-b28a-11ec-a661-02d682d633bc
https://sync.outbrain.com/cookie-sync?p=oath&uid=UPcf85dc29-b28a-11ec-a661-02d682d633bc

0
309 B

88ms
88ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=oath&uid=UPcf85dc29-b28a-11ec-a661-02d682d633bc
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: d55a4fe850f75090e3497db140e4d9b1
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=oath&uid=UPcf85dc29-b28a-11ec-a661-02d682d633bc
date: Sat, 02 Apr 2022 13:42:59 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 um
cs.emxdgt.com/ Frame 8304 0
59 B 98ms
29ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft%0A
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
content-length: 0
content-type: text/html

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisim...
https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99E...
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=c153e6bb-303f-4dfd-84d0-962c8b0dbb31&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft

0
318 B

89ms
89ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=c153e6bb-303f-4dfd-84d0-962c8b0dbb31&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:43:00 GMT
Cache-Control: no-cache
X-TraceId: 1a52c77c58fffe5e7383c189771df653
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=c153e6bb-303f-4dfd-84d0-962c8b0dbb31&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
date: Sat, 02 Apr 2022 13:42:59 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QO...
https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&zcc=1&cb=1648906979904
https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D

0
145 B

90ms
89ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: 46fd038b532b832c184ecfba63cc6ca7
Content-Length: 0

Redirect headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
server: Tengine
etag: OPTOUT
content-type: text/html
location: https://sync.outbrain.com/cookie-sync?p=unruly&uid=OPTOUT&obUid=$D
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 8304 0
240 B 43ms
7ms Image
text/plain 2600:9000:225e:e200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:e200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: CGVgrVOCvpv8Gn-oI63qvP8Ni5bRXHMSQoomg6HnSsjCIWm-69_wdg==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DKJ8S5N966a2ZwK...
https://sync.outbrain.com/cookie-sync?p=smart&uid=7806786059367544665&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING

0
291 B

88ms
88ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=smart&uid=7806786059367544665&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:43:00 GMT
Cache-Control: no-cache
X-TraceId: 309c504a1ea5e5e204aae04f0e73857a
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=smart&uid=7806786059367544665&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
date: Sat, 02 Apr 2022 13:42:59 GMT
content-length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-aYxKh8pE2uF9z.SgK1jbpBSxB7AtoUO99zkjheE-~A&gdpr=0&gdpr_consent=

0
323 B

90ms
89ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-aYxKh8pE2uF9z.SgK1jbpBSxB7AtoUO99zkjheE-~A&gdpr=0&gdpr_consent=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:42:59 GMT
Cache-Control: no-cache
X-TraceId: 85ecb06bde7be7b1754f126ab65144d7
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-aYxKh8pE2uF9z.SgK1jbpBSxB7AtoUO99zkjheE-~A&gdpr=0&gdpr_consent=
date: Sat, 02 Apr 2022 13:42:59 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 c.gif
c.bing.com/ Frame 8304 42 B
175 B 34ms
31ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?red3=MSOB_pd&uid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:58 GMT
etag: "8120eaf0ff3ad81:0"
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E81FCC8F08A44B459374CE17BEB6A257 Ref B: FRAEDGE1212 Ref C: 2022-04-02T13:42:59Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H2 204 services
sync.technoratimedia.com/ Frame 8304 0
298 B 286ms
93ms Image
text/plain 150.136.156.92
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:43:00 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 275652756
access-control-allow-origin: https://widgets.outbrain.com/
access-control-allow-credentials: true

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame 8304
Redirect Chain

https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft%26uid%3D%7BUSER_I...
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&uid=645e410d-13fd-4c18-9d03-b36459102b5a

0
145 B

89ms
88ms

Image
text/plain

64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&uid=645e410d-13fd-4c18-9d03-b36459102b5a
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:43:00 GMT
Cache-Control: no-cache
X-TraceId: 8f5aff924daf654d7611fa6f76c1274b
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft&uid=645e410d-13fd-4c18-9d03-b36459102b5a
date: Sat, 02 Apr 2022 13:43:00 GMT
content-length: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8

GET
H2 200 sync-iframe
cs-server-s2s.yellowblue.io/ Frame 8304 0
328 B 308ms
98ms Image
text/html 54.83.246.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drise%26uid%3D%5BpartnerId%5D%26obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.246.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-246-18.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:43:00 GMT
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html
access-control-allow-origin: https://widgets.outbrain.com/
x-reason: could not perform CS due to GDPR policy: gdpr is not applied
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length: 0

GET
H2 451 711945.gif
id.rlcdn.com/ Frame 8304 0
0 33ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711945.gif?cparams=obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

POST
H2 200 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
426 B 224ms
223ms Fetch
application/json 40.74.98.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1648906980226&w=0&anoncknm=anon
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.74.98.195 Osaka, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: ca6ae1c857133ec713154961692df89f64a2114461ebe972a82c06404f71ed4d

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Apr 2022 13:42:58 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: -800
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
content-length: 153

GET
H2 200 v0.3.js Show response
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 4429 4 KB
3 KB 14ms
13ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19084571
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 32e8e8dbe67db7d8317c4a05c0d5d9874994cda6e0778808130f45d42193690b

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:59 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: z8Jjf5/rd/eZ9trCtaDFyg==
server-timing: 13
content-length: 2092
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 16:00:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA119D4B29FAB8
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: d962dcd8-101e-0074-4086-43874c000000
cache-control: public, max-age=86400
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3fd92

GET
H2 200 v0.3.js Show response
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame B14E 4 KB
3 KB 15ms
15ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19084571
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 32e8e8dbe67db7d8317c4a05c0d5d9874994cda6e0778808130f45d42193690b

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:59 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: z8Jjf5/rd/eZ9trCtaDFyg==
server-timing: 13
content-length: 2092
x-ms-lease-status: unlocked
last-modified: Tue, 29 Mar 2022 16:00:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA119D4B29FAB8
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: d962dcd8-101e-0074-4086-43874c000000
cache-control: public, max-age=86400
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: 40b3fd97

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FA7C 0
741 B 24ms
14ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:42:59 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ebd0c8f5-c8db-4943-8633-50f166b1ed9c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 banner.css
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 4429 2 KB
1 KB 23ms
12ms Stylesheet
text/css 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/banner.css?v=19084571
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19084571
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 83b46925b25c211de53c1a88ffba5d51982d3a60f36c129a7ec38d1b400b22a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:59 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: g0Qf/KmXtQmVnbpqUM24zw==
server-timing: 12
content-length: 656
x-ms-lease-status: unlocked
last-modified: Fri, 01 Apr 2022 21:43:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA1428B3B6FE66
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4d718484-c01e-001d-3826-46dc9d000000
cache-control: public, max-age=86400
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
akamai-request-id: 40b3fec4

GET
H2 200 darkModeBanner.css
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 4429 679 B
868 B 21ms
12ms Stylesheet
text/css 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/darkModeBanner.css?v=19084571
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19084571
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7784b03179b61638d0ba91b33f2dfa2a84b6d4af016942e80ac0a469a61b1825

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:59 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: HvnL4/tdYHBxpdrLF3XG4A==
server-timing: 12
content-length: 304
x-ms-lease-status: unlocked
last-modified: Fri, 01 Apr 2022 21:43:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA1428B396CFE3
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: fc1d79d3-801e-005c-787f-46de32000000
cache-control: public, max-age=86400
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
akamai-request-id: 40b3fed0

POST
H2 200 auction Show response
srtb.msn.com/ Frame 4429 13 KB
4 KB 316ms
314ms XHR
text/html 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://srtb.msn.com/auction

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19084571

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

9f39e21d537a898e7d9dc42d49ea238077b7aa9bf541b0d91f4c154895d6191b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/html
Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: application/json

Response headers

date: Sat, 02 Apr 2022 13:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 63109B8B53F4407B8326FC47EC954266 Ref B: VIEEDGE3016 Ref C: 2022-04-02T13:42:59Z
vary: Origin,Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-allow-credentials: true
server-timing: total;dur=256
timing-allow-origin: https://www.msn.com

GET
H2 200 rectangle.css
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame B14E 1 KB
1 KB 19ms
13ms Stylesheet
text/css 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/rectangle.css?v=19084571
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19084571
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8864e53a89a0fa4e239b47b2118f773f563d2e215ebfaa4cf99267d8253bc6d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 02 Apr 2022 13:42:59 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: fiS6k3UUaVdZNUPIV+yPGg==
server-timing: 12
content-length: 558
x-ms-lease-status: unlocked
last-modified: Mon, 28 Mar 2022 21:00:27 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA10FDFC49BE20
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: a83e5986-701e-0064-6876-433864000000
cache-control: public, max-age=86400
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
akamai-request-id: 40b3fed7

POST
H2 200 auction Show response
srtb.msn.com/ Frame B14E 6 KB
2 KB 322ms
320ms XHR
text/html 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://srtb.msn.com/auction

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.3.js?t=19084571

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

af3408f5fcaa4ff87ebb04a2508c21e5350abdde617017cdfc2d168c9f8ad857

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/html
Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-type: application/json

Response headers

date: Sat, 02 Apr 2022 13:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 813B96E43210474697CE9B3DB4E50137 Ref B: VIEEDGE3016 Ref C: 2022-04-02T13:42:59Z
vary: Origin,Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-allow-credentials: true
server-timing: total;dur=267
timing-allow-origin: https://www.msn.com

OPTIONS
H2 200 auction
srtb.msn.com/ Frame 0
0 59ms
52ms Preflight 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srtb.msn.com/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.dc-msedge.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.msn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-origin: https://www.msn.com
access-control-max-age: 86400
content-length: 0
date: Sat, 02 Apr 2022 13:42:59 GMT
vary: Origin
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FD37A98D41634AEBAF26BD8D6D035063 Ref B: VIEEDGE3016 Ref C: 2022-04-02T13:42:59Z

OPTIONS
H2 200 auction
srtb.msn.com/ Frame 0
0 70ms
65ms Preflight 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://srtb.msn.com/auction
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.dc-msedge.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.msn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-origin: https://www.msn.com
access-control-max-age: 86400
content-length: 0
date: Sat, 02 Apr 2022 13:42:59 GMT
vary: Origin
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E507CBE2107A40E181CA7BA5B29774D5 Ref B: VIEEDGE3016 Ref C: 2022-04-02T13:42:59Z

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa19170c4abebbe4fa732bc15bc35bfee.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame 4429 6 KB
7 KB 21ms
18ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa19170c4abebbe4fa732bc15bc35bfee.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c61e537b13d8f53dff43197e49e716d13e4236d59b102f505356d3f4acc8a65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish, 1.1 varnish
fastly-original-body-size: 6548
age: 1306520
edge-cache-tag: 490303023152510352661850053758622123754,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
cache-tag: 490303023152510352661850053758622123754,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 367
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa19170c4abebbe4fa732bc15bc35bfee.jpg
content-length: 6548
x-request-id: bbcda2492fc28a5d309c609495d2085c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Fri, 18 Mar 2022 08:47:32 GMT
server: nginx
x-timer: S1648906980.818604,VS0,VE1
etag: "5bca887e896a507dcc7a9ef0dca17b0a"
x-served-by: cache-wdc5557-WDC, cache-iad-kiad7000037-IAD, cache-hhn4052-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0da8f8e012df1d5aa0562c326c06a0d0.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame 4429 5 KB
6 KB 20ms
17ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0da8f8e012df1d5aa0562c326c06a0d0.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f45f623cb7aa52cfb7b0666fc66756578eef0113df46272db08abb5e871bef93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 1485997
edge-cache-tag: 470997356815735235728611464274433273098,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
cache-tag: 470997356815735235728611464274433273098,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 335
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0da8f8e012df1d5aa0562c326c06a0d0.jpg
content-length: 5538
x-request-id: 86451a095e3a69de175b26edef9f835b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Wed, 16 Mar 2022 07:32:21 GMT
server: nginx
x-timer: S1648906980.818722,VS0,VE1
etag: "beda259cb4e26b963b86ae0f651aa856"
x-served-by: cache-bwi5022-BWI, cache-iad-kjyo7100044-IAD, cache-hhn4052-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 204 recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ Frame 4429 0
87 B 22ms
18ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__9ab636ea7cf62f4f433ad1e3acb4ad1a__%7E%7EV1%7E%7E5631548967951066625%7E%7EwYmmmEAt0NteuTTEXyhhZKOOeHrEOD-b9lIAxMfaEIbTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKV-N5r2jCbZLd-fDaaIbX_RRRy3sfoUPKj8AA89jD382ROTmuMmGsAz5HXiYX1A24hMYEBlkMfNnnx_H6WiPHMklkx72AYr7kQA516q49oIdzacjP6f6A6QqX0jstocDdj_4cokANQTaztbgc2ASjb58hbh6da_GLGpwl7TPGk2Q%2C%7E%7EV1%7E%7E-2020804352527539352%7E%7EZc9gFBP6d58D4DqczDsCKIahDT4nY2Orlj5dcho2RM0ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5v3KZnUas0Sb2xPlF_5OFwcjYa0J3comcfDnzg87-0Igy3YGzfNvtUvaFUCqanP7CQ5uPSc3khTzRU-uuRpiN0OYgB9HflmgE3RxoG-6dL9OjStSjdXeE_Uaoh03gA_kToHz4WstlZyrvjTggBjtPpmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%2Ctext&response.session=v2_a95b682506281e5530167540e3c29548_20890875BA506FB020C1190FBBB76EBB_1648906979_1648906979_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906980.818785,VS0,VE9
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3

200

B27523155.332286512;dc_pre=CM6AtJbB9fYCFRmXdwoduXcAIQ;dc_trk_aid=524524606;dc_trk_cid=168638645;ord=2022-04-02+13%3A42%3A59;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/ Frame 4429
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286512;dc_trk_aid=524524606;dc_trk_cid=168638645;ord=2022-04-02+13%3A42%3A59;dc_lat=;dc_rdid=;tag_for_child_dir...
https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286512;dc_pre=CM6AtJbB9fYCFRmXdwoduXcAIQ;dc_trk_aid=524524606;dc_trk_cid=168638645;ord=2022-04-02+13%3A42%3A59;...

14 KB
14 KB

36ms
36ms

Image
text/javascript

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286512;dc_pre=CM6AtJbB9fYCFRmXdwoduXcAIQ;dc_trk_aid=524524606;dc_trk_cid=168638645;ord=2022-04-02+13%3A42%3A59;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?;dc_ref=msn.com

Protocol

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10804
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimpj/N1659021.3744027DISPLAY-TABOOLA/B27523155.332286512;dc_pre=CM6AtJbB9fYCFRmXdwoduXcAIQ;dc_trk_aid=524524606;dc_trk_cid=168638645;ord=2022-04-02+13%3A42%3A59;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?;dc_ref=msn.com
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 served
srtb.msn.com/notify/ Frame 4429 0
121 B 54ms
51ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=swbanner&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=455f1078-3d51-41d1-b055-33d6a4d89bcc&ii=1&c=2687234735129347217;558574118423542336

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 23BEB7E9EBD241C09496BDCA4FFE2BEF Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:59Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 recommendations.notify-visible
am-api.taboola.com/2.0/json/msn-msn/ Frame 4429 0
253 B 21ms
18ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-visible?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__9ab636ea7cf62f4f433ad1e3acb4ad1a__%7E%7EV1%7E%7E5631548967951066625%7E%7EwYmmmEAt0NteuTTEXyhhZKOOeHrEOD-b9lIAxMfaEIbTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQavImGhxk0e7psNAZxHJ9RKV-N5r2jCbZLd-fDaaIbX_RRRy3sfoUPKj8AA89jD382ROTmuMmGsAz5HXiYX1A24hMYEBlkMfNnnx_H6WiPHMklkx72AYr7kQA516q49oIdzacjP6f6A6QqX0jstocDdj_4cokANQTaztbgc2ASjb58hbh6da_GLGpwl7TPGk2Q%2C%7E%7EV1%7E%7E-2020804352527539352%7E%7EZc9gFBP6d58D4DqczDsCKIahDT4nY2Orlj5dcho2RM0ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5v3KZnUas0Sb2xPlF_5OFwcjYa0J3comcfDnzg87-0Igy3YGzfNvtUvaFUCqanP7CQ5uPSc3khTzRU-uuRpiN0OYgB9HflmgE3RxoG-6dL9OjStSjdXeE_Uaoh03gA_kToHz4WstlZyrvjTggBjtPpmEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text%2Ctext&response.session=v2_a95b682506281e5530167540e3c29548_20890875BA506FB020C1190FBBB76EBB_1648906979_1648906979_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&ppb=CIAG&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906980.818918,VS0,VE8
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 viewed
srtb.msn.com/notify/ Frame 4429 0
120 B 71ms
69ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/viewed?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=swbanner&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=455f1078-3d51-41d1-b055-33d6a4d89bcc&ii=1&c=2687234735129347217;558574118423542336

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B540482FAE4D47ACADFC41521202CAB1 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:59Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 200 http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F96b1fa9ba638142e552dffb83dc521d7.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame B14E 18 KB
19 KB 17ms
13ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F96b1fa9ba638142e552dffb83dc521d7.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 38070cd671c65b67777dab96d4596dfb6a0ba794cb7164b04d264f1507c8630c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 1478434
edge-cache-tag: 465937310475010943818458096475846935999,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
cache-tag: 465937310475010943818458096475846935999,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 145
expiration: expiry-date="Sat, 19 Mar 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F96b1fa9ba638142e552dffb83dc521d7.jpg
content-length: 18838
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified: Wed, 16 Feb 2022 19:11:27 GMT
server: nginx
x-timer: S1648906980.841452,VS0,VE1
etag: "210baaf2c2ad22931bef1e5f6999f54c"
x-served-by: cache-wdc5552-WDC, cache-iad-kcgs7200088-IAD, cache-hhn4052-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 204 recommendations.notify-available
am-api.taboola.com/2.0/json/msn-msn/ Frame B14E 0
61 B 25ms
23ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__67ccbb9b8214cbf69bcc87eba76e7124__%7E%7EV1%7E%7E-3214719942711585782%7E%7Ed4Te8IguKEkHajapmvlykdr33LHS-vBD4I_NmShAyD8ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AykkJ_09a3AJ6YsgJq2qGRH4y3YGzfNvtUvaFUCqanP7CQ5uPSc3khTzRU-uuRpiN0Gb_G5BNJhadUPW9Y5hNlSuf0ur7ggkV1z23pYTO0ifBSdL_YBSPTEHDzF0p9_30zGEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_478b886e111a242b18b4a188094f1115_20890875BA506FB020C1190FBBB76EBB_1648906979_1648906979_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906980.847859,VS0,VE10
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 served
srtb.msn.com/notify/ Frame B14E 0
120 B 64ms
63ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/served?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=swrect&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=1763d6a6-a8b2-4aec-b160-781bafe19215&ii=1&c=8240185634421306009

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 42E5BDF6C419414FA796F0280D5768D2 Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:59Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

GET
H2 204 recommendations.notify-visible
am-api.taboola.com/2.0/json/msn-msn/ Frame B14E 0
288 B 23ms
22ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-api.taboola.com/2.0/json/msn-msn/recommendations.notify-visible?app.type=bidder&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__f1cfbe32114d4e1365c5ea68676b5ab6__67ccbb9b8214cbf69bcc87eba76e7124__%7E%7EV1%7E%7E-3214719942711585782%7E%7Ed4Te8IguKEkHajapmvlykdr33LHS-vBD4I_NmShAyD8ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5A0aJZaK81OLpTjzWD69AykkJ_09a3AJ6YsgJq2qGRH4y3YGzfNvtUvaFUCqanP7CQ5uPSc3khTzRU-uuRpiN0Gb_G5BNJhadUPW9Y5hNlSuf0ur7ggkV1z23pYTO0ifBSdL_YBSPTEHDzF0p9_30zGEyGt9EbEWngnq8v_iwRw7_-ydz4_t2Dfn_Gs-1XWYM__text&response.session=v2_478b886e111a242b18b4a188094f1115_20890875BA506FB020C1190FBBB76EBB_1648906979_1648906979_CNawjgYQrrs-GODN69X9wc2OJCABKAUwODib4wlAjooQSPG12QNQqOwQWABgAGi49Ovc17HappABcAA&view.external-id=b0c3dcd388514ec1aa31f0b4d15b1f0c&ppb=CEc&viperAppType=SCONMSFT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
via: 1.1 varnish
server: nginx
x-timer: S1648906980.847980,VS0,VE9
x-served-by: cache-hhn4052-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 204 viewed
srtb.msn.com/notify/ Frame B14E 0
120 B 63ms
62ms Image
image/gif 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://srtb.msn.com/notify/viewed?rid=b0c3dcd388514ec1aa31f0b4d15b1f0c&r=swrect&i=1&p=webcompar&l=en-us&d=TaboolaNetBidder&b=chrome&a=1763d6a6-a8b2-4aec-b160-781bafe19215&ii=1&c=8240185634421306009

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Apr 2022 13:42:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 178FBC5C4132444B91832F0EDE75DC2E Ref B: VIEEDGE2010 Ref C: 2022-04-02T13:42:59Z
x-cache: CONFIG_NOCACHE
content-type: image/gif
cache-control: no-cache
expires: -1

POST
H2 200 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
721 B 223ms
222ms Fetch
application/json 40.74.98.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1648906980776&w=0&anoncknm=anon
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.74.98.195 Osaka, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: af16caa85c6e56d96a260aabc559517b1bc0964a6ed7a62a143b7c94a96934bd

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Apr 2022 13:42:59 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: -803
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: P3P,Set-Cookie,time-delta-millis
content-length: 153

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 197 KB
68 KB 14ms
13ms Script
application/x-javascript 69.192.161.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/external/publishers/msn/MSNOBVideo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d02a718b81e03fdc9d73cc98732a79282579648b8f3cfbd75e616c8762f6058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:43:00 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 11:09:26 GMT
etag: "15-iTsgBCAoRpsdTgOP9/F83txBYig"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 142654a2bb3522090ad95485022640ce
timing-allow-origin: *, *
content-length: 69582

GET
H/1.1 200
OK d3d3Lm1zbi5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
463 B 63ms
13ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3Lm1zbi5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 13:43:00 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=9563
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: dab2396c0efd985bd4edc3f976d4b056
Content-Length: 16
Expires: Sat, 02 Apr 2022 16:22:23 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 26ms
16ms Image
image/gif 69.192.161.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.872789663400901
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:43:00 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Mon, 02 May 2022 13:43:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FA7C 0
741 B 11ms
10ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 02 Apr 2022 13:43:00 GMT
X-Proxy-Origin: 217.64.151.9; 217.64.151.9; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1df01d77-b403-4d93-b154-5ecd972128ec
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 2 KB
2 KB 148ms
116ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72&idx=0&rand=66152&key=NANOWDGT01&widgetJSId=VID_11&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&extid=B0C3DCD388514EC1AA31F0B4D15B1F0C&px=806&py=2925&vpd=1725&cw=612&activeTab=true&darkMode=false&settings=true&recs=true&version=2000655&sig=wha87W7I&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ref=https%3A%2F%2Ft.co%2F&ogn=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fmoney%2Fother%2Fhackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials%2Far-AAVLkH5%3Focid%3Dmsedgntp%26cvid%3Dd427c22100ba4c89b466edf055f3dc72
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d92de5a1427b45f27ca60ebaa2da89bcaeea51dabed16c028c6908a78edc85bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Sat, 02 Apr 2022 13:43:00 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
fastly-original-body-size: 0
x-timer: S1648906980.416120,VS0,VE110
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: e2c100f15bf1dc9de89cdfa1e044e818
content-encoding: gzip
content-length: 1244
x-served-by: cache-lga21975-LGA, cache-hhn4025-HHN

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 358ms
90ms Fetch
text/plain 64.202.112.31
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=71f00f147a166ec096217ca9ba004ca8_6478_1648906980483&tm=457&eT=0&widgetWidth=612&widgetHeight=304&widgetX=806&widgetY=2926&wRV=2000655&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=152&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 02 Apr 2022 13:43:00 GMT
content-encoding: gzip
X-TraceId: b74855b7cc8240daaedec1cd28c9fd91
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

POST
H2 200 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
483 B 223ms
222ms Fetch
application/json 40.74.98.195
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1648906983813&w=0&anoncknm=anon
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.5cac64af2f49f80d898d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.74.98.195 Osaka, Japan, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-HTTPAPI/2.0 /
Resource Hash: 8c47a535d228ca0ad696c5a05249adab189a7317a149f7bcef793a24124b02d8

Request headers

Referer: https://www.msn.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 02 Apr 2022 13:43:02 GMT
server: Microsoft-HTTPAPI/2.0
time-delta-millis: -808
access-control-allow-methods: POST
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: time-delta-millis
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: P3P,Set-Cookie,Connection,time-delta-millis
content-length: 153

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 11:32:01	Name: muc Value: c6b5693b-df80-4e7e-a712-d4456089c7be
.msn.com/	1969-12-31 23:59:59	Name: _EDGE_S Value: F=1
.msn.com/	1970-01-20 11:23:22	Name: _EDGE_V Value: 1
.msn.com/	1970-01-20 11:23:22	Name: MUID Value: 20890875BA506FB020C1190FBBB76EBB
www.msn.com/	1970-01-20 10:47:22	Name: MicrosoftApplicationsTelemetryDeviceId Value: d4722325-9422-4766-8295-8a50dc0cf1d3
www.msn.com/	1970-01-20 02:01:48	Name: ai_session Value: xhCucraDc6PFMSsF46H+CK\|1648906978113\|1648906978113
.scorecardresearch.com/	1970-01-20 19:18:34	Name: UID Value: 133578925d445d566cb9b5c1648906977
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: a2b62785ac724a89abf01d270dd823cf
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1648906977&co=1
.bing.com/	1970-01-20 11:23:22	Name: MUID Value: 20890875BA506FB020C1190FBBB76EBB
.c.bing.com/	1970-01-20 11:23:22	Name: SRM_B Value: 20890875BA506FB020C1190FBBB76EBB
.c.bing.com/	1970-01-20 11:23:22	Name: SRM_M Value: 20890875BA506FB020C1190FBBB76EBB
.c.msn.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.msn.com/	1970-01-20 02:01:47	Name: ANONCHK Value: 0
.yahoo.com/	1970-01-20 10:47:44	Name: A3 Value: d=AQABBOFSSGICELBxN7kQIo2eAXPTsrj-9ekFEgEBAQGkSWJSYgAAAAAA_eMAAA&S=AQAAAk3OYnM3U6IJdsx_JSUzQnM
www.msn.com/	1970-01-20 02:03:13	Name: msaoptout Value: 0
.outbrain.com/	1970-01-20 04:11:22	Name: obuid Value: 7d024e74-24d1-4950-ad73-b6daeb549b6c
.outbrain.com/	1970-01-20 04:11:22	Name: muid Value: 20890875BA506FB020C1190FBBB76EBB
.microsoft.com/	1970-01-20 10:47:22	Name: MC1 Value: GUID=2e90aa66cd9c4c65b9be3413e60e2a81&HASH=2e90&LV=202204&V=4&LU=1648906978469
.microsoft.com/	1970-01-20 02:01:48	Name: MS0 Value: fd38ca29fb56483c965ec2ff06ac5dfa
.3lift.com/	1970-01-20 04:11:22	Name: tluid Value: 826237593819805450497
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: m32WGZ77K6G6
.mgid.com/	1970-01-20 02:01:48	Name: __cf_bm Value: x4NfeQ3ceGdODK_rDmy.61.KCbk6FchXbp_axzb7B0U-1648906979-0-AZIGJgAvYENRlZxCRHcJH/W7VyqPTaDGWe4DBPE8OiXw5Ps+9+8m350fiUK+U7tMEOQ/FocKdyE7K3Wpr5jyFG0=
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:33:40	Name: bcookie Value: "v=2&f2a8ab01-5763-4b72-8241-3bdefa68a9d5"
.linkedin.com/	1970-01-20 19:27:40	Name: li_gc Value: MTswOzE2NDg5MDY5Nzg7MjswMjHr8XxBkbNKldL/jFu7/K+44R7JIAFksO6yDKyENj4NGg==
.linkedin.com/	1970-01-20 02:03:13	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2228:u=1:x=1:i=1648906978:t=1648993378:v=2:sig=AQHFGJ8Vzr4cd15JHK3CpKk6cxvpTaYH"
.adnxs.com/	1970-01-20 04:11:22	Name: uuid2 Value: 8484296133233988585
.adnxs.com/	1970-01-20 04:11:22	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E?itZ!Us!]tbP6j2F-XstGt!@D^]$ixc8
.rlcdn.com/	1970-01-20 10:47:22	Name: rlas3 Value: u2EchOn/c0Isb4Kp7PeDRdbJOxugzM0xTrdr9d3ZESY=
.rlcdn.com/	1970-01-20 03:28:10	Name: pxrc Value: COOloZIGEgUI6AcQABIGCLrqARAA
.mfadsrvr.com/	1970-01-20 19:32:58	Name: tuuid Value: 5976e585-921c-458f-bb5b-33471eda11d5
.mfadsrvr.com/	1970-01-20 19:32:58	Name: c Value: 1648906979
.mfadsrvr.com/	1970-01-20 19:32:58	Name: tuuid_lu Value: 1648906979
.agkn.com/	1970-01-20 10:47:22	Name: ab Value: 0001%3AGJiBgFzZCTldW8zWxwZPWAxSFS3Nurws
cm.mgid.com/	1970-01-20 02:44:58	Name: mg_sync Value: {"516415":1648906979}
.adsrvr.org/	1970-01-20 10:47:22	Name: TDID Value: fe617e27-a409-4c90-9cd7-b6e585d9869f
.zemanta.com/	1970-01-20 10:47:22	Name: zuid Value: bbSw_WJZfCrYdHjWCtA_
.zemanta.com/	1970-01-20 10:47:22	Name: obuid Value: KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft
.krxd.net/	1970-01-20 06:20:58	Name: _kuid_ Value: OwSK__qB
.mfadsrvr.com/	1970-01-20 19:32:58	Name: ssh Value: !outbrain,1648906979
.demdex.net/	1970-01-20 06:20:58	Name: demdex Value: 27149973444156632393730737941722166216
.outbrain.com/	1970-01-20 02:30:34	Name: apnxs Value: 8484296133233988585
.adsrvr.org/	1970-01-20 10:47:22	Name: TDCPM Value: CAEYBSABKAIyCwjYg4npra7KOhAFOAE.
.bidswitch.net/	1970-01-20 10:47:22	Name: tuuid Value: a2a5d455-4ea4-479c-9995-498bac1f0424
.bidswitch.net/	1970-01-20 10:47:22	Name: c Value: 1648906979
.bidswitch.net/	1970-01-20 10:47:22	Name: tuuid_lu Value: 1648906979
.dpm.demdex.net/	1970-01-20 06:20:58	Name: dpm Value: 27149973444156632393730737941722166216
.doubleclick.net/	1970-01-20 11:23:22	Name: IDE Value: AHWqTUkp--1pRc03PKA2gSKTOwJ4-og7YYA51U-LaVyZ63cP3WGJ-2oGvaUj0AZdiUs
.adfarm1.adition.com/	1970-01-20 04:11:22	Name: UserID1 Value: 7082001548965968022
.outbrain.com/	1970-01-20 02:30:34	Name: mdfrc Value: 5976e585-921c-458f-bb5b-33471eda11d5
.eyeota.net/	1970-01-20 02:01:47	Name: SERVERID Value: 20103~DM
.creativecdn.com/	1970-01-20 10:47:22	Name: u Value: 06WgY7DlsNYWfUHNGKbd
.creativecdn.com/	1970-01-20 10:47:22	Name: ts Value: 1648906979
.outbrain.com/	1970-01-20 02:30:34	Name: ttd Value: fe617e27-a409-4c90-9cd7-b6e585d9869f
.outbrain.com/	1970-01-20 02:30:34	Name: zmnta Value: bbSw_WJZfCrYdHjWCtA_
.exelator.com/	1970-01-20 04:54:34	Name: EE Value: "b4731e2e18c28af58fdc7529cf5b69ec"
.outbrain.com/	1970-01-20 02:30:34	Name: actvagnt Value: 7082001548965968022
.exelator.com/	1970-01-20 04:54:34	Name: ud Value: "eJxrXxzq6XKLQSHJxNzYMNUo1dAi2cgiMc3UIi0l2dzUyDI5zTTJzDI1eXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAYEl%252BUWb6IhfXxUUpaQyLSopPBe%252F%252F6gQAw94q9g%253D%253D"
.spotxchange.com/	1970-01-20 10:47:26	Name: audience Value: cf7b9c2a-b28a-11ec-a08e-18c6427b0206
.casalemedia.com/	1970-01-20 10:47:22	Name: CMID Value: YkhS4.eni4BvmTlm1ztp5QAA
.casalemedia.com/	1970-01-20 04:11:22	Name: CMPS Value: 5203
.outbrain.com/	1970-01-20 02:30:34	Name: bdswch Value: a2a5d455-4ea4-479c-9995-498bac1f0424
.outbrain.com/	1970-01-20 02:30:34	Name: rtbhs Value: 06WgY7DlsNYWfUHNGKbd
.casalemedia.com/	1970-01-20 04:11:22	Name: CMPRO Value: 1164
.casalemedia.com/	1970-01-20 02:03:13	Name: CMST Value: YkhS42JIUuMA
.exelator.com/	1970-01-20 04:54:34	Name: hsk_1600 Value: "gAAAAAQAAACSKLUv%252FSCSkQQAiKRidWlk2gBAS0o4UzVOOTY2YTJad0syeW0zM09GOTc3aFpYUDk5RVlzaXNpbVJPR04xblo0UU9TMmZPMHpsUkRoS1NVSDVmdKNoc2ukNTU3MKhkZWxpdmVyeaQ1NTcwo3ZlcgGlYm5hbWWnUzIwNE9VVKV0c2Vnc6cyOTQ0NTQ0pWJjb2RlzQZAonRzylO%252F9UI%253D"
.geistm.com/	1970-01-20 10:47:22	Name: gdpid Value: WDGNq7dLNZSZU
.pubmatic.com/	1970-01-20 02:03:13	Name: KTPCACOOKIE Value: YES
.advertising.com/	1970-01-20 10:48:49	Name: APID Value: UPcf85dc29-b28a-11ec-a661-02d682d633bc
.pubmatic.com/	1970-01-20 04:11:22	Name: SyncRTB3 Value: 1650067200%3A220
.pubmatic.com/	1970-01-20 04:11:22	Name: KADUSERCOOKIE Value: 89D6DC67-FAE3-41D5-BF3B-885B4E3CB8EB
.outbrain.com/	1970-01-20 02:30:34	Name: spotx Value: cf7b9c2a-b28a-11ec-a08e-18c6427b0206
.outbrain.com/	1970-01-20 02:30:34	Name: indxexcg Value: YkhS4-eni4BvmTlm1ztp5QAABIwAAAAB
.360yield.com/	1970-01-20 04:11:22	Name: tuuid Value: c153e6bb-303f-4dfd-84d0-962c8b0dbb31
.360yield.com/	1970-01-20 04:11:22	Name: tuuid_lu Value: 1648906979
.analytics.yahoo.com/	1970-01-20 10:47:22	Name: IDSYNC Value: "193c~243p:195n~243p"
.pubmatic.com/	1970-01-20 04:11:22	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 02:03:13	Name: pi Value: 160065:3
.pubmatic.com/	1970-01-20 04:11:22	Name: chkChromeAb67Sec Value: 2
.outbrain.com/	1970-01-20 02:30:34	Name: oath Value: UPcf85dc29-b28a-11ec-a661-02d682d633bc
.smartadserver.com/	1970-01-20 11:32:01	Name: pid Value: 7806786059367544665
.outbrain.com/	1970-01-20 02:30:34	Name: oath_display Value: y-aYxKh8pE2uF9z.SgK1jbpBSxB7AtoUO99zkjheE-~A
.outbrain.com/	1970-01-20 02:30:34	Name: improve_digital Value: c153e6bb-303f-4dfd-84d0-962c8b0dbb31
.outbrain.com/	1970-01-20 02:30:34	Name: smart Value: 7806786059367544665
.outbrain.com/	1970-01-20 02:30:34	Name: pubmatic Value: 89D6DC67-FAE3-41D5-BF3B-885B4E3CB8EB
.technoratimedia.com/	1970-01-21 21:49:46	Name: tads_uid Value: GDPR

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	info	URL: https://www.msn.com/en-us/money/other/hackers-have-found-a-clever-new-way-to-steal-your-microsoft-365-credentials/ar-AAVLkH5?ocid=msedgntp&cvid=d427c22100ba4c89b466edf055f3dc72 Message: Autofocus processing was blocked because a document already has a focused element.
network	error	URL: https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?ocid=peregrine&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&market=en-us&user=m-20890875BA506FB020C1190FBBB76EBB Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://assets.msn.com/service/msn/user?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=B0C3DCD3-8851-4EC1-AA31-F0B4D15B1F0C&ocid=Peregrine&market=en-us&user=m-20890875BA506FB020C1190FBBB76EBB&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://jac.yahoosandbox.com/0.14.0/jac.js Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://assets.msn.com/service/community/follows/?targetId=vid-ji3vgghjktfbvrge50nd5b789hf6cd0atpykg7je7c62547cgfsa&queryType=follow&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cmuidflt19cf%2Cmuidflt21cf%2Cmuidflt58cf%2Cmuidflt300cf%2Cmmxios1cf%2Cmoneyedge3cf%2Cpnehp3cf%2Cpnehz2cf%2Cstarthz3cf%2Caudexhz2cf%2Cmoneyhz1cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cprg-ndauthrf2%2Cprg-nodualauth%2Cshophp2cf%2Csagehz1cf%2Cweather5cf%2Cprg-rsum-t1%2Cprg-1sw-wlsmy3%2Cprg-1sw-c-refcnt%2Cprg-1sw-curr3%2Cprg-1sw-acp-fzy%2Cprg-1sw-cfbdg%2Cprg-1sw-sphnmsnncf%2Cprg-adspeek%2C1s-br30min%2Cbtrecrow1%2C1s-winauthservice%2C1s-winsegservice%2Cprg-1sw-grevtt%2Cprg-1sw-sphn2msn%2Cprg-hprewflyout-t%2Cwf-sunny-first%2Cmsnapp10cf%2Cprg-1sw-sphfdycf%2C1s-maps-latlongkey%2C1s-pagesegservice%2Cprg-ias%2Cprg-1sw-ms-cloud%2Cprg-1sw-mscloudn%2Cprg-ms-cloud%2Cprg-1sw-newsskip%2Cprg-1sw-l2icon%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-psovhigh1%2Cprg-1sw-splog%2Cartglyrank1cf%2Cartglyrank2cf%2Cprg-1sw-nen3di%2Cprg-1sw-pbpf1%2Cprg-1sw-accu10%2Cprg-1sw-pr2ctlal%2Cprg-wx-anmprns%2Cprg-1sw-hdukr%2Cprg-sh-adn%2Cprg-sh-synadnt%2Cprg-1sw-sp5mats%2Cprg-1s1-cryptd%2Cprg-wea-skipauth&ocid=msedgntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-20890875BA506FB020C1190FBBB76EBB Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tags.bluekai.com/site/29859?id=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=KJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://id.rlcdn.com/711945.gif?cparams=obUid%3DKJ8S5N966a2ZwK2ym33OF977hZXP99EYsisimROGN1nZ4QOS2fO0zlRDhKSUH5ft Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26.at.atwola.com
aa.agkn.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
am-api.taboola.com
api.btloader.com
api.msn.com
api.viglink.com
assets.msn.com
b1sync.zemanta.com
beacon.krxd.net
bidswitch-eu.splicky.com
browser.events.data.msn.com
btloader.com
bttrack.com
c.bing.com
c.msn.com
cdn.js7k.com
cdn.viglink.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
cpm.convergeselect.net
creativecdn.com
cs-server-s2s.yellowblue.io
cs.emxdgt.com
d2zqfs55y95cft.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
eb2.3lift.com
hbx.media.net
ib.adnxs.com
ice.360yield.com
id.geistm.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
img-s-msn-com.akamaized.net
img.img-taboola.com
jac.yahoosandbox.com
jill.fc.yahoo.com
loadus.exelator.com
login.live.com
m.adnxs.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mem.gfx.ms
odb.outbrain.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pr-bh.ybp.yahoo.com
prod-m-node-3113.ssp.yahoo.com
ps.eyeota.net
px.ads.linkedin.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.yimg.com
sb.scorecardresearch.com
service.idsync.analytics.yahoo.com
srtb.msn.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
sync-jp.im-apps.net
sync.1rx.io
sync.crwdcntrl.net
sync.hgrtb.com
sync.outbrain.com
sync.search.spotxchange.com
sync.technoratimedia.com
t.co
tag.idsync.analytics.yahoo.com
tags.bluekai.com
tcheck.outbrainimg.com
u.openx.net
ups.analytics.yahoo.com
web.ssp.yahoo.com
web.vortex.data.microsoft.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.bing.com
www.civicscience.com
www.msn.com
www138.civicscience.com
x.bidswitch.net
104.111.215.191
104.19.135.78
104.244.42.133
13.32.99.23
130.211.23.194
131.253.33.203
142.250.181.226
142.250.186.134
15.197.193.217
150.136.156.92
151.101.114.132
151.101.129.108
151.101.65.44
152.195.51.15
157.90.157.235
178.250.2.151
18.184.216.10
18.192.248.81
18.194.141.235
18.195.155.181
18.197.103.129
18.214.246.74
185.184.8.90
185.33.221.91
185.64.190.80
185.64.190.81
185.86.137.108
185.94.180.126
192.132.33.46
198.47.127.18
20.190.160.4
204.79.197.203
212.82.100.182
213.19.147.44
23.35.228.23
23.35.229.181
23.36.163.109
2600:9000:223f:8e00:f:c7b3:ce40:93a1
2600:9000:225e:e200:1b:5138:8a40:93a1
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700::6810:a20d
2620:1ec:21::14
2620:1ec:bdf::44
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1288:80:807::2
2a01:111:202c::200
2a02:26f0:3500:7::17d8:4dc9
2a05:d018:d29:3601:b883:24d:29e5:b600
3.126.56.137
3.222.216.235
34.233.224.198
34.250.51.110
34.98.64.218
35.157.246.167
35.178.150.13
35.244.174.68
37.252.172.250
40.74.98.195
40.77.226.250
44.200.208.73
50.31.142.63
52.142.114.2
52.16.213.80
52.59.41.116
54.220.157.118
54.250.154.224
54.72.202.157
54.78.254.47
54.83.246.18
64.202.112.31
69.173.151.100
69.192.160.245
69.192.161.85
76.223.111.18
77.245.57.72
85.114.159.118
99.80.176.170
01fb8855a14c95eac5b8a1f781a0c079ea3a9e657fd486b1d99712add5a554ab
04b1c47b8990805e5f7cc9c9b5cc216accf7158e713c7cc538cdfaf49d5db8d0
04f1e1c9f69347bbe7ba328d9ec45ab0f4f67a22e0e33258ca488a479d117c36
0799f48dbcb8c23f0b4de3ba07730c6a021efe64db360a0d0c4d6babbb8d9e70
07eaa9c3f5266f72943d54e147305272b415df938e585e25e832235193c3121c
0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9
0c5f627264a1de4196fa27467017de00f05a85b36b31823688069baf0d350c83
0c61e537b13d8f53dff43197e49e716d13e4236d59b102f505356d3f4acc8a65
0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
0ead1edf6e49e87ca81d844b359945dfea4779b3289286e3e18513fe50ae8119
10cf2d6611c92c88fd490bbd6c6a3b69fe0c80c3928cc038d48ce98d109a071b
1226066c8bbb387318ee8f6a7add9919daa489c59d7024a941eb189ee2e0d1da
1269ef30864de2aa809ed2f19265c71fb0c2d50256b40adfcdd0ec34c3633b8f
138f05026efb86a1336204e2af8edcb6402b0f41d62532d0e9f0dda672bf78b5
139897fcf1fdce2b33e2d0938be036e9ab3fc463a6e656bdaf5f219ad7701998
147088448b9c3197cb0447f96f7a1297b157e0be9daf3831e1356cfd8a0f31a2
1681cb2b2db935f48c843351945df3f3f77f79c1c8de28c4fa88d8b655c25ae2
19e3a90b0ba228aa92871d864d4bae3bd650a41322e63d0bcf56d631a308436b
1a97c6f1b2508ffd814247768fe9233ef157f17e4f3d23c0ee57e536cf0a6dc5
1ad981141a519fb3df78db27ceb6c987392489448d8d3011f0a19004628dfd62
1d5548774d84367ade7dd969ff4bd0c3e788445bd47d48e127ddc6d8130e684d
1dac8195bf71015f538e51575a3ce3675890c16dce42f3a83a6637092d7bafb0
1f3ce72e87dacc22ab8b64ac715a69dc05ad1d1cf0b8a39778f502329a628011
1f8e7a68ed674e016dc8bf0403059cb20494578cb7f9ee1a5f5bdb940c3f1846
207e70fe00cc725c64c13b3ab0255e227e196dbd38846731d9bf36df5a2789b4
2226479588931c475132ca831f2ec435e5bd97cc10583ce427633d110e96be2b
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
244491ccbf502178b3ce05f2e74c41aca36168fd3c744a294756b530d36f9c3c
24dbe7fc0b738f2f19e4dfc184a425e45e5addb3e6f980b66555c1620bc4a6c0
253a8b0121ff6a85212da6d8b733d4bb510d5b69d3d766762e04cd1a819ab9db
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26a621a1e1f8298b87bbbf5946f4517a104ca51267d098cc8e29fa02e3361872
2bdefd42be2431a3cc7a504e425366560be3a86ef8f85ef1f94b8d718dc09fc4
2cad4e1d97b0c13e50f1a741c96d6fda8e7908afe66eb23ce73059869afe5dbb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
313c05541bb5638b81b6839bf965bb523a81045ef6798e1b7e95438dbe1ec095
32e8e8dbe67db7d8317c4a05c0d5d9874994cda6e0778808130f45d42193690b
3659bc4ae6fa9dbba50be28b28d7bd9ea6ef9ed81e9ca1b9102ff7bd5690e85e
3759610afcc9cd25f3a48273e041e347fe076542f81279b7b0bb9cdd2bdfe535
37d3bbf8dd241c04515a4d2fdafae36eca0f33d6bf1fbd95ba94e9ab1df22677
38070cd671c65b67777dab96d4596dfb6a0ba794cb7164b04d264f1507c8630c
3b75085f340c1918b5255509378c0a49baf27c6bab1563819637803ca119d7d1
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c4f901bc8de3a31ca9d3620c31ca5fafd927a2aab575a77194786bd62ab21ca
3c8c39a8770f455c29bed4a0061a6d0799a4504288c2c36ab57e8dfe7232623a
3d108ffef6e8b8adf05fa7720e109ee115a1651075705c724aca770d2814b392
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8922397c7f9f79ffa777dd19010d03d1e4814477a45d22701dd7e64f3cee81
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef12983f639e92c4c9e65d0cb90cc3e448e651f47a6b129034ea3208aa0d087
42af4292bb09633817c85b33be1c3237d36c620e2e003ebd9d69196ad00eac0b
42e0e958450a5223e3fa0c3802fe892d419523fc520529a728756915d2856a6d
441b6f49858ec289fff6c29ab29d179596019169e3a2ea78d384648e0c3baa76
44888dbc834fb18e3bdd3d873b81bc16407059d88c990b89c476b392dec48a6c
44b3dc23ae67f31d509c96054480446261a3efc1a401f1142925b5c24d9d4c6e
45b144a3488cd41b351d5bd7966ae78651bbcfe168a1eb6856ecfe86664000d9
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4a4a515c111dd870edbb81a16997a84970ed442418c3bb9862aef58f64dcf5db
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba5146eb33e639576b0befa39a523230a21b504b6a68f57bb1a32ea9b514c23
4c18345ab7ae64bfeceec84c8265bd7248046765934615f57f46f93686f755a5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef054ca14dd341e7cdbc5eff1aaa1f8043afa1ae223408100536770073fe864
4f73b1bce34df24e144885f281670feb99af0983d666810d309ac36bf0b1456d
5070b023d7608161235140a46e0e88a7bed3a9220374b36f9110a7d73e037196
51eaaad8222258175cfc18d73f7de6b19ebe67ac978720ae65f8abbc8b6c9077
5647d6e4fe65dadc8621ea2af7af33e586f7badd85f252d6132903cd0da80889
577d49bac687fa3af020ab793c90e7e5a6984b629217399b6aa22215194e5c73
58effe6d65ad7f3a507140d5dac108bcead9e8fadb4ba495567356276d242614
593b01fc7d9ca8d073ed396b7315dac8005413bd547b3a7bbdb33f3634986b5c
5cbd29a55518869a650127924a161c638c05611e713c649e35c07d03d577fac9
5ce0b2321b837220dee1771c725edc58e96fb800bfc2155a1b2f45a189a6fcbe
5d43b6a723d79ac626c72f04380ed9df8140b08bbd4184cf50299c051d2f93a4
5d94b8b98eb1e31150afcc8ca3438f67fefa77271ebd8ddfeabea26adb4f38d1
5de753670b70aa985276277a94539389f9365cb2023435ab5866eafca1ab2b95
612536c784a4f93e935879bb68c6508d30b783407214239e3fdad3a046c2f41b
6162eda216052f177c8686d214a0830018736d80be4a8e023021106daaf91a9a
628148539d801d34a49a7f7997e17b633b96fe68f2f095dc6293d8fe0f54d9c7
62fab6266a1f0a3b62122b1098c1633e6b5757afb3ede43d238234b14f06940d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6a22f24d0aa8f8dba9c63b901d939a05456fe33d52b0bd887518e0dc37685015
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bc954c55ae410250c9e13e7139ce04a257270da79f438bcc8cd396b96fa00cc
6c4fa375c592b5248cfcc640fb6040d02ee43eb9e1b821419d284a4e3995a8ac
6d02a718b81e03fdc9d73cc98732a79282579648b8f3cfbd75e616c8762f6058
6d3380857d4a4b0fa3970ebc344ce81d5d6831223cb27f77bbd7a8918a26aab6
6e12f10584a36229a2dead8dba4d96a02554fb575a2c371f79af307bd7889a0c
6ea15ce50030095c00cd5861862b133f821dca77413bb2ee7d740bab42894ffb
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
73c20215164f06634292ae0314a05afd2ae6f8f357a3321fa70334172ac762ed
73df147cea3436152d5dbbed0e48f6255e90bc895c6d01a1795d978c0460691d
7784b03179b61638d0ba91b33f2dfa2a84b6d4af016942e80ac0a469a61b1825
782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d
7b1f017f036293d55ef38b4a220eb2e0b7fc0a0a17be0a7e99113761d3fe9c98
7d947ee8e02802f10c1a27907a528aef68102256f25611e1b30b51e6c4dfac33
7e8497aab751cdec06c166e9d6c57d5eb5c0fe5643fc2e27fd1ddee280760457
83b46925b25c211de53c1a88ffba5d51982d3a60f36c129a7ec38d1b400b22a3
88379fda00aa8b09cac35f1fc3cbdc6f6bf0ab56b44b0ea562267a770f8905ea
8864e53a89a0fa4e239b47b2118f773f563d2e215ebfaa4cf99267d8253bc6d6
88f6dc09d34855b593846049b0096cf4b525f4840fc3666d96864aa823d6638c
8be4fc7c93f250e46d1f811976f75983a4f6ac552dad3a821f4c4fab6ef3663c
8c47a535d228ca0ad696c5a05249adab189a7317a149f7bcef793a24124b02d8
8fb2f738870e714b0d9fc01dcbf3770271ded49cb0e7b0f1410ad44999fa31c8
901a381a532d64712970ae6d21bf80742c1a8088e7bd9f6eb551ebf8d812a390
92226e8ad309fdd66a14c9d0ca5f85cf7c60347e01db04c33eb6f1d6c6b0a5f8
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
96e7d7c4e2eeb847b78c9ee5236ba68d2105c70ebe2184f1ecd72e5062bcacef
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
997449c9eb2b80cc876bad6762c49fe81549bbf87c1a914b8279bd5b9beef813
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b8d0503fe1e1635bce8c42f41cd687618f1926a76b03aab41c464f83771755b
9decaed7b6fc585db3154f96a62b530cdf2fc975f5bbbe2dbbd0f2929e72a121
9e685a481050084addb59ca2727fef53137b1ce96e9d73dbdb58f14a82a50614
9f39e21d537a898e7d9dc42d49ea238077b7aa9bf541b0d91f4c154895d6191b
a0f97c4b22c1bf75ca37f4bba2d8727e7a594f95f18338ef0bd09c770d76e4b4
a204b63326e1b81145f5102bd4e0ef017423efa151aa278dc92ad5508d577849
a3258c8de2537d9554a16976aa366b9cc9dfde1ba464ce9a9a500c20b0ad4301
a35e648069e6bc72b36f39e93c87517ae7f0f9c4e9c3db76845de75558a9ad5b
a4b2cf6785131aac799f2faf2bdacbf2990e1f25791fffd13585afa2e4bddef1
a4cd674e88165dbf2ee6d51d5499070cca16a29548b874758f5e15895baf5643
a6da60b373fcaf6cd61842f49955c20e24ace2e65e8b6c7a5339bb72951b6ee9
a71f035deaac5569bf29f78ed9e30d0f9f37aecce24f5290fb00f07d02092679
a795b260ee6de68d124410b7912d1a6bdc1bc1e7e96bf5df13b68dcc9a994bf0
a89d7be30eb4c563639c892b204bad691b41b277e010daa4ca96591cb2e22bbd
a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae85b6854d8135e34db94b3e33099769c273c040963120e0724e6062ad360bdb
aed94dbd0b0aa5fd69d0234d68e21b189b5b80d611e40d838ad280ec9539a9ce
af16caa85c6e56d96a260aabc559517b1bc0964a6ed7a62a143b7c94a96934bd
af3408f5fcaa4ff87ebb04a2508c21e5350abdde617017cdfc2d168c9f8ad857
b03169a6a850e23b5a2c4d33ba7a4cad2c4a9b218658c2ea69b93b2b7b9f926b
b1ada6f833286622bd3fd80f0c08db2d895582fbc1b32d33aa5f759f5bca6559
b2b321266df13defea65ffc339667fa6c0a2964abae3af3addc3931617a85d74
b4689355722d93735b3fbd419f6a068a785f7345326b1d203339f3c05c68965b
b48f2def77b84b755922137b3d66ff03e57fe33e409802f997f290ef61f2faf2
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b8cc3e13cd4a719c5d068a0a79c6c8a4aedb7f8d7e022bb2753d20c9f810db3d
b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be489cc125e404d8948226ddb5123eb4c17b7d4d59fd95715c9a21928e435d64
bff453614d54cbe1b3785fa5845014965bdeaae1b76a1a322d47db53652a6b83
c531032b81f1a3d2555e96f9b2d2b526558c54d139cd860dc45a98dcd7d9d4ef
c5761e0c41730ca1366f7cd0eaf3937fee6572bb27cccfc8eb9640ed42b9e94d
c5ea0bd5599a5131cec0b19ec3d7f7a983ac381d16c0e86093bfed51c2433bf1
c6d265d46dcdf7a48f2f70a78c7af6b7970e078a2af4b7c3dd9e8ca5a9efb3b9
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c81ecf2ba711de85ddc66ab010a2e1cb0374ecca2daa69257bb637ff0fadca21
c83ec98b99c73cdb0e974ed35e079e22d48347e20271057ddbca123a5186b3a0
ca32f8df67ee98ccfa4f0c9bb012b8d851c1e76b2a793e439ba616375b199511
ca6ae1c857133ec713154961692df89f64a2114461ebe972a82c06404f71ed4d
ca7ee6d75a89f45f4573c35b27a39596e1f63a48fe74b21993ea8ec8e86ffdd0
ce161964a3bf674374a21bcd3544e3504331ac97f71df4a0d2c68c25b6c9427c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7e2f919b327ec140ffc96f7f8182ba6e17569b7afdab5a320073eb1730843d
d1ab4c233328de4dff75c278204a647ee2cc94d9e302ee923d365777dc4b0e91
d2cbcbc61b5ef156bde4d9da6eabe95ab11c83c0c24f9736c9a14cdf2917adde
d315fa85ab77a755b2b573010b3dc4b268945ced696b0495a95712132c30757c
d5f645227c51a6e4d711befe18f139271389054428914a4206bd5590bff60a42
d92de5a1427b45f27ca60ebaa2da89bcaeea51dabed16c028c6908a78edc85bb
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da59c103715348800c5954e765cc997eef7d30b52214147cfce5a954aa85161a
e0548ca9881f20d20bbd4833178af6ef50db0b65f9733d3a95f08d0caf06e00a
e085568548a9430ca0e94d958ba3213fae9258d37b96043ce1a1be16a3c4675f
e17363169bcf25587a6451a2fc5cbabe8acc31f40269636708b0ed2e59156eb9
e34dc4daf668ce0135325c0058371ca23d7dfe42f0bc17a34a9e24e4e45b8bfe
e36d500a8ea83c2e2d68d26b3bdb2592f9273ee52d59a2918252b00215b235a2
e38cef45a69ad24195b10c006b6e30697f6316d847e039d623a75307b566380e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74
e5c8c7c12792df49953707fe5cb50ecaafd06fd1a7d45f46058993105b8c994e
e6b3a501b1aff8f42773f774ad81c7d96e76c628a7b2a4a3c244ca34a9ea011c
e6d04adc7874e5fd333e9135f94cbb696826e4f3ea38d57ef4bc9d646b72f0ab
eb13db5a7b283a02b069ec04f86dc4be3e64ee7dccc8d4d9fb9a5129c9a642d9
eb1a6b8c2beb495046dae0e5722e319786ab78d9a5d75b00dfa1050cbea829b8
eb77e4c3863212baf3ce3feb6948435f3a0cf8cceaa96ac5204b5b3bf45814c1
ed225e4be6f55848d0d089d9f3cef1eb17ff940aea865db1c6a02d8b514ad13a
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5f941cfc489a5371899b2c68b585468f1ad5412516865322783ea1bbfbfdb7
f17562f7f8ed57acfc1f1071044483dbc4cd7f1db718fd5626c31bd5dbf57c21
f20924f569ec18c3a49311d73bf41cc907c4a56ffd96cc61987ac158ac8e7c75
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f40ed2fb1a7c171b65c6a8a09f182f299fb0b36ed568be920e1235d527da33c1
f45f623cb7aa52cfb7b0666fc66756578eef0113df46272db08abb5e871bef93
f514062ec9d77fd8bfe5574f5c5a08d9de94300c644555f7228a37f72343bbc7
f6219c5f24eae977c80441d4cbe1bccc947998abb24cb7a9db574f808f3f3d1e
f67b40073ad493421bbdbc9af6dd9589b3797afd0e28e63dc7c5082e7298d8fe
f8d2dbcc40d35f77cd6110eedcbb17c88ce82c416bdee58247ceab53ff99c8a7

www.msn.com Open in urlscan Pro 131.253.33.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

309 Requests

91 %HTTPS

16 %IPv6

62 Domains

88 Subdomains

62 IPs

8 Countries

3483 kBTransfer

9912 kBSize

87 Cookies

10 Outgoing links

Page URL History

Redirected requests

309 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.msn.com Open in urlscan Pro
131.253.33.203 Public Scan

Screenshot
Live screenshot

Full Image

309
Requests

91 %
HTTPS

16 %
IPv6

62
Domains

88
Subdomains

62
IPs

8
Countries

3483 kB
Transfer

9912 kB
Size

87
Cookies

309 HTTP transactions
6 data transactions