urlscan.io logo urlscan.io
SecurityTrails logo

www.msn.com Open in urlscan Pro
204.79.197.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?...
Effective URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardi...
Submission Tags: falconsandbox
Submission: On October 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 62 IPs in 5 countries across 62 domains to perform 329 HTTP transactions. The main IP is 204.79.197.203, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.msn.com.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 22nd 2021. Valid for: a year.
This is the only time www.msn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 204.79.197.203 8068 (MICROSOFT...)
7 2.16.186.42 20940 (AKAMAI-ASN1)
11 87.248.118.22 203220 (YAHOO-DEB)
1 152.199.19.160 15133 (EDGECAST)
8 40.77.226.250 8075 (MICROSOFT...)
2 2.18.232.6 16625 (AKAMAI-AS)
2 152.195.51.15 15133 (EDGECAST)
2 212.82.100.182 34010 (YAHOO-IRD)
2 2 20.190.160.129 8075 (MICROSOFT...)
4 3.126.56.137 16509 (AMAZON-02)
4 10 37.252.172.250 29990 (ASN-APPNEX)
7 2.18.232.130 16625 (AKAMAI-AS)
93 2.16.186.9 20940 (AKAMAI-ASN1)
1 38 204.79.197.200 8068 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
1 2 13.35.253.42 16509 (AMAZON-02)
3 2.16.186.16 20940 (AKAMAI-ASN1)
1 20.50.102.62 8075 (MICROSOFT...)
1 2.16.186.40 20940 (AKAMAI-ASN1)
2 35.157.246.167 16509 (AMAZON-02)
5 37.252.173.27 29990 (ASN-APPNEX)
2 18.194.68.138 16509 (AMAZON-02)
1 142.250.185.198 15169 (GOOGLE)
1 2 34.255.139.130 16509 (AMAZON-02)
1 34.240.165.104 16509 (AMAZON-02)
2 2 85.114.159.118 24961 (MYLOC-AS ...)
1 34.98.67.61 15169 (GOOGLE)
5 185.33.220.241 29990 (ASN-APPNEX)
13 172.217.23.102 15169 (GOOGLE)
9 142.250.181.226 15169 (GOOGLE)
9 142.250.181.225 15169 (GOOGLE)
1 6 142.250.184.226 15169 (GOOGLE)
3 143.204.209.62 16509 (AMAZON-02)
2 34.95.69.49 15169 (GOOGLE)
2 142.250.186.130 15169 (GOOGLE)
2 216.58.212.162 15169 (GOOGLE)
5 3.219.181.211 14618 (AMAZON-AES)
4 142.250.186.34 15169 (GOOGLE)
2 142.250.185.129 15169 (GOOGLE)
2 8 13.248.245.213 ()
2 151.101.129.44 ()
2 2.18.234.190 ()
1 13.32.29.33 ()
1 2 142.250.185.132 ()
5 12 70.42.32.63 ()
2 3 76.223.111.131 ()
3 7 142.250.185.226 ()
1 108.174.11.69 ()
1 1 212.82.100.176 ()
4 5 18.157.70.90 ()
1 2 209.54.177.54 ()
1 1 46.228.164.11 ()
2 3 35.244.174.68 ()
1 104.111.215.191 ()
1 2 54.171.219.200 ()
1 54.77.171.193 ()
1 3.127.52.31 ()
1 1 193.0.160.129 ()
1 178.250.2.151 ()
2 3 213.19.147.45 ()
1 3.222.216.235 ()
1 34.253.111.115 ()
1 91.228.74.133 ()
2 2 18.194.125.59 ()
1 174.137.133.49 ()
1 3.124.175.167 ()
1 185.255.84.152 ()
329 62
7    204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net
www.msn.com
srtb.msn.com
7    2.16.186.42 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-42.deploy.static.akamaitechnologies.com
static-entertainment-neu-s-msn-com.akamaized.net
11    87.248.118.22 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
PTR: e1.ycpi.vip.deb.yahoo.com
jill.fc.yahoo.com
jac.yahoosandbox.com
26.at.atwola.com
cdn.js7k.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
8    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.msn.com
2    2.18.232.6 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-6.deploy.static.akamaitechnologies.com
confiant.msn.com
2    152.195.51.15 (United States)

ASN15133 (EDGECAST, US)
tag.idsync.analytics.yahoo.com
2    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
2    20.190.160.129 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
service.idsync.analytics.yahoo.com
10    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
7    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
cdn.adnxs.com
acdn.adnxs-simple.com
93    2.16.186.9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-9.deploy.static.akamaitechnologies.com
static-global-s-msn-com.akamaized.net
38    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
www.bing.com
c.bing.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.msn.com
2    13.35.253.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-42.fra6.r.cloudfront.net
sb.scorecardresearch.com
3    2.16.186.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-16.deploy.static.akamaitechnologies.com
img-s-msn-com.akamaized.net
1    20.50.102.62 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
arc.msn.com
1    2.16.186.40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com
img-prod-cms-rt-microsoft-com.akamaized.net
2    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
web.ssp.yahoo.com
5    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
2    18.194.68.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-68-138.eu-central-1.compute.amazonaws.com
prod-m-node-3113.ssp.advertising.com
1    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ad.doubleclick.net
2    34.255.139.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-139-130.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    34.240.165.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-165-104.eu-west-1.compute.amazonaws.com
d.lemonpi.io
2    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
5    185.33.220.241 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ams1-ib.adnxs.com
13    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net
s0.2mdn.net
9    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
9    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
tpc.googlesyndication.com
6    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
3    143.204.209.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-62.fra53.r.cloudfront.net
static.adsafeprotected.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googletagservices.com
2    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
googleads4.g.doubleclick.net
5    3.219.181.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-181-211.compute-1.amazonaws.com
dt.adsafeprotected.com
4    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
adservice.google.com
googleads.g.doubleclick.net
2    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
8    13.248.245.213 (None, )

ASN- ()
eb2.3lift.com
2    151.101.129.44 (None, )

ASN- ()
cdn.taboola.com
api.taboola.com
2    2.18.234.190 (None, )

ASN- ()
widgets.outbrain.com
1    13.32.29.33 (None, )

ASN- ()
ib.3lift.com
2    142.250.185.132 (None, )

ASN- ()
www.google.com
12    70.42.32.63 (None, )

ASN- ()
sync.outbrain.com
b1sync.zemanta.com
3    76.223.111.131 (None, )

ASN- ()
match.adsrvr.org
7    142.250.185.226 (None, )

ASN- ()
cm.g.doubleclick.net
1    108.174.11.69 (None, )

ASN- ()
px.ads.linkedin.com
1    212.82.100.176 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
5    18.157.70.90 (None, )

ASN- ()
x.bidswitch.net
2    209.54.177.54 (None, )

ASN- ()
s.amazon-adsystem.com
1    46.228.164.11 (None, )

ASN- ()
ad.turn.com
3    35.244.174.68 (None, )

ASN- ()
idsync.rlcdn.com
1    104.111.215.191 (None, )

ASN- ()
tags.bluekai.com
2    54.171.219.200 (None, )

ASN- ()
dpm.demdex.net
1    54.77.171.193 (None, )

ASN- ()
beacon.krxd.net
1    3.127.52.31 (None, )

ASN- ()
aa.agkn.com
1    193.0.160.129 (None, )

ASN- ()
p.rfihub.com
1    178.250.2.151 (None, )

ASN- ()
dis.criteo.com
3    213.19.147.45 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    3.222.216.235 (None, )

ASN- ()
id.geistm.com
1    34.253.111.115 (None, )

ASN- ()
sync.crwdcntrl.net
1    91.228.74.133 (None, )

ASN- ()
cms.quantserve.com
2    18.194.125.59 (None, )

ASN- ()
pm.w55c.net
1    174.137.133.49 (None, )

ASN- ()
dsp.adkernel.com
1    3.124.175.167 (None, )

ASN- ()
match.sharethrough.com
1    185.255.84.152 (None, )

ASN- ()
visitor.omnitagjs.com
Apex Domain
Subdomains		 Transfer
104 akamaized.net
static-entertainment-neu-s-msn-com.akamaized.net
static-global-s-msn-com.akamaized.net
img-s-msn-com.akamaized.net
img-prod-cms-rt-microsoft-com.akamaized.net
842 KB
38 bing.com
www.bing.com
c.bing.com
301 KB
26 adnxs.com
ib.adnxs.com
acdn.adnxs.com
fra1-ib.adnxs.com
cdn.adnxs.com
ams1-ib.adnxs.com
152 KB
20 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
180 KB
20 msn.com
www.msn.com
web.vortex.data.msn.com
confiant.msn.com
c.msn.com
arc.msn.com
srtb.msn.com Failed
315 KB
18 doubleclick.net
ad.doubleclick.net
securepubads.g.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
194 KB
14 yahoo.com
jill.fc.yahoo.com
tag.idsync.analytics.yahoo.com
cms.analytics.yahoo.com
service.idsync.analytics.yahoo.com
web.ssp.yahoo.com
pr-bh.ybp.yahoo.com
24 KB
13 2mdn.net
s0.2mdn.net
121 KB
10 adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
96 KB
9 3lift.com
eb2.3lift.com
ib.3lift.com
4 KB
8 outbrain.com
widgets.outbrain.com
sync.outbrain.com
10 KB
6 zemanta.com
b1sync.zemanta.com
3 KB
5 bidswitch.net
x.bidswitch.net
2 KB
4 google.com
adservice.google.com
www.google.com
2 KB
4 yahoosandbox.com
jac.yahoosandbox.com
141 KB
3 rlcdn.com
idsync.rlcdn.com
1 KB
3 adsrvr.org
match.adsrvr.org
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 1rx.io
sync.1rx.io
743 B
2 demdex.net
dpm.demdex.net
2 KB
2 amazon-adsystem.com
s.amazon-adsystem.com
704 B
2 taboola.com
cdn.taboola.com
api.taboola.com
2 KB
2 googletagservices.com
www.googletagservices.com
75 KB
2 clean.gg
i.clean.gg
104 B
2 adition.com
dsp.adfarm1.adition.com
928 B
2 js7k.com
cdn.js7k.com
154 KB
2 advertising.com
prod-m-node-3113.ssp.advertising.com
pixel.advertising.com Failed
351 B
2 atwola.com
26.at.atwola.com
365 B
2 scorecardresearch.com
sb.scorecardresearch.com
1 KB
2 live.com
login.live.com
2 KB
1 omnitagjs.com
visitor.omnitagjs.com
235 B
1 sharethrough.com
match.sharethrough.com
263 B
1 adkernel.com
dsp.adkernel.com
233 B
1 quantserve.com
cms.quantserve.com
463 B
1 crwdcntrl.net
sync.crwdcntrl.net
269 B
1 geistm.com
id.geistm.com
158 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
395 B
1 criteo.com
dis.criteo.com
334 B
1 rfihub.com
p.rfihub.com
781 B
1 agkn.com
aa.agkn.com
347 B
1 krxd.net
beacon.krxd.net
338 B
1 bluekai.com
tags.bluekai.com
647 B
1 turn.com
ad.turn.com
412 B
1 linkedin.com
px.ads.linkedin.com Failed
677 B
1 adnxs-simple.com
acdn.adnxs-simple.com
40 KB
1 mookie1.com
odr.mookie1.com
608 B
1 lemonpi.io
d.lemonpi.io
517 B
1 aspnetcdn.com
ajax.aspnetcdn.com
32 KB
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 smaato.net Failed
s.ad.smaato.net Failed
0 360yield.com Failed
ice.360yield.com Failed
0 emxdgt.com Failed
cs.emxdgt.com Failed
0 hgrtb.com Failed
sync.hgrtb.com Failed
0 openx.net Failed
u.openx.net Failed
0 pubmatic.com Failed
image8.pubmatic.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 exelator.com Failed
loadus.exelator.com Failed
0 bttrack.com Failed
bttrack.com Failed
0 rubiconproject.com Failed
pixel-us-east.rubiconproject.com Failed
0 everesttech.net Failed
sync-tm.everesttech.net Failed
0 powerlinks.com Failed
px.powerlinks.com Failed
0 im-apps.net Failed
sync-jp.im-apps.net Failed
329 62
Domain Requested by
93 static-global-s-msn-com.akamaized.net www.msn.com
static-global-s-msn-com.akamaized.net
36 www.bing.com www.msn.com
static-global-s-msn-com.akamaized.net
13 s0.2mdn.net www.msn.com
s0.2mdn.net
10 ib.adnxs.com 4 redirects acdn.adnxs.com
9 tpc.googlesyndication.com www.msn.com
tpc.googlesyndication.com
acdn.adnxs-simple.com
539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
9 pagead2.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
www.msn.com
securepubads.g.doubleclick.net
www.googletagservices.com
539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
8 eb2.3lift.com 2 redirects ib.3lift.com
eb2.3lift.com
8 web.vortex.data.msn.com www.msn.com
static-global-s-msn-com.akamaized.net
7 cm.g.doubleclick.net 3 redirects eb2.3lift.com
539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
7 static-entertainment-neu-s-msn-com.akamaized.net www.msn.com
static-entertainment-neu-s-msn-com.akamaized.net
6 b1sync.zemanta.com 5 redirects
6 sync.outbrain.com widgets.outbrain.com
6 securepubads.g.doubleclick.net 1 redirects www.msn.com
acdn.adnxs-simple.com
securepubads.g.doubleclick.net
6 www.msn.com www.msn.com
static-global-s-msn-com.akamaized.net
5 x.bidswitch.net 4 redirects eb2.3lift.com
5 dt.adsafeprotected.com www.msn.com
5 ams1-ib.adnxs.com web.ssp.yahoo.com
ams1-ib.adnxs.com
cdn.adnxs.com
5 fra1-ib.adnxs.com web.ssp.yahoo.com
fra1-ib.adnxs.com
cdn.adnxs.com
4 acdn.adnxs.com www.msn.com
static-global-s-msn-com.akamaized.net
4 service.idsync.analytics.yahoo.com tag.idsync.analytics.yahoo.com
web.ssp.yahoo.com
4 jac.yahoosandbox.com jill.fc.yahoo.com
jac.yahoosandbox.com
3 idsync.rlcdn.com 2 redirects widgets.outbrain.com
3 match.adsrvr.org 2 redirects eb2.3lift.com
3 static.adsafeprotected.com pixel.adsafeprotected.com
www.msn.com
3 img-s-msn-com.akamaized.net www.msn.com
3 jill.fc.yahoo.com www.msn.com
jac.yahoosandbox.com
2 pm.w55c.net 2 redirects
2 sync.1rx.io 2 redirects widgets.outbrain.com
2 dpm.demdex.net 1 redirects widgets.outbrain.com
2 googleads.g.doubleclick.net 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
2 s.amazon-adsystem.com 1 redirects eb2.3lift.com
2 www.google.com 1 redirects acdn.adnxs-simple.com
2 widgets.outbrain.com static-global-s-msn-com.akamaized.net
widgets.outbrain.com
2 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com acdn.adnxs-simple.com
2 adservice.google.com acdn.adnxs-simple.com
2 googleads4.g.doubleclick.net www.msn.com
2 www.googletagservices.com s0.2mdn.net
539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
2 i.clean.gg acdn.adnxs-simple.com
2 cdn.adnxs.com fra1-ib.adnxs.com
ams1-ib.adnxs.com
2 dsp.adfarm1.adition.com 2 redirects
2 pixel.adsafeprotected.com 1 redirects fra1-ib.adnxs.com
2 cdn.js7k.com web.ssp.yahoo.com
2 prod-m-node-3113.ssp.advertising.com web.ssp.yahoo.com
2 26.at.atwola.com www.msn.com
2 web.ssp.yahoo.com www.msn.com
2 sb.scorecardresearch.com 1 redirects www.msn.com
2 c.bing.com 1 redirects eb2.3lift.com
2 c.msn.com 1 redirects www.msn.com
2 login.live.com 2 redirects
2 cms.analytics.yahoo.com
2 tag.idsync.analytics.yahoo.com jac.yahoosandbox.com
2 confiant.msn.com www.msn.com
static-global-s-msn-com.akamaized.net
1 srtb.msn.com static-global-s-msn-com.akamaized.net
1 visitor.omnitagjs.com
1 match.sharethrough.com
1 dsp.adkernel.com 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
1 cms.quantserve.com 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
1 sync.crwdcntrl.net widgets.outbrain.com
1 id.geistm.com widgets.outbrain.com
1 sync.targeting.unrulymedia.com widgets.outbrain.com
1 dis.criteo.com widgets.outbrain.com
1 p.rfihub.com 1 redirects
1 aa.agkn.com widgets.outbrain.com
1 beacon.krxd.net widgets.outbrain.com
1 tags.bluekai.com widgets.outbrain.com
1 ad.turn.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 api.taboola.com cdn.taboola.com
1 ib.3lift.com static-global-s-msn-com.akamaized.net
1 cdn.taboola.com static-global-s-msn-com.akamaized.net
1 px.ads.linkedin.com eb2.3lift.com
1 acdn.adnxs-simple.com ams1-ib.adnxs.com
1 odr.mookie1.com www.msn.com
1 d.lemonpi.io fra1-ib.adnxs.com
1 ad.doubleclick.net fra1-ib.adnxs.com
1 img-prod-cms-rt-microsoft-com.akamaized.net www.msn.com
1 arc.msn.com www.msn.com
1 ajax.aspnetcdn.com www.msn.com
0 sync.srv.stackadapt.com Failed 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
0 s.ad.smaato.net Failed widgets.outbrain.com
0 ice.360yield.com Failed widgets.outbrain.com
0 cs.emxdgt.com Failed widgets.outbrain.com
0 sync.hgrtb.com Failed widgets.outbrain.com
0 pixel.advertising.com Failed widgets.outbrain.com
0 u.openx.net Failed widgets.outbrain.com
0 image8.pubmatic.com Failed widgets.outbrain.com
0 sync.search.spotxchange.com Failed widgets.outbrain.com
0 loadus.exelator.com Failed widgets.outbrain.com
0 bttrack.com Failed widgets.outbrain.com
0 pixel-us-east.rubiconproject.com Failed widgets.outbrain.com
0 sync-tm.everesttech.net Failed widgets.outbrain.com
0 px.powerlinks.com Failed widgets.outbrain.com
0 sync-jp.im-apps.net Failed widgets.outbrain.com
329 93
Subject Issuer Validity Valid
*.msn.com
Microsoft RSA TLS CA 01		 2021-09-22 -
2022-09-22		 a year crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
secure.ace.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-05-27 -
2021-11-17		 6 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2020-11-16 -
2021-11-10		 a year crt.sh
web.vortex.data.msn.com
Microsoft Azure TLS Issuing CA 05		 2021-07-11 -
2022-07-06		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
*.idsync.analytics.yahoo.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-02		 a year crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-09-30 -
2022-03-30		 6 months crt.sh
c.msn.com
Microsoft Azure TLS Issuing CA 02		 2021-06-27 -
2022-06-22		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
arc.msn.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-07-06		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-30 -
2022-02-23		 6 months crt.sh
jp.techcrunch.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-30 -
2021-12-01		 3 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-06 -
2021-10-27		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.lemonpi.io
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2021-08-25 -
2021-11-23		 3 months crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-08-29		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-09-16 -
2022-03-16		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.targeting.unrulymedia.com
DigiCert SHA2 Secure Server CA		 2020-05-04 -
2022-05-09		 2 years crt.sh
*.geistm.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh

This page contains 22 frames:

Primary Page: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Frame ID: C789E53AF311E806982FCF2BBCE5CCBC
Requests: 187 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Frame ID: 16CB169442966FAC35CD5369898D75DC
Requests: 2 HTTP requests in this frame

Frame: https://www.msn.com/en-us/lifestyle/secure/silentpassport?secure=true&lc=1033
Frame ID: EEDC145C3E25508299B96DEBCA829BFA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B6CCA4EFF77FF01D2F389294792E74DA
Requests: 2 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.7.2/jac.js
Frame ID: ED399B3E4C3E188D3A62D6FCCD31FF14
Requests: 23 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.7.2/jac.js
Frame ID: 82ED6D78896C4241B14CE994E5FE7373
Requests: 25 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=280&pub_id=43801
Frame ID: 68C94E27C3BBD1C8E4C91EEB24ACA077
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D348D115BC9315D7A86BC035A2934A42
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Frame ID: D2586404447742453FDDEE0D1B82024A
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 4C6B72BA8416844D79887A527E54CF8E
Requests: 1 HTTP requests in this frame

Frame: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B63F4787D9E9917441269A5089393C5D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=280&pub_id=43801
Frame ID: AB5CC35207CCD110773B924A00E680F7
Requests: 3 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj
Frame ID: 4F623431A1C194E61D338FE8DB28BCF7
Requests: 2 HTTP requests in this frame

Frame: https://www.msn.com/en-us/homepage/secure/silentpassport?secure=true&lc=1033
Frame ID: 248C8EB703DE7BC5170606AB8E27B7EF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 885036A13ABEDBF2770B80773F8FC2A7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DA5EEAD3FC0F06D7C7B60697DE6E8CAC
Requests: 2 HTTP requests in this frame

Frame: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2142AA22B1F5A3D70E22ED7C55CC1980
Requests: 9 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0E799FDB84155F334AB9BE4E562C89C3
Requests: 11 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 7C03E6248410F84D88DF2B339779769A
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9D41D3FF789FFE315DF5B49D70A0C5C5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5FFA96CA15E8D5E0C48B90E57C634ACE
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DB7AAD246FFB5B077B402CD9C709C52E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos

Page URL History Show full URLs

  1. https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardiga... Page URL
  2. https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-abou... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

329
Requests

94 %
HTTPS

0 %
IPv6

62
Domains

93
Subdomains

62
IPs

5
Countries

2685 kB
Transfer

5762 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp Page URL
  2. https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1634088314&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2flifestyle%2fsecure%2fsilentpassport%3fsecure%3dtrue&lc=1033&id=1184&mkt=en-us HTTP 302
  • https://www.msn.com/en-us/lifestyle/secure/silentpassport?secure=true&lc=1033
Request Chain 19
  • https://ib.adnxs.com/async_usersync_file HTTP 302
  • https://acdn.adnxs.com/dmp/async_usersync.html
Request Chain 20
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 68
  • https://c.msn.com/c.gif?udc=true&rid=ae165b70a85c49aba9db9af737448f0c&rnd=637696851158128748&rf=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj%3Focid%3Dspartandhp&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%253Frefurl%253D%25252fen-us%25252flifestyle%25252flifestyle-buzz%25252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%25252far-AAJTECj%25253focid%25253dspartandhp&di=340&lng=en-us&activityId=ae165b70a85c49aba9db9af737448f0c&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=&st.sdpt=&subcvs=homepage&pg.n=startpage&pg.t=hp&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0 HTTP 302
  • https://c.bing.com/c.gif?udc=true&rid=ae165b70a85c49aba9db9af737448f0c&rnd=637696851158128748&rf=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj%3Focid%3Dspartandhp&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%253Frefurl%253D%25252fen-us%25252flifestyle%25252flifestyle-buzz%25252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%25252far-AAJTECj%25253focid%25253dspartandhp&di=340&lng=en-us&activityId=ae165b70a85c49aba9db9af737448f0c&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=&st.sdpt=&subcvs=homepage&pg.n=startpage&pg.t=hp&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=33E63681B96E4CF09FEB34A831216871&RedC=c.msn.com&MXFR=225CE5DFF1226E1C0C16F510F0606F66 HTTP 302
  • https://c.msn.com/c.gif?udc=true&rid=ae165b70a85c49aba9db9af737448f0c&rnd=637696851158128748&rf=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj%3Focid%3Dspartandhp&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%253Frefurl%253D%25252fen-us%25252flifestyle%25252flifestyle-buzz%25252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%25252far-AAJTECj%25253focid%25253dspartandhp&di=340&lng=en-us&activityId=ae165b70a85c49aba9db9af737448f0c&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=&st.sdpt=&subcvs=homepage&pg.n=startpage&pg.t=hp&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=33E63681B96E4CF09FEB34A831216871&MUID=0DC7A365ECBD6A392AA2B3AAEDF86BE3
Request Chain 69
  • https://sb.scorecardresearch.com/b?c1=2&c2=3000001&cs_ucfr=1&rn=1634088316199&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&c8=MSN+%7C+Outlook%2C+Office%2C+Skype%2C+Bing%2C+Breaking+News%2C+and+Latest+Videos&c9=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj%3Focid%3Dspartandhp HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1634088316199&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&c8=MSN%20%7C%20Outlook%2C%20Office%2C%20Skype%2C%20Bing%2C%20Breaking%20News%2C%20and%20Latest%20Videos&c9=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj%3Focid%3Dspartandhp
Request Chain 97
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7018355880291793045&gdpr=0&gdpr_consent=
Request Chain 109
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=1542435789 HTTP 301
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
Request Chain 131
  • https://pixel.adsafeprotected.com/rfw/st/677702/56362512/skeleton.js?adsafe_url=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.msn.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj%3Focid%3Dspartandhp&adsafe_type=c&adsafe_jsinfo=,id:e37619bd-a75a-8b54-94bd-0a1debded7a2,c:qSNgwO,sl:outOfView,em:true,fr:true,thd:1,mn:app23ie,pt:1-5-15,wc:0.0.1600.1200,ac:1132.383.300.250,am:i,cc:1132.383.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:t1,nbld:0,mtim:163,fm:sLGc32M+11%7C12*.677702-56362512%7C121%7C122%7C123,idMap:12*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,et:178,oid:6c4024c5-2bc4-11ec-ac0b-0ad2739237b2,v:19.8.248,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 202
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1634088315&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2fhomepage%2fsecure%2fsilentpassport%3fsecure%3dtrue&lc=1033&id=1184&mkt=en-us HTTP 302
  • https://www.msn.com/en-us/homepage/secure/silentpassport?secure=true&lc=1033
Request Chain 203
  • https://eb2.3lift.com/mapuid?suid=0DC7A365ECBD6A392AA2B3AAEDF86BE3&sid=16 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
Request Chain 204
  • https://www.bizographics.com/collect/?fmt=gif&pid=7850 HTTP 301
  • https://px.ads.linkedin.com/collect?fmt=gif&pid=7850 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Ffmt%3Dgif%26pid%3D7850%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMhqFEmK7SwD7xqV_wNLAPY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 264
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ5MDI0NTEzMzI4NTkwMjczNjk%3D
Request Chain 266
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/14902451332859027369?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-1xtvY4ZE2oSF3ouLYfWDlVsPX3ubJoBvHWMSQx5jeQ--~A&dongle=0883
Request Chain 269
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14902451332859027369 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14902451332859027369&dcc=t
Request Chain 270
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 271
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3848541916611467137&dongle=d407
Request Chain 289
  • https://idsync.rlcdn.com/420046.gif?partner_uid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQGx4dnlNX2k2eHA2VUF6MndESHktaU1SWHhWVUhwVmdvQlI2NUU5TjM5TUF3YU1SY252bm9DU2NneVJnUFoyYXoQABoNCP7qmIsGEgUI6AcQAEIASgA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELfP_z_f1NPYsNGEOFTiL_0&google_cver=1
Request Chain 291
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&s=2&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=6PoZwdzCiVfJH1wqS0wN&gdpr=0&us_privacy=1---
Request Chain 292
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7271693395134067963&obUid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Request Chain 293
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&gdpr=0&gdpr_pd=1&gdpr_consent=
Request Chain 295
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=d98952e9-9268-46bc-b448-a2f14e3d805d
Request Chain 298
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=ecae919b-3eb9-46b4-ba62-99623bd126c5
Request Chain 299
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=outbrain HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329519229247263&expires=30&ssp=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=babf4627-9858-4068-ba6a-cedbd75563b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 301
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPs0Dip9JZs8wTyE45-i714&google_cver=1 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/babf4627-9858-4068-ba6a-cedbd75563b0?gdpr=&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/babf4627-9858-4068-ba6a-cedbd75563b0?zcc=1&dspret=0&cb=1634088318772 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-76bc6ca4-8531-487e-8e1c-4b89780034e0-003
Request Chain 302
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7018355880291793045
Request Chain 304
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmVTZFV5bkNCb3d3a1Fhb0pUUktqcG51M2hmZ0VwVmp2RjVOQmNIakptQjQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=1mpn7m0&google_gid=CAESEFjxZRfXc1J9__2TWTmnAtc&google_cver=1 HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3848541916611467137&newuser=1&dc_rc=2&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26 HTTP 302
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=3d1f6166-357e-4300-a90d-c3e016ab60b1&dc_rc=3&dc_mr=5&dc_orig=1mpn7m0& HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26
Request Chain 306
  • https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&tc=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=VLJnHugDB7hy2lfdoygj&pi=outbrain&tc=1
Request Chain 311
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&s=193091&C=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YWY1f4k_IyHXiPOLqDFwCAAABF0AAAIB&obUid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Request Chain 322
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA8Cej9K2YD4MYqd5nP9w_o&google_cver=1&google_push=AYg5qPK-2_bLOOdjbPOXguJlxD8I2vBIIZSjNlTuqUJV8ZMBN6V-1pCu_Scq5BjEv-7ln_5v4gGMwDhnfdW1R8L6lfcLBaEoq36Q HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA8Cej9K2YD4MYqd5nP9w_o&google_cver=1&google_push=AYg5qPK-2_bLOOdjbPOXguJlxD8I2vBIIZSjNlTuqUJV8ZMBN6V-1pCu_Scq5BjEv-7ln_5v4gGMwDhnfdW1R8L6lfcLBaEoq36Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZnBRMzZhUncxTUF0MWM1&google_gid=CAESEA8Cej9K2YD4MYqd5nP9w_o&google_cver=1&google_push=AYg5qPK-2_bLOOdjbPOXguJlxD8I2vBIIZSjNlTuqUJV8ZMBN6V-1pCu_Scq5BjEv-7ln_5v4gGMwDhnfdW1R8L6lfcLBaEoq36Q
Request Chain 323
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEH0kh7OkCCXTFy0Lg7Tq0NU&google_cver=1&google_push=AYg5qPK_NEZOOms1rBKY9lxhRaKOlGhO3Z6DfhxC33ZEZeD1SwmC89QXNGw-cJ6Bor-D0_NjUgQHMyDpTKYXeLp1_Y_zpSNaaM9h HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEH0kh7OkCCXTFy0Lg7Tq0NU&google_push=AYg5qPK_NEZOOms1rBKY9lxhRaKOlGhO3Z6DfhxC33ZEZeD1SwmC89QXNGw-cJ6Bor-D0_NjUgQHMyDpTKYXeLp1_Y_zpSNaaM9h&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPK_NEZOOms1rBKY9lxhRaKOlGhO3Z6DfhxC33ZEZeD1SwmC89QXNGw-cJ6Bor-D0_NjUgQHMyDpTKYXeLp1_Y_zpSNaaM9h&google_hm=TUpFQVhkby1TQnprRXJwVFRuR00=
Request Chain 327
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 329
  • https://ib.adnxs.com/async_usersync_file HTTP 302
  • https://acdn.adnxs.com/dmp/async_usersync.html

329 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ar-AAJTECj
www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ 		71 KB
72 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
011ce01ec83a4a6713382f6c965db98c4705bcc1ed66670e665cc81949e2f0b5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; report-uri /en-us/lifestyle/c8b79639-6cdd-4227-9c53-1da96ca07550/_csp;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.msn.com
:scheme
https
:path
/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, no-transform
pragma
no-cache
content-length
72705
content-type
text/html; charset=utf-8
expires
-1
vary
User-Agent
access-control-allow-origin
*
x-aspnetmvc-version
5.2
x-appversion
20211001_24816374
x-activity-id
c8b79639-6cdd-4227-9c53-1da96ca07550
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 0, sn: neurope-prod-entertainment, dt: 2021-09-26T22:17:00.1529541Z, bt: 2021-10-01T00:14:52.8166315Z}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
strict-transport-security
max-age=1209600; includeSubDomains; preload
content-security-policy
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; report-uri /en-us/lifestyle/c8b79639-6cdd-4227-9c53-1da96ca07550/_csp;
x-ua-compatible
IE=Edge;chrome=1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
access-control-allow-methods
HEAD,GET,OPTIONS
x-xss-protection
1
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: C8B796396CDD42279C531DA96CA07550 Ref B: PRG01EDGE0808 Ref C: 2021-10-13T01:25:13Z
set-cookie
_EDGE_S=F=1; path=/; httponly; domain=msn.com _EDGE_V=1; path=/; httponly; expires=Mon, 07-Nov-2022 01:25:14 GMT; domain=msn.com MUID=225CE5DFF1226E1C0C16F510F0606F66; samesite=none; path=/; secure; expires=Mon, 07-Nov-2022 01:25:14 GMT; domain=msn.com
date
Wed, 13 Oct 2021 01:25:13 GMT
f77b07.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/f77b07.woff2
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-42.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:14 GMT
Last-Modified
Tue, 20 Apr 2021 02:08:50 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0a5ac1a8a35d71:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=16650201
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24428
X-XSS-Protection
1
8b-cc6783-6936df58
static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/ 		67 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/8b-cc6783-6936df58?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-42.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3aea6b1964270ddcef66c598d1df306e7f86267bb8c9de81f22077f35d2bdfbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-S2
2021-10-08T13:59:52
X-Powered-By
ASP.NET
X-Activity-Id
00000000-b21c-458e-a73f-3b99beb1cf5d
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
11934
X-XSS-Protection
1
X-AspNetMvc-Version
5.2
Last-Modified
Fri, 08 Oct 2021 13:59:52 GMT
Server
Microsoft-IIS/8.5
X-Az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 81, sn: neurope-prod-entertainment, dt: 2021-10-08T06:11:39.7303300Z, bt: 2021-10-01T00:14:52.8166315Z}
X-FRAME-OPTIONS
SAMEORIGIN
X-S1
2021-10-08T13:59:52
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform, max-age=31149244
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
Timing-Allow-Origin
*
X-AppVersion
20211001_24816374
Expires
Sat, 08 Oct 2022 13:59:18 GMT
js
jill.fc.yahoo.com/v1/client/msft/ 		244 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v1/client/msft/js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
3b16459f5fe6cd858ea2f26c4eb246e9ab3ae6fdf5e4e326e083b41bfb8ae71b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:20:28 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
286
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=900, s-maxage=900
x-robots-tag
noindex, noarchive, nosnippet, nofollow
content-length
191
x-content-type-options
nosniff
x-request-id
28d85d00da8136ab4da2d4f0be07abc34a1942
jquery-1.9.1.min.js
ajax.aspnetcdn.com/ajax/jquery/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery/jquery-1.9.1.min.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FBB) /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28214831
x-cache
HIT
content-length
32857
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:11:01 GMT
server
ECAcc (frc/8FBB)
etag
"8030b6bcc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
46-736d08-68ddb2ab
www.msn.com/en-us/lifestyle/_sc/js/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/cb-5871c4-b2a339c1/ 		256 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/lifestyle/_sc/js/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/cb-5871c4-b2a339c1/46-736d08-68ddb2ab?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
897401ba37065cc38bda3fb63b606fffdd1baf4e4006c8770281c30f6d73037a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-fetch-mode
cors
origin
https://www.msn.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
script
cookie
_EDGE_S=F=1; _EDGE_V=1; MUID=225CE5DFF1226E1C0C16F510F0606F66
:path
/en-us/lifestyle/_sc/js/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/cb-5871c4-b2a339c1/46-736d08-68ddb2ab?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.msn.com
referer
https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-s2
2021-10-06T13:28:34
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
x-activity-id
707e9194-125e-49a7-8f3e-784c0fe81d91
vary
Accept-Encoding
x-xss-protection
1
x-aspnetmvc-version
5.2
last-modified
Wed, 06 Oct 2021 13:28:34 GMT
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 18, sn: neurope-prod-entertainment, dt: 2021-09-27T00:06:05.3649248Z, bt: 2021-10-01T00:14:52.8166315Z}
x-frame-options
SAMEORIGIN
x-s1
2021-10-06T13:28:34
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-transform, max-age=30974600
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-msedge-ref
Ref A: 0B3A3DC1EBC44C95A655A1067B7FCC07 Ref B: PRG01EDGE0808 Ref C: 2021-10-13T01:25:14Z
timing-allow-origin
*
x-appversion
20211001_24816374
expires
Thu, 06 Oct 2022 13:28:34 GMT
t.gif
web.vortex.data.msn.com/collect/v1/ 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.msn.com/collect/v1/t.gif?name=%27Ms.Webi.PageView%27&ver=%272.1%27&appId=%27JS%3AMSN%27&ext-app-env=%27prod%27&ext-javascript-libver=%274.0.0-beta-10%27&ext-user-localId=%27t%3A%27&*baseType=%27Ms.Content.PageView%27&*isJs=False&*isLoggedIn=False&*isManual=True&*serverImpressionGuid=%27c8b79639-6cdd-4227-9c53-1da96ca07550%27&-ver=%271.0%27&-impressionGuid=%27c8b79639-6cdd-4227-9c53-1da96ca07550%27&-pageName=%27error404page%27&-uri=%27https%253A%252F%252Fwww.msn.com%252Fen-us%252Flifestyle%252Flifestyle-buzz%252Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252Far-AAJTECj%253Focid%253Dspartandhp%27&-referrerUri=%27%27&-pageTags=%27{%22rid%22%3A%22c8b79639-6cdd-4227-9c53-1da96ca07550%22%2C%22clid%22%3A%22c8b79639-6cdd-4227-9c53-1da96ca07550%22%2C%22clidType%22%3A%22activityId%22%2C%22dpt%22%3A%22lifestylebuzz%22%2C%22sdpt%22%3A%22%22%2C%22cvs%22%3A%22browser%22%2C%22subcvs%22%3A%22lifestyle%22%2C%22mv%22%3A%2215%22%2C%22pg.t%22%3A%22custcol%22%2C%22pg.p%22%3A%22prime%22}%27&-behavior=0&-market=%27en-us%27
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:13 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
MDZfQ16dEEqxHJyB+TM0VA.0
Content-Type
image/gif
Content-Length
43
Expires
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
59e092.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/65/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/65/59e092.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/8b-cc6783-6936df58?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-42.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
992564f1bcfe51937d23e7568089aa84e71aadb2e0944814a52ea887116ffb36
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/8b-cc6783-6936df58?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:14 GMT
Last-Modified
Tue, 20 Apr 2021 02:08:50 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0a5ac1a8a35d71:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=16801260
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21096
X-XSS-Protection
1
566d09.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/57/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/57/566d09.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/8b-cc6783-6936df58?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-42.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/8b-cc6783-6936df58?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:14 GMT
Last-Modified
Tue, 04 May 2021 00:11:56 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0aec9177a40d71:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=17918841
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25760
X-XSS-Protection
1
e383e0.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/91/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/91/e383e0.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/8b-cc6783-6936df58?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-42.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5386e2d36f0e037aa5174c444f63538df0f7c155f2d520426ab4121233160916
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/8b-cc6783-6936df58?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:14 GMT
Last-Modified
Fri, 18 Dec 2020 23:27:44 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"098e46295d5d61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=6188440
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6128
X-XSS-Protection
1
92a94e.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/5c/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/5c/92a94e.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/8b-cc6783-6936df58?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-42.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
81f4773e993b23de27dbeb6551b81df92b78f0728312fe246329bfcb34d99327
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/8b-cc6783-6936df58?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:14 GMT
Last-Modified
Thu, 19 Aug 2021 01:27:38 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0213b659994d71:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=27150835
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20224
X-XSS-Protection
1
c19270.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/e8/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/e8/c19270.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/8b-cc6783-6936df58?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-42.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
86e2cec61725378e8debf1606ecaa4f89b8299ecebbc851cd4ecc9694356f041
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/lifestyle/_sc/css/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-73b87b5f/e2-f9b1a1-e9f8c494/8b-cc6783-6936df58?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:14 GMT
Last-Modified
Wed, 03 Mar 2021 01:26:10 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0a5f730ccfd71:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=12672718
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22604
X-XSS-Protection
1
jac.js
jac.yahoosandbox.com/0.7.2/ 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.7.2/jac.js
Requested by
Host: jill.fc.yahoo.com
URL: https://jill.fc.yahoo.com/v1/client/msft/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
80ddd620de6d2982d76ac2e9a1a17a70041a23225990d1669f3c77534502e4d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 18:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26162
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
35932
x-amz-id-2
oplXYnKNCWpXsxRSG5jg49AcEwB+oVZ17okMDPbe73xV+Sl7rgHAqPy4JSE18QNz7EhhgqqKju8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 13 Jul 2021 14:50:34 GMT
server
ATS
etag
"27216f91f826d09f5b899ee50c9b9e1f-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
R2CR57KYATQ1J5TP
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
config.js
confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/ 		89 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/_sc/js/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/cb-5871c4-b2a339c1/46-736d08-68ddb2ab?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2.18.232.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-6.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
97b1ffaf0413f351625c6c565e25a1fd489bb38261e8d0141ae674861ceda2d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:14 GMT
Content-Encoding
gzip
x-amz-request-id
DYDR1HT04E2E3VZ6
Connection
keep-alive
Content-Length
29794
x-amz-id-2
aohz0vC6WqeRv8LgJwCkUIetapYJmkEpYd+aT484Q2WuGEpCk2HCjfAqT6rFDsDR46vIonDc6p4=
X-Served-By
cache-ams21025-AMS
Last-Modified
Fri, 01 Oct 2021 20:49:52 GMT
Server
AmazonS3
X-Timer
S1633170635.271168,VS0,VE0
ETag
"7ee4c3a1c9bf7235b30ce6f3fa5c1dbc"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
1
sp-frame.html
tag.idsync.analytics.yahoo.com/ Frame 16CB 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.7.2/jac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74

Request headers

:method
GET
:authority
tag.idsync.analytics.yahoo.com
:scheme
https
:path
/sp-frame.html?referrer=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

content-encoding
gzip
age
219
content-type
text/html
date
Wed, 13 Oct 2021 01:25:14 GMT
etag
"324f9bb044d7d71fa083c18b96aa4662+gzip"
last-modified
Wed, 18 Aug 2021 13:17:52 GMT
server
ECS (frb/669E)
vary
Accept-Encoding
x-amz-id-2
Ps/MsdOfI4uruIX8g9f+uRIVZJh8djkgtVEk9bLmmaq6Jn4MHxH8fGsgoHUrpdYhTAcPVHAbKiQ=
x-amz-request-id
Z1YAFZMG8SS0BH57
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3220
cms
cms.analytics.yahoo.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=MSFT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
silentpassport
www.msn.com/en-us/lifestyle/secure/ Frame EEDC
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1634088314&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2flifestyle%2fsecure%2fsilentpassport%3fsecure%3dtrue...
  • https://www.msn.com/en-us/lifestyle/secure/silentpassport?secure=true&lc=1033
239 B
459 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/lifestyle/secure/silentpassport?secure=true&lc=1033
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/_sc/js/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/cb-5871c4-b2a339c1/46-736d08-68ddb2ab?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
Security Headers
Name Value
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.msn.com
:scheme
https
:path
/en-us/lifestyle/secure/silentpassport?secure=true&lc=1033
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
cookie
_EDGE_S=F=1; _EDGE_V=1; MUID=225CE5DFF1226E1C0C16F510F0606F66; MC1=GUID=601bd0096db54567a317ef4d7344cda8&HASH=601b&LV=202110&V=4&LU=1634088314373; MS0=16297ab53bdf45dcadf3c9b7827040ae; ocid=spartandhp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

cache-control
private, no-transform
content-length
185
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
User-Agent
access-control-allow-origin
*
x-aspnetmvc-version
5.2
x-appversion
20211001_24816374
x-activity-id
09d2bccc-e3bb-4f3d-b91d-b25ef2ca4795
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 3, sn: neurope-prod-entertainment, dt: 2021-09-26T23:45:12.2293091Z, bt: 2021-10-01T00:14:52.8166315Z}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-powered-by
ASP.NET
access-control-allow-methods
HEAD,GET,OPTIONS
x-xss-protection
1
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 09D2BCCCE3BB4F3DB91DB25EF2CA4795 Ref B: PRG01EDGE0808 Ref C: 2021-10-13T01:25:14Z
date
Wed, 13 Oct 2021 01:25:13 GMT

Redirect headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
Wed, 13 Oct 2021 01:24:14 GMT
Location
https://www.msn.com/en-us/lifestyle/secure/silentpassport?secure=true&lc=1033
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy
strict-origin-when-cross-origin
x-ms-route-info
R3_BL2
x-ms-request-id
aa890bcd-b1b5-46a6-a689-e4cab295d2ee
PPServer
PPV: 30 H: BL02PF0EB199E5D V: 0
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Set-Cookie
uaid=811e1cf824dc4570a4f92ed4933897a6; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=1184&lt=1634088314&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date
Wed, 13 Oct 2021 01:25:14 GMT
Content-Length
0
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 16CB 		13 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=undefined&euconsent=undefined&us_privacy=undefined&referrer=https%3A%2F%2Fwww.msn.com%2F
Requested by
Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tag.idsync.analytics.yahoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
ATS/7.1.2.138
Age
0
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://tag.idsync.analytics.yahoo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Primary Request en-us
www.msn.com/ 		457 KB
93 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
61b930269cdb4a8b00ce5ab1ae8caaaf304bf0067b19bb3b255322add3dff4f9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: https://*.trouter.io:443 https://*.trouter.skype.com:443 wss://*.trouter.io:443 wss://*.trouter.skype.com:443;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.msn.com
:scheme
https
:path
/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
accept-encoding
gzip, deflate, br
cookie
_EDGE_S=F=1; _EDGE_V=1; MUID=225CE5DFF1226E1C0C16F510F0606F66; MC1=GUID=601bd0096db54567a317ef4d7344cda8&HASH=601b&LV=202110&V=4&LU=1634088314373; MS0=16297ab53bdf45dcadf3c9b7827040ae; ocid=spartandhp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp

Response headers

cache-control
no-cache, no-store, no-transform
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
User-Agent
set-cookie
PreferencesMsn=eyJFeHBpcnlUaW1lIjo2MzgwMTIyMTExNTUwMDMyNjQsIlZlcnNpb24iOjF90; domain=msn.com; expires=Thu, 13-Oct-2022 01:25:15 GMT; path=/; HttpOnly RecentStocks=; domain=msn.com; path=/; secure; HttpOnly anoncknm=; domain=msn.com; path=/; secure; HttpOnly adslrid=N; domain=msn.com; expires=Thu, 14-Oct-2021 01:25:15 GMT; path=/; secure
access-control-allow-origin
*
x-aspnetmvc-version
5.2
x-appversion
20211010_25060845
x-activity-id
ae165b70-a85c-49ab-a9db-9af737448f0c
x-az
{did:951b20c4cd6d42d29795c846b4755d88, rid: 17, sn: neurope-prod-hp, dt: 2021-09-29T17:47:48.3063183Z, bt: 2021-10-10T00:20:00.8083002Z}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
strict-transport-security
max-age=1209600; includeSubDomains; preload
content-security-policy
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: https://*.trouter.io:443 https://*.trouter.skype.com:443 wss://*.trouter.io:443 wss://*.trouter.skype.com:443;
x-ua-compatible
IE=Edge;chrome=1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
access-control-allow-methods
HEAD,GET,OPTIONS
x-xss-protection
1
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: AE165B70A85C49ABA9DB9AF737448F0C Ref B: PRG01EDGE0808 Ref C: 2021-10-13T01:25:15Z
date
Wed, 13 Oct 2021 01:25:15 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame B6CC
Redirect Chain
  • https://ib.adnxs.com/async_usersync_file
  • https://acdn.adnxs.com/dmp/async_usersync.html
52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/_sc/js/d7cb56b9-/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/cb-5871c4-b2a339c1/46-736d08-68ddb2ab?ver=20211001_24816374&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&ocid=spartandhp&csopd=20201002173427&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.msn.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 14 Oct 2021 01:25:17 GMT
Date
Wed, 13 Oct 2021 01:25:15 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
nginx/1.17.9
Date
Wed, 13 Oct 2021 01:25:15 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Location
https://acdn.adnxs.com/dmp/async_usersync.html
AN-X-Request-Uuid
3774baa6-10d5-4277-afaa-d6ed8168d345
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
bounce
ib.adnxs.com/ Frame B6CC
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:15 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8fc3b409-47e2-44b5-ac5e-3fe7931c3f13
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:15 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b47410e3-0151-4a55-a02a-d1719314daf6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
f77b07.woff2
static-global-s-msn-com.akamaized.net/hp-neu/sc/f8/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-global-s-msn-com.akamaized.net/hp-neu/sc/f8/f77b07.woff2
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Thu, 19 Aug 2021 01:27:38 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"0213b659994d71:0"
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=27352485
accept-ranges
bytes
content-length
24428
x-xss-protection
1
ca-470595-89307260
static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/css/d7cb56b9-b0eed365/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-4f1754d1/45-ff9b18-2d8c3c8a/ca-9c582f-491ca... 		286 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/css/d7cb56b9-b0eed365/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-4f1754d1/45-ff9b18-2d8c3c8a/ca-9c582f-491caa4c/60-a25ca6-6afa84ff/e2-f9b1a1-f30d5d05/8b-cc6783-3136911a/31-d818fe-267d49e0/49-0d67f3-feaf21fa/bf-1655d3-bae7c25b/f5-5c0439-ecdc80c3/2a-fa02c6-ce21f2e8/a5-c016a6-e8e1efc6/36-c0b615-4e5cd0ee/8a-ac1024-eb5d7a7/3f-1fbfe4-6397bdd4/6b-6fc997-846eb25/4c-1b2656-6019ddb8/b7-eb2126-e01d984a/d7-972503-1ff68540/63-ca4e51-4f2c15df/f4-8af327-1c2507c7/b2-9425eb-72d94145/f7-c78f3d-358c786e/be-7cadd3-e0a4caac/f0-a0bd1f-bb3f087/a1-1033fa-a3c980c5/75-813c5c-e37ae993/a6-942846-a1a2fb72/2d-0e97d4-185735b/ca-470595-89307260?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
003a19eb77c46999fdff2521272d6d58548afb763fc4d036d633e3450adb933d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-activity-id
00000000-7110-4e96-82c1-3fe948be5cfc
vary
Accept-Encoding
content-length
54725
x-xss-protection
1
x-aspnetmvc-version
5.2
last-modified
Tue, 12 Oct 2021 18:23:37 GMT
server
Microsoft-IIS/8.5
x-az
{did:951b20c4cd6d42d29795c846b4755d88, rid: 17, sn: neurope-prod-hp, dt: 2021-09-29T17:47:48.3063183Z, bt: 2021-10-01T00:14:52.8166315Z}
x-frame-options
SAMEORIGIN
x-s1
2021-10-12T18:23:37
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-transform, max-age=31510736
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-appversion
20211001_24816374
expires
Wed, 12 Oct 2022 18:24:12 GMT
js
jill.fc.yahoo.com/v1/client/msft/ 		244 B
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v1/client/msft/js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
3b16459f5fe6cd858ea2f26c4eb246e9ab3ae6fdf5e4e326e083b41bfb8ae71b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:20:28 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
288
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=900, s-maxage=900
x-robots-tag
noindex, noarchive, nosnippet, nofollow
content-length
191
x-content-type-options
nosniff
x-request-id
28d85d00da8136ab4da2d4f0be07abc34a1942
jquery-2.1.1.min.js
static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-activity-id
00000000-5433-4ab2-a043-921b06cb8132
content-length
29575
x-xss-protection
1
x-aspnetmvc-version
5.2
last-modified
Thu, 17 Dec 2020 22:10:38 GMT
server
Microsoft-IIS/8.5
x-az
{did:951b20c4cd6d42d29795c846b4755d88, rid: 0, sn: neurope-prod-hp, dt: 2020-12-17T21:52:48.8297024Z, bt: 2020-12-17T01:18:28.2032433Z}
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=5690692
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-appversion
20201216_29807887
expires
Fri, 17 Dec 2021 22:10:08 GMT
52-478955-68ddb2ab
static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-570562... 		428 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5036ad214c037de0815e3d8a8e6770ad6a12df3897c9ffcaac2b965de3162caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-activity-id
00000000-f90e-49c4-8726-20158d99f2d7
vary
Accept-Encoding
content-length
143988
x-xss-protection
1
x-aspnetmvc-version
5.2
last-modified
Tue, 12 Oct 2021 18:33:39 GMT
server
Microsoft-IIS/8.5
x-az
{did:951b20c4cd6d42d29795c846b4755d88, rid: 3, sn: neurope-prod-hp, dt: 2021-09-29T17:46:40.2913517Z, bt: 2021-10-01T00:14:52.8166315Z}
x-frame-options
SAMEORIGIN
x-s1
2021-10-12T18:33:39
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-transform, max-age=31511297
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-appversion
20211001_24816374
expires
Wed, 12 Oct 2022 18:33:33 GMT
AAL7wYl.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAL7wYl.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bbfcafec8560b0b938b8fe75aa70362f36ad61f09abef6ee1dfe18bb5176d4f0
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Sun, 10 Oct 2021 09:42:34 GMT
x-datacenter
northeu
x-source-length
5373
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=202581
x-activityid
944bce93-5a25-4453-9e27-88d021d27e73
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAL7wYl?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
1275
expires
Fri, 15 Oct 2021 09:41:37 GMT
AAOyVPd.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAOyVPd.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dfef7b9eb24c8f437994c7f1d87fd88d22f787c3e6e4580fa680f399a0d4ff76
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Sun, 10 Oct 2021 09:45:08 GMT
x-datacenter
northeu
x-source-length
10803
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=202719
x-activityid
8cced9d6-8f0c-4301-80a6-279c31be9256
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAOyVPd?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
content-length
1934
expires
Fri, 15 Oct 2021 09:43:55 GMT
BB1aj5PI.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		993 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1aj5PI.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1809cfb0395372b1aced21ee46e5511e5461e4e2e00419afb4528b11e284f68d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1aj5PI
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Sun, 10 Oct 2021 08:30:14 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
643
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=198348
x-activityid
ec4398de-5edb-4679-b1d4-3a3c50124b64
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1aj5PI?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
content-length
993
expires
Fri, 15 Oct 2021 08:31:04 GMT
BB14D0jG.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		927 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB14D0jG.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6162d97c80b6c11d2968a84ddddd9656422834b75c07eb593676926ef9338e21
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB14D0jG
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Sun, 10 Oct 2021 15:46:07 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
42413
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=224435
x-activityid
d99a56b1-25b2-47ce-9e21-29f58584c52b
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB14D0jG?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
content-length
927
expires
Fri, 15 Oct 2021 15:45:51 GMT
AANw7hC.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AANw7hC.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
caec3225fbf3f1735eaaa02c86341a026f38d090431e159f677ab9e416bf0cbf
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Sat, 09 Oct 2021 00:52:41 GMT
x-datacenter
northeu
x-source-length
1417
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=84401
x-activityid
49a15911-830f-45ba-a69e-fdcb8f3f0891
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AANw7hC?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
1522
expires
Thu, 14 Oct 2021 00:51:57 GMT
AAGpOUO.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		614 B
979 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAGpOUO.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1875c039ddd6caa3ea7108b74a0261e6c743657897d04f270383f25a29e5f3bf
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Mon, 11 Oct 2021 19:01:42 GMT
x-datacenter
northeu
x-source-length
1141
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=322629
x-activityid
18bbed39-c45c-4327-890c-da01db7d4797
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAGpOUO?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
content-length
614
expires
Sat, 16 Oct 2021 19:02:25 GMT
BB18RULE.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		17 B
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB18RULE.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d8d9aff2f072d607c488ba24d5095f30049f4246977d7370ab4152f3f0f891c1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
x-datacenter
northeu
x-frame-options
deny
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
x-activityid
e4c7c07a-8533-4387-b395-73d69b03427d
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
17
AAGUW9m.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAGUW9m.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
451ff2a75f100b07dfee9b355fbbae3604fc4240f5c8811c39a3882efe9d8a98
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAGUW9m
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 10:13:20 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
4717
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=377304
x-activityid
62f687d9-5b25-4862-95ff-c96374b07fdb
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAGUW9m?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
content-length
1438
expires
Sun, 17 Oct 2021 10:13:40 GMT
BB15wfq2.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB15wfq2.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3661f39d0ca88ef699dd5fc51c3cccb935caf234974524fe97bc22db3ed76d5b
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Sat, 09 Oct 2021 22:41:48 GMT
x-datacenter
northeu
x-source-length
1246
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=163001
x-activityid
c136dadd-4d75-41d5-9eb9-155fd51f2209
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB15wfq2?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
1374
expires
Thu, 14 Oct 2021 22:41:57 GMT
BB1cEP3G.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1cEP3G.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c7f0a19554ec6ea6e3c9bd09f3c662c78dc1bf501ebb47287ded74d82afd1f72
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB1cEP3G
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Sun, 10 Oct 2021 05:00:11 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
24813
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=185565
x-activityid
28394a5e-98de-4d86-9f01-70557b1e49e1
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cEP3G?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
content-length
1103
expires
Fri, 15 Oct 2021 04:58:01 GMT
AAKnp1k.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAKnp1k.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e84c5e333f7b5a9fc122c5272cadd7b746bfb1ee3555d6c1ea05f6bdb7b31f0b
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 07:08:18 GMT
x-datacenter
northeu
x-source-length
34652
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=366166
x-activityid
a70b810a-7c47-4dd1-a884-7d70943547ed
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKnp1k?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
1507
expires
Sun, 17 Oct 2021 07:08:02 GMT
e151e5.gif
static-global-s-msn-com.akamaized.net/hp-neu/sc/9b/ 		43 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/hp-neu/sc/9b/e151e5.gif
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Sun, 10 Jan 2021 01:04:06 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"047527eece6d61:0"
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=8535505
accept-ranges
bytes
content-length
43
x-xss-protection
1
BBiwNf.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		467 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBiwNf.img?m=6&o=true&u=true&n=true&w=30&h=30
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cdcbf15d025b1f1d7c2a9dfb73a32b37cb3d515edd62f34c68309efd08190080
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Mon, 11 Oct 2021 20:35:16 GMT
x-datacenter
northeu
x-source-length
1749
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=328244
x-activityid
812a9eef-20a2-4e2d-b2f0-f8c1ebf845d7
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBiwNf?m=6&o=true&u=true&n=true&w=30&h=30
content-length
467
expires
Sat, 16 Oct 2021 20:36:00 GMT
AAPr3L7.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPr3L7.img?h=372&w=628&m=6&q=60&u=t&o=t&l=f&f=jpg&x=418&y=284
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
72758433ff66a1d477f9d3a7175554f0c0e3506c9fe6f5a93e0d5db97a6b13d4
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 21:25:17 GMT
x-datacenter
northeu
x-source-length
90785
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=417540
x-activityid
7fd3250c-0eb2-406f-a849-712f2baccfa9
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPr3L7?h=372&w=628&m=6&q=60&u=t&o=t&l=f&f=jpg&x=418&y=284
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
26431
expires
Sun, 17 Oct 2021 21:24:16 GMT
BB1d9RNz.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1d9RNz.img?h=129&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1089&y=633
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
31a4693f2633f43adec2eb879a019505ce9176a35e7321ad2e3468fcba97548d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Sat, 09 Oct 2021 14:57:47 GMT
x-datacenter
northeu
x-source-length
3479818
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=135174
x-activityid
f198674c-9602-4b2f-a779-ae6a3a1b7c00
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1d9RNz?h=129&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1089&y=633
content-length
14724
expires
Thu, 14 Oct 2021 14:58:10 GMT
BB1epHIs.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1epHIs.img?h=197&w=306&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a31e577a70ddc79d1e6945741d44ed45161216a792e2362b58cb5fbf6abd93ce
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 07:01:27 GMT
x-datacenter
northeu
x-source-length
106569
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=365716
x-activityid
2d2c118b-1b45-4fdc-bd51-95f19c2faff3
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1epHIs?h=197&w=306&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
5914
expires
Sun, 17 Oct 2021 07:00:32 GMT
AANUdSY.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AANUdSY.img?h=197&w=306&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a9fb6aa16176039035125f232ec2cfb1184bcc53f265a0d4e0f13da368a0191
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Fri, 08 Oct 2021 07:16:31 GMT
x-datacenter
northeu
x-source-length
208896
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=21150
x-activityid
e93d654e-2dab-4b89-8e2f-74f3d6828c84
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AANUdSY?h=197&w=306&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
6742
expires
Wed, 13 Oct 2021 07:17:46 GMT
BB1cTwu6.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1cTwu6.img?h=197&w=306&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
79af9a2bc1c8a43504bc96d1689beebd8af648d88d86b555b445f4c6d180bd08
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Mon, 11 Oct 2021 13:03:19 GMT
x-datacenter
northeu
x-source-length
239454
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=301101
x-activityid
14e4ba30-08d5-48f5-9cd2-8a1c2eec9463
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cTwu6?h=197&w=306&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
13856
expires
Sat, 16 Oct 2021 13:03:37 GMT
th
www.bing.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OP.ey0pVZho%2f3AftQ474C474&o=5&pid=21.1
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
4106481c694fd9bce409a309354d3edc9bc45f8b714b494f2a9de3b18b4db3e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 538F7A7DFD0543FD9BA885800C316E9C Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
20836
th
www.bing.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OP.qpyR%2f4iY%2fwW4bw474C474&o=5&pid=21.1
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
fc83a80e7a4405d365852d4f4b9fc4af2446c4c232778afda6612a9c5b40e0ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 7C08567AAE7844A8A83D0BB126BB6F86 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
11141
th
www.bing.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OP.q1N1nnt3ubKfog474C474&o=5&pid=21.1
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
ec599383c300e93993aa2f651872be7b595d8568d501a9217f071084393d6f1c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: E64847B93ED24D37B7A8DB4CF5506CE1 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
31396
th
www.bing.com/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OP.3cU71d1Cbi5A6w474C474&o=5&pid=21.1
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
956f048d8d55b980d51847459ba6953eb5c4ab9c87012d907bd6b80249d2a532

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: E682314DFAEE4D3F87FB5DAB5F2E58DA Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
25879
th
www.bing.com/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OP.FcOQyLY%2bJqEoCg474C474&o=5&pid=21.1
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
4b2c8888ac4c8b8514eabe2589b8ea482a6fae46d979185a637d693bb856281a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: AA914BFCC80A41DAADBA756E3505323B Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
13398
th
www.bing.com/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OP.SeLtbg2Lsaqx9Q474C474&o=5&pid=21.1
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
fffa639837815732fa97c666bca1566dda758e4c6d62f184033397de707386c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 40908F6AE1924136A01FF388164E5B86 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
19377
th
www.bing.com/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OP.DiY8MCz8y7Fapg474C474&o=5&pid=21.1
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
f0231b8d850a2a77e51c70bb379e636428c1c04bafb8921be4b2c47a3f7d25bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: E6BC658F3A804DE1816F7917F68843E1 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
33208
th
www.bing.com/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OP.ghS7Jxk0pZOttQ474C474&o=5&pid=21.1&bw=0&bc=FFFFFF
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
061e50d90dcc586231718a9f6a9a52f645403789197ed0800136cfbc9282469e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 597F34B4247046A792C38FA21A944218 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
31377
th
www.bing.com/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OP.K6IpxOLDTLgc0Q474C474&o=5&pid=21.1&bw=0&bc=FFFFFF
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
d5d8cb795af65a37f045ce46ae2cede971dd52fbbf68440bfc7ab023f9a0a3eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 34AE8921E2874AF28AD682E942D21073 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
35781
th
www.bing.com/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OP.FL057%2bSxhmxLMQ474C474&o=5&pid=21.1
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
de61c1896c576a14492468fcdddf44277bdffce844665d22edcf6e9f37062b4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 36C8EE4CB18A44BB94DAAF829F4822C4 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
6196
AAMehvA.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAMehvA.img?h=197&w=306&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7ae96f2a9c53236af2780274b8e0c1459614a48db41d97a083bea8fe53a2e9ca
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 15:29:29 GMT
x-datacenter
northeu
x-source-length
128138
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=396326
x-activityid
cf8cad68-eb6d-4f2e-8723-a0beaf7a2d8b
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAMehvA?h=197&w=306&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
17788
expires
Sun, 17 Oct 2021 15:30:42 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
e383e0.woff2
static-global-s-msn-com.akamaized.net/hp-neu/sc/91/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-global-s-msn-com.akamaized.net/hp-neu/sc/91/e383e0.woff2
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/css/d7cb56b9-b0eed365/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-4f1754d1/45-ff9b18-2d8c3c8a/ca-9c582f-491caa4c/60-a25ca6-6afa84ff/e2-f9b1a1-f30d5d05/8b-cc6783-3136911a/31-d818fe-267d49e0/49-0d67f3-feaf21fa/bf-1655d3-bae7c25b/f5-5c0439-ecdc80c3/2a-fa02c6-ce21f2e8/a5-c016a6-e8e1efc6/36-c0b615-4e5cd0ee/8a-ac1024-eb5d7a7/3f-1fbfe4-6397bdd4/6b-6fc997-846eb25/4c-1b2656-6019ddb8/b7-eb2126-e01d984a/d7-972503-1ff68540/63-ca4e51-4f2c15df/f4-8af327-1c2507c7/b2-9425eb-72d94145/f7-c78f3d-358c786e/be-7cadd3-e0a4caac/f0-a0bd1f-bb3f087/a1-1033fa-a3c980c5/75-813c5c-e37ae993/a6-942846-a1a2fb72/2d-0e97d4-185735b/ca-470595-89307260?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5386e2d36f0e037aa5174c444f63538df0f7c155f2d520426ab4121233160916
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/css/d7cb56b9-b0eed365/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-4f1754d1/45-ff9b18-2d8c3c8a/ca-9c582f-491caa4c/60-a25ca6-6afa84ff/e2-f9b1a1-f30d5d05/8b-cc6783-3136911a/31-d818fe-267d49e0/49-0d67f3-feaf21fa/bf-1655d3-bae7c25b/f5-5c0439-ecdc80c3/2a-fa02c6-ce21f2e8/a5-c016a6-e8e1efc6/36-c0b615-4e5cd0ee/8a-ac1024-eb5d7a7/3f-1fbfe4-6397bdd4/6b-6fc997-846eb25/4c-1b2656-6019ddb8/b7-eb2126-e01d984a/d7-972503-1ff68540/63-ca4e51-4f2c15df/f4-8af327-1c2507c7/b2-9425eb-72d94145/f7-c78f3d-358c786e/be-7cadd3-e0a4caac/f0-a0bd1f-bb3f087/a1-1033fa-a3c980c5/75-813c5c-e37ae993/a6-942846-a1a2fb72/2d-0e97d4-185735b/ca-470595-89307260?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Thu, 17 Dec 2020 01:07:04 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"0ec80ee10d4d61:0"
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=7367407
accept-ranges
bytes
content-length
6128
x-xss-protection
1
Segoe-UI.woff2
static-global-s-msn-com.akamaized.net/hp-neu/_h/57566d09/webcore/fonts/SegoeUI/WestEuropean/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-global-s-msn-com.akamaized.net/hp-neu/_h/57566d09/webcore/fonts/SegoeUI/WestEuropean/Segoe-UI.woff2
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/css/d7cb56b9-b0eed365/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-4f1754d1/45-ff9b18-2d8c3c8a/ca-9c582f-491caa4c/60-a25ca6-6afa84ff/e2-f9b1a1-f30d5d05/8b-cc6783-3136911a/31-d818fe-267d49e0/49-0d67f3-feaf21fa/bf-1655d3-bae7c25b/f5-5c0439-ecdc80c3/2a-fa02c6-ce21f2e8/a5-c016a6-e8e1efc6/36-c0b615-4e5cd0ee/8a-ac1024-eb5d7a7/3f-1fbfe4-6397bdd4/6b-6fc997-846eb25/4c-1b2656-6019ddb8/b7-eb2126-e01d984a/d7-972503-1ff68540/63-ca4e51-4f2c15df/f4-8af327-1c2507c7/b2-9425eb-72d94145/f7-c78f3d-358c786e/be-7cadd3-e0a4caac/f0-a0bd1f-bb3f087/a1-1033fa-a3c980c5/75-813c5c-e37ae993/a6-942846-a1a2fb72/2d-0e97d4-185735b/ca-470595-89307260?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/css/d7cb56b9-b0eed365/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-4f1754d1/45-ff9b18-2d8c3c8a/ca-9c582f-491caa4c/60-a25ca6-6afa84ff/e2-f9b1a1-f30d5d05/8b-cc6783-3136911a/31-d818fe-267d49e0/49-0d67f3-feaf21fa/bf-1655d3-bae7c25b/f5-5c0439-ecdc80c3/2a-fa02c6-ce21f2e8/a5-c016a6-e8e1efc6/36-c0b615-4e5cd0ee/8a-ac1024-eb5d7a7/3f-1fbfe4-6397bdd4/6b-6fc997-846eb25/4c-1b2656-6019ddb8/b7-eb2126-e01d984a/d7-972503-1ff68540/63-ca4e51-4f2c15df/f4-8af327-1c2507c7/b2-9425eb-72d94145/f7-c78f3d-358c786e/be-7cadd3-e0a4caac/f0-a0bd1f-bb3f087/a1-1033fa-a3c980c5/75-813c5c-e37ae993/a6-942846-a1a2fb72/2d-0e97d4-185735b/ca-470595-89307260?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
access-control-allow-methods
HEAD,GET,OPTIONS
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-activity-id
00000000-1013-4b4d-bf6c-efb91788d5c9
content-length
25760
x-xss-protection
1
x-aspnetmvc-version
5.2
last-modified
Thu, 14 Jan 2021 16:09:28 GMT
server
Microsoft-IIS/8.5
x-az
{did:951b20c4cd6d42d29795c846b4755d88, rid: 8, sn: neurope-prod-hp, dt: 2021-01-06T23:25:22.1065409Z, bt: 2021-01-10T01:14:47.4809450Z}
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=8088003
x-appversion
20210109_30341631
expires
Fri, 14 Jan 2022 16:05:19 GMT
jac.js
jac.yahoosandbox.com/0.7.2/ 		139 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.7.2/jac.js
Requested by
Host: jill.fc.yahoo.com
URL: https://jill.fc.yahoo.com/v1/client/msft/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
80ddd620de6d2982d76ac2e9a1a17a70041a23225990d1669f3c77534502e4d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 18:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26164
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
35932
x-amz-id-2
oplXYnKNCWpXsxRSG5jg49AcEwB+oVZ17okMDPbe73xV+Sl7rgHAqPy4JSE18QNz7EhhgqqKju8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 13 Jul 2021 14:50:34 GMT
server
ATS
etag
"27216f91f826d09f5b899ee50c9b9e1f-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
R2CR57KYATQ1J5TP
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
truncated
/ 		623 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ace6f06fc3bfa63efc7b063b411acb199bf49c049b4b70893edf85c59688456

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
cfdbd9.png
static-global-s-msn-com.akamaized.net/hp-neu/sc/c6/ 		740 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/hp-neu/sc/c6/cfdbd9.png
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/css/d7cb56b9-b0eed365/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-4f1754d1/45-ff9b18-2d8c3c8a/ca-9c582f-491caa4c/60-a25ca6-6afa84ff/e2-f9b1a1-f30d5d05/8b-cc6783-3136911a/31-d818fe-267d49e0/49-0d67f3-feaf21fa/bf-1655d3-bae7c25b/f5-5c0439-ecdc80c3/2a-fa02c6-ce21f2e8/a5-c016a6-e8e1efc6/36-c0b615-4e5cd0ee/8a-ac1024-eb5d7a7/3f-1fbfe4-6397bdd4/6b-6fc997-846eb25/4c-1b2656-6019ddb8/b7-eb2126-e01d984a/d7-972503-1ff68540/63-ca4e51-4f2c15df/f4-8af327-1c2507c7/b2-9425eb-72d94145/f7-c78f3d-358c786e/be-7cadd3-e0a4caac/f0-a0bd1f-bb3f087/a1-1033fa-a3c980c5/75-813c5c-e37ae993/a6-942846-a1a2fb72/2d-0e97d4-185735b/ca-470595-89307260?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3b6770482af6da488bd797ad2682c8d204ed536d0d173ee7bb6ce80d479a2ea7
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/css/d7cb56b9-b0eed365/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/9b-c89214-4f1754d1/45-ff9b18-2d8c3c8a/ca-9c582f-491caa4c/60-a25ca6-6afa84ff/e2-f9b1a1-f30d5d05/8b-cc6783-3136911a/31-d818fe-267d49e0/49-0d67f3-feaf21fa/bf-1655d3-bae7c25b/f5-5c0439-ecdc80c3/2a-fa02c6-ce21f2e8/a5-c016a6-e8e1efc6/36-c0b615-4e5cd0ee/8a-ac1024-eb5d7a7/3f-1fbfe4-6397bdd4/6b-6fc997-846eb25/4c-1b2656-6019ddb8/b7-eb2126-e01d984a/d7-972503-1ff68540/63-ca4e51-4f2c15df/f4-8af327-1c2507c7/b2-9425eb-72d94145/f7-c78f3d-358c786e/be-7cadd3-e0a4caac/f0-a0bd1f-bb3f087/a1-1033fa-a3c980c5/75-813c5c-e37ae993/a6-942846-a1a2fb72/2d-0e97d4-185735b/ca-470595-89307260?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Wed, 28 Apr 2021 19:40:32 GMT
server
Microsoft-IIS/8.5
x-powered-by
ASP.NET
etag
"0b8b359663cd71:0"
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=17457184
accept-ranges
bytes
content-length
740
x-xss-protection
1
truncated
/ 		703 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7e6f4f25d43d1ca4a7100f215472e41a74defd1b48468195fdf3d75105a421f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		619 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32f77ef08b0686186845b20a1edcf0975c1cedfdc851d978baf6f238d65caa2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		372 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb6f941e69f93166dfbf402e34fd2e6c3ef21b6389656c23c1d779622e434b7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
config.js
confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/ 		89 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2.18.232.6 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-6.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
97b1ffaf0413f351625c6c565e25a1fd489bb38261e8d0141ae674861ceda2d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:16 GMT
Content-Encoding
gzip
x-amz-request-id
DYDR1HT04E2E3VZ6
Connection
keep-alive
Content-Length
29794
x-amz-id-2
aohz0vC6WqeRv8LgJwCkUIetapYJmkEpYd+aT484Q2WuGEpCk2HCjfAqT6rFDsDR46vIonDc6p4=
X-Served-By
cache-ams21025-AMS
Last-Modified
Fri, 01 Oct 2021 20:49:52 GMT
Server
AmazonS3
X-Timer
S1633170635.271168,VS0,VE0
ETag
"7ee4c3a1c9bf7235b30ce6f3fa5c1dbc"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
1
irisbannerajax
www.msn.com/en-us/homepage/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/homepage/irisbannerajax?position=top&canvas=homepage&refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
be25f534381e3dbd8c9e0675de73ca692fc76c709319337a8b91ef6e43d63158
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: https://*.trouter.io:443 https://*.trouter.skype.com:443 wss://*.trouter.io:443 wss://*.trouter.skype.com:443;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
_EDGE_S=F=1; _EDGE_V=1; MUID=225CE5DFF1226E1C0C16F510F0606F66; MC1=GUID=601bd0096db54567a317ef4d7344cda8&HASH=601b&LV=202110&V=4&LU=1634088314373; MS0=16297ab53bdf45dcadf3c9b7827040ae; ocid=spartandhp; PreferencesMsn=eyJFeHBpcnlUaW1lIjo2MzgwMTIyMTExNTUwMDMyNjQsIlZlcnNpb24iOjF90; RecentStocks=; anoncknm=; adslrid=N
:path
/en-us/homepage/irisbannerajax?position=top&canvas=homepage&refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
html
accept
*/*
cache-control
no-cache
:authority
www.msn.com
referer
https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
html

Response headers

strict-transport-security
max-age=1209600; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
x-activity-id
99929248-f237-4408-9529-a118ac694783
vary
User-Agent
content-length
2159
x-xss-protection
1
x-ua-compatible
IE=Edge;chrome=1
pragma
no-cache
x-aspnetmvc-version
5.2
x-az
{did:951b20c4cd6d42d29795c846b4755d88, rid: 13, sn: neurope-prod-hp, dt: 2021-09-29T21:15:10.5583929Z, bt: 2021-10-10T00:20:00.8083002Z}
date
Wed, 13 Oct 2021 01:25:15 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-security-policy
default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: https://*.trouter.io:443 https://*.trouter.skype.com:443 wss://*.trouter.io:443 wss://*.trouter.skype.com:443;
set-cookie
RecentStocks=; domain=www.msn.com; expires=Tue, 12-Oct-2021 01:25:16 GMT; path=/; secure; HttpOnly
x-msedge-ref
Ref A: 99929248F23744089529A118AC694783 Ref B: PRG01EDGE0808 Ref C: 2021-10-13T01:25:16Z
x-appversion
20211010_25060845
expires
-1
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
trends
www.bing.com/api/v1/mediation/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/api/v1/mediation/trends?appid=B5DB19752CCFB2A8DBC11E7390600F78C2B22A56&q=%7B%22ext%22%3A%7B%22pageType%22%3A%22MSNHomepage%22%2C%22appId%22%3A%22B5DB19752CCFB2A8DBC11E7390600F78C2B22A56%22%7D%2C%22id%22%3A%22ae165b70a85c49aba9db9af737448f0c%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22ae165b70a85c49aba9db9af737448f0c%22%7D%5D%2C%22site%22%3A%7B%22cat%22%3A%5B%22trendingrecs%22%5D%2C%22content%22%3A%7B%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2F%22%7D%2C%22domain%22%3A%22www.msn.com%22%2C%22keywords%22%3A%22default%22%2C%22page%22%3A%22https%3A%2F%2Fwww.msn.com%2F%22%2C%22publisher%22%3A%7B%22ext%22%3A%7B%22adunitid%22%3A366981%2C%22propertyid%22%3A316966%2C%22formcode%22%3A%22PRHPS5%22%2C%22partnercode%22%3A%22BT01%22%7D%2C%22id%22%3A%2217160724%22%2C%22name%22%3A%22MSN%22%7D%7D%7D
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
a2faaea004e76859dd623b2c67841594b89480b8a1b013877490d495767eec2b

Request headers

Accept
*/*
Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:16 GMT
x-msedge-ref
Ref A: 71C941FB5ECF43EEA770C38426214A98 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.msn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
c.gif
c.msn.com/
Redirect Chain
  • https://c.msn.com/c.gif?udc=true&rid=ae165b70a85c49aba9db9af737448f0c&rnd=637696851158128748&rf=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-an...
  • https://c.bing.com/c.gif?udc=true&rid=ae165b70a85c49aba9db9af737448f0c&rnd=637696851158128748&rf=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-a...
  • https://c.msn.com/c.gif?udc=true&rid=ae165b70a85c49aba9db9af737448f0c&rnd=637696851158128748&rf=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-an...
42 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.msn.com/c.gif?udc=true&rid=ae165b70a85c49aba9db9af737448f0c&rnd=637696851158128748&rf=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj%3Focid%3Dspartandhp&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%253Frefurl%253D%25252fen-us%25252flifestyle%25252flifestyle-buzz%25252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%25252far-AAJTECj%25253focid%25253dspartandhp&di=340&lng=en-us&activityId=ae165b70a85c49aba9db9af737448f0c&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=&st.sdpt=&subcvs=homepage&pg.n=startpage&pg.t=hp&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=33E63681B96E4CF09FEB34A831216871&MUID=0DC7A365ECBD6A392AA2B3AAEDF86BE3
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Wed, 15 Sep 2021 17:29:40 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"367bb54357aad71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:16 GMT
x-msedge-ref
Ref A: 69D53C4FABBE460EBB9E766824847541 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.msn.com/c.gif?udc=true&rid=ae165b70a85c49aba9db9af737448f0c&rnd=637696851158128748&rf=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj%3Focid%3Dspartandhp&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%253Frefurl%253D%25252fen-us%25252flifestyle%25252flifestyle-buzz%25252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%25252far-AAJTECj%25253focid%25253dspartandhp&di=340&lng=en-us&activityId=ae165b70a85c49aba9db9af737448f0c&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=&st.sdpt=&subcvs=homepage&pg.n=startpage&pg.t=hp&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=33E63681B96E4CF09FEB34A831216871&MUID=0DC7A365ECBD6A392AA2B3AAEDF86BE3
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3000001&cs_ucfr=1&rn=1634088316199&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-abou...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1634088316199&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-abo...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1634088316199&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&c8=MSN%20%7C%20Outlook%2C%20Office%2C%20Skype%2C%20Bing%2C%20Breaking%20News%2C%20and%20Latest%20Videos&c9=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj%3Focid%3Dspartandhp
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-42.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
oBGgpzRNA9g5KoobFDAlHRnwksbR5wAkP-wg98eYDthh___pjfCbCA==

Redirect headers

date
Wed, 13 Oct 2021 01:25:16 GMT
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1634088316199&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&c8=MSN%20%7C%20Outlook%2C%20Office%2C%20Skype%2C%20Bing%2C%20Breaking%20News%2C%20and%20Latest%20Videos&c9=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj%3Focid%3Dspartandhp
content-length
548
x-amz-cf-id
66U0JjxBz6TKfUX4MAO9nXkK3SWCYXQHGmt0vOKk1XFZxuGwfIKYgg==
AA2XYnz.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA2XYnz.img?m=6&o=true&u=true&n=true&w=305&h=300
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24fa96eb064b3ae418ed8c9415fdab1256257b7c9d9664ed94c6c66b4e774af7
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA2XYnz
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Mon, 11 Oct 2021 09:27:55 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
1304
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=288186
x-activityid
6bd11340-0a5a-48b4-bd9d-587ad9afcc0d
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA2XYnz?m=6&o=true&u=true&n=true&w=305&h=300
content-length
1275
expires
Sat, 16 Oct 2021 09:28:22 GMT
BBqlEdK.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		594 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBqlEdK.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
63478e930215112adb29425b1b1bb0f531381e85a159b4b5907629c11fc55991
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Sun, 10 Oct 2021 07:40:32 GMT
x-datacenter
northeu
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=195264
x-activityid
3d3ce278-aa6e-4e8c-a485-41ecb431cb96
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBqlEdK?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
594
expires
Fri, 15 Oct 2021 07:39:40 GMT
AAPoges.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPoges.img?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg&x=320&y=53
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6da9480df6ece4f34316172a927b4122f9c15d721e6e9595839be868e94ebbff
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 07:01:59 GMT
x-datacenter
northeu
x-source-length
67064
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=365683
x-activityid
458636e4-2c4e-41cf-918e-b462c2537ae1
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPoges?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg&x=320&y=53
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2992
expires
Sun, 17 Oct 2021 06:59:59 GMT
AAPqSip.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPqSip.img?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a1a65616f060b4cf8c40dfd0b12bc8d1f3c4b1d20e820b6bd36c17167a351bbe
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 23:39:27 GMT
x-datacenter
northeu
x-source-length
209574
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425582
x-activityid
36e3dc73-22a9-4734-996a-16365f76de5a
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPqSip?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
3257
expires
Sun, 17 Oct 2021 23:38:18 GMT
AAywHbG.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		651 B
1017 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAywHbG.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
298a0217c5310c6a78c96b0e033d31f594f1e80a9e75c74a7fa2ab1955cb2014
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Mon, 11 Oct 2021 19:52:10 GMT
x-datacenter
northeu
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=325520
x-activityid
f49eb06c-5b41-4d0e-a832-cb7d5e5cc7d3
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywHbG?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
651
expires
Sat, 16 Oct 2021 19:50:36 GMT
AAPqZli.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPqZli.img?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f71351ac7bf35709429df993478958e2307353dd59ef693d74c93f48e4418fa
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 22:38:49 GMT
x-datacenter
northeu
x-source-length
247084
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=421993
x-activityid
63d2a4b6-d552-44ab-b9ca-cc68ee166d81
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPqZli?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2400
expires
Sun, 17 Oct 2021 22:38:29 GMT
AAxspu1.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		502 B
891 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAxspu1.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c507a265656da6de48cfdd771392c9394a86947eb7372fdffd097582b6613767
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAxspu1
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 01:02:35 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
19025
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=344181
x-activityid
414a5f13-1e1e-41e3-bdba-48948654dedb
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAxspu1?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
502
expires
Sun, 17 Oct 2021 01:01:37 GMT
AANveIX.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AANveIX.img?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d9a150431e969e3b5ac8c9eb185ab77b9434620f9322c7d874c6d58aac234ab7
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 07:02:30 GMT
x-datacenter
northeu
x-source-length
123608
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=365802
x-activityid
334ffb91-b1e9-4b10-84b0-beef071fa835
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AANveIX?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
3482
expires
Sun, 17 Oct 2021 07:01:58 GMT
AAPrjP8.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPrjP8.img?h=256&w=306&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
385a8d6e4918a112654167d9c46fbbb50401598949be7715e6bb0974e32a942e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Wed, 13 Oct 2021 01:25:16 GMT
x-datacenter
northeu
x-source-length
305784
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431950
x-activityid
902f3b2a-e652-4b59-82ee-a07da919884f
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPrjP8?h=256&w=306&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
22665
expires
Mon, 18 Oct 2021 01:24:26 GMT
BBNvr53.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		633 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBNvr53.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
58a5b43acbbb92f70e045fd526733f71e2d9328a325140a2e93489398ca1f302
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 11:19:49 GMT
x-datacenter
northeu
x-source-length
592
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=381202
x-activityid
aa74da09-84d4-414a-accb-465d163bac1a
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
633
expires
Sun, 17 Oct 2021 11:18:38 GMT
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
Impression
arc.msn.com/v3/Delivery/Events/ 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arc.msn.com/v3/Delivery/Events/Impression?PID=425369178&TID=700369364&CID=128000000002954529&BID=1744612178&PG=PC0001WD69.0000000BZC&TPID=425369178&REQASID=5969DE0A6ECB445FAAD3F1789D38AD80&ASID=1d7d84acc4f149039f82ada466f89481&SLOT=1&REQT=20211013T012516&MA_Score=2&&DS_EVTID=1d7d84acc4f149039f82ada466f89481&BCNT=1&PG=PC0001WD69.0000000BZC&UNID=10837393&MAP_TID=DCE11519-F49A-4F6B-8F6F-1677D8F1EE1B&NCT=1&ASID=5969DE0A6ECB445FAAD3F1789D38AD80&REQASID=5969DE0A6ECB445FAAD3F1789D38AD80&ARC=1&EMS=1&LOCALE=EN-US&COUNTRY=US&HTD=-1&LANG=1033&DEVLANG=EN&CIP=23.101.59.250&ID=225CE5DFF1226E1C0C16F510F0606F66&OPTOUTSTATE=0&HTTPS=1&MARKETBASEDCOUNTRY=US&CFMT=&H=0&W=0&FESVER=1.3&PL=EN-US&ISSIGNEDIN=0&BROWSER=2&ISMOBILE=0&OPSYS=WIN10&MSN_CANVAS=1&CHNL=CFD&UIT=G
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.50.102.62 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/xml; charset=utf-8
cache-control
no-store, no-cache
date
Wed, 13 Oct 2021 01:25:16 GMT
content-length
0
expires
Mon, 01 Jan 0001 00:00:00 GMT
RWLcTe
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWLcTe?ver=93b6
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8fbee0eebaa996bcd929ecf9461e6223348f9ed3b0e8a537917ec2b9097b3b3e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:16 GMT
last-modified
Tue, 12 Oct 2021 12:48:00 GMT
x-datacenter
northeu
x-source-length
8224
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=386486
x-activityid
3b078671-1e87-45c3-b973-01af2058ce89
x-resizerversion
1.0
x-deployment
a89a5014e89c41b7b60a64d7ee950637
content-location
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWLcTe?ver=93b6
content-length
8224
expires
Sun, 17 Oct 2021 12:46:42 GMT
js
jill.fc.yahoo.com/v2/ads/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.7.2&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22params%22%3A%7B%22msft_jac%22%3A%221%22%2C%22msft_providerid%22%3A%227HD66FC%22%2C%22msft_rid%22%3A%22ae165b70a85c49aba9db9af737448f0c%22%2C%22msft_ext_inv_cd%22%3A%22us%22%2C%22msft_muid%22%3A%22225CE5DFF1226E1C0C16F510F0606F66%22%2C%22msft_pagetype%22%3A%22homepage%22%7D%2C%22region%22%3A%22US%22%2C%22adClientId%22%3A%221002%22%7D%7D%2C%22positions%22%3A%7B%22banner1_homepag_0%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221634088316321%7C611572499606302500%22%7D%2C%22alias%22%3A%22MSNUSEN15%22%2C%22sizes%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%22rectangle1_home_1%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221634088316340%7C946177486228538500%22%7D%2C%22alias%22%3A%22MSNUSEN11%22%2C%22sizes%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%22banner6_homepag_2%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221634088316340%7C612077468142689800%22%7D%2C%22alias%22%3A%22MSNUSEN12%22%2C%22sizes%22%3A%5B%22728x90%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22MSN-enus%22%2C%22pageSessionId%22%3A%226332b147a%22%2C%22referrer%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj%3Focid%3Dspartandhp%22%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A4%2C%22applies%22%3A0%7D%7D%7D%2C%22requestId%22%3A1%2C%22metrics%22%3Atrue%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.7.2/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
2cf6191ca7e30fa5ee20b3bd4d3776b99e74ed76b7442bea001968ad1d8a39cc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:16 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
2736b0d998ff4e42d816de182859d2c9963180
jac.js
jac.yahoosandbox.com/0.7.2/ Frame ED39 		139 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.7.2/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.7.2/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
80ddd620de6d2982d76ac2e9a1a17a70041a23225990d1669f3c77534502e4d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 18:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26164
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
35932
x-amz-id-2
oplXYnKNCWpXsxRSG5jg49AcEwB+oVZ17okMDPbe73xV+Sl7rgHAqPy4JSE18QNz7EhhgqqKju8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 13 Jul 2021 14:50:34 GMT
server
ATS
etag
"27216f91f826d09f5b899ee50c9b9e1f-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
R2CR57KYATQ1J5TP
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
jac.js
jac.yahoosandbox.com/0.7.2/ Frame 82ED 		139 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.7.2/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.7.2/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
80ddd620de6d2982d76ac2e9a1a17a70041a23225990d1669f3c77534502e4d2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 18:09:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26164
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
35932
x-amz-id-2
oplXYnKNCWpXsxRSG5jg49AcEwB+oVZ17okMDPbe73xV+Sl7rgHAqPy4JSE18QNz7EhhgqqKju8=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 13 Jul 2021 14:50:34 GMT
server
ATS
etag
"27216f91f826d09f5b899ee50c9b9e1f-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
R2CR57KYATQ1J5TP
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
adServe.do
web.ssp.yahoo.com/admax/ Frame ED39 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=MSNUSEN15&tp=msft_muid%3D225CE5DFF1226E1C0C16F510F0606F66!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dhomepage!msft_rid%3Dae165b70a85c49aba9db9af737448f0c!msft_year%3D!msft_asid%3D1634088316321|611572499606302500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
fbc5add338901895d26e1950be72646be9d472b41069911313b3350079d383af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:17 GMT
Server
ATS/7.1.2.138
Age
1
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
4883
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adcount%7C2.0%7C5113.1%7C3762118%7C0%7C225%7CAdId=11043949;BnId=3;ct=3584393314;st=4711;adcid=1;itime=88316366;reqtype=5;guid=8g7g67hgmcdbs&b=3&s=07;;impref=16340883162567037262;imprefseq=218734858...
26.at.atwola.com/ Frame ED39 		1 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3762118%7C0%7C225%7CAdId=11043949;BnId=3;ct=3584393314;st=4711;adcid=1;itime=88316366;reqtype=5;guid=8g7g67hgmcdbs&b=3&s=07;;impref=16340883162567037262;imprefseq=218734858972333648;imprefts=1634088316;adclntid=1002;pvid=6332b147a;kvgrp=6332b147a;kvmsft_jac=1;kvmsft_pagetype=homepage;kvpg=www.msn.com%2Fen-us;kvmn=msnusen15;kvsecure=true;kvmsft_providerid=7hd66fc;kvmsft_asid=1634088316321%7C611572499606302500;kvmsft_rid=ae165b70a85c49aba9db9af737448f0c;kvmsft_ext_inv_cd=us;kvmsft_muid=225CE5DFF1226E1C0C16F510F0606F66;gdpr=0;
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:16 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
adServe.do
web.ssp.yahoo.com/admax/ Frame 82ED 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=MSNUSEN11&tp=msft_muid%3D225CE5DFF1226E1C0C16F510F0606F66!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dhomepage!msft_rid%3Dae165b70a85c49aba9db9af737448f0c!msft_year%3D!msft_asid%3D1634088316340|946177486228538500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
fc05e687afa15c08f224e6e01ed6265ebe92b5fb267690ff013f42c053ce75a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:17 GMT
Server
ATS/7.1.2.138
Age
1
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
5085
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adcount%7C2.0%7C5113.1%7C3762075%7C0%7C170%7CAdId=11043949;BnId=4;ct=3584393314;st=6152;adcid=1;itime=88316367;reqtype=5;guid=8g7g67hgmcdbs&b=3&s=07;;impref=16340883162567037265;imprefseq=218734858...
26.at.atwola.com/ Frame 82ED 		1 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3762075%7C0%7C170%7CAdId=11043949;BnId=4;ct=3584393314;st=6152;adcid=1;itime=88316367;reqtype=5;guid=8g7g67hgmcdbs&b=3&s=07;;impref=16340883162567037265;imprefseq=218734858972333651;imprefts=1634088316;adclntid=1002;pvid=6332b147a;kvgrp=6332b147a;kvmsft_jac=1;kvmsft_pagetype=homepage;kvpg=www.msn.com%2Fen-us;kvmn=msnusen11;kvsecure=true;kvmsft_providerid=7hd66fc;kvmsft_asid=1634088316340%7C946177486228538500;kvmsft_rid=ae165b70a85c49aba9db9af737448f0c;kvmsft_ext_inv_cd=us;kvmsft_muid=225CE5DFF1226E1C0C16F510F0606F66;gdpr=0;
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:17 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
1
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
ab
fra1-ib.adnxs.com/ Frame 82ED 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QK0DvD9NAcAAAMA1gAFAQj86piLBhCToMyqnrqSqhoY3Zy6kIT_ptk8KjYJFSe1SBgbAkARQpa82pHT_z8ZAAAAwMzMCEAhVGv0eav3BEAplq31RULbB0AxAAAAgML14D8wz67IATiYAkCpOUgCUMDZgJIBWOS1A2AAaMDYOHjsxQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoClQF1ZignYScsIDE2OTQzNjgsIDE2MzQwODgzMTYpO3VmKCdpJywgNTYyNDM1NiwgMTYzNDA4ODMxNik7dWYoJ2cnLCAxNDQwODM3NixCOwAsYycsIDQ5MDUzNzE2RjwAMHInLCAzMDYxOTU2NDg2HwD0dQGSAtkEIVZIazdhUWlVZ0xJWEVNRFpnSklCR0FBZzVMVURNQUk0QUVBQVNLazVVTS11eUFGWUFHQzFCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQ3FnQkNyQUJBTGtCa2JTaXV3ZWdCRURCQWZLR1FDTkMyd2RBeVFFQUFBQ2dIcjBDUU5rQnRUZjR3bVNxNnpfZ0FhU2sxd0wxQVRNenN6LVlBZ0NnQWdTMUFnQUFBQUM5QWdBQUFBRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk0TGZSR3hBRUdBRXRPMFFRT3FJREV3aXdtTDhiRUFvWUFTMzE2QlZBTWdOMWJtdTZBd2xHVWtFeE9qVTNPREhnQTlJc2dBVFk0SmNHaUFUcjRKY0drQVFCbUFRQnNnUUpDTmIyZlJEMW9fNE11Z1FaQ08wSUViZ2VoZXRSdUw0X0dRQUFBQUFBQUFBQUlOYjJmY0VFdUI2RjYxRzR2al9KQgG_DQEYMkFRQThRUQ0OKEFBQUlnRmxTMnBCERMUUEFfc1FVARoJAThNRUZEbmNVRWdlZ0JFREouKAAAMC4oAAhOa0YJMchBQThEX2dCZDZaRXZBRnVMWHZCdmdGb0xWbmdnWURSVlZTaUFZQWtBWUJtQVlBb1FabVoFAjRiMlA2Z0dCTElHSkFrQRUBBEJFFQsIQUJrGQwAQx0YRExnR0NnLi6aApkBIWl4c19CZzpdAixPUzFBeUFBS0FBeFoFbZBabTlqODZDVVpTUVRFNk5UYzRNVURTTEVtMU5fakNaS3JyUDFFGW0ARh15MEdHNEhvWHJVYmktUDIdGABIHZEMSGdBaUVxAQHwaUR3UHcuLrICIDIyNUNFNURGRjEyMjZFMUMwQzE2RjUxMEYwNjA2RjY22AIB4AK7zlTqAhRodHRwczovL3d3dy5tc24uY29tL_ICEQoGQURWX0lEEgcxNjk0MzY48gISCgZDUEdfSUQSCDFtsBjyAgoKBUNQASgYATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFZAAeNOgDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8O0BMIADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA6YF4AMA6AMA-AMDgAQAkgQOL29wZW5ydGIyL21zZnSYBACiBA8yMTYuMTMxLjExNC4xMzmoBACyBAwIABAAGAAgADAAOAC4BADABI6ajyLIBADSBA43MzM3I0ZSQTE6NTc4MdoEAggB4AQA8ATA2YCSAfoEEgkAAAAgXw9JQBEAAACgkJIhQIgFAZgFAKAF____________AaoFIGFjMzM0M2E3NDllYjRiMGFiYzczNTNjOTFjNmRkMWE5wAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9s2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBrQl2gYWChAJERkBAdZM4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCfAwvwZAAMgH7MUF0gcNCRE6ATgI2gcGCSc44AcA6gcCCADwB-jXAvoHBfIFAQHyBQEEgghKFQA.&s=36069c9b62c4c075f428ce3d021c8d7856d2ebbb&pp=1.989153
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=MSNUSEN11&tp=msft_muid%3D225CE5DFF1226E1C0C16F510F0606F66!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dhomepage!msft_rid%3Dae165b70a85c49aba9db9af737448f0c!msft_year%3D!msft_asid%3D1634088316340|946177486228538500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
81ce89831c48dde3929e9a01c0a83912dbd388c97379d7508ab63669ecf76804
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:17 GMT
Content-Encoding
gzip
X-Creative-ID
306195648
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e80fe4ac-0df1-44fa-88c7-a6c12063801a
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adEvent.do
prod-m-node-3113.ssp.advertising.com/admax/ Frame 82ED 		43 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.advertising.com/admax/adEvent.do?tidi=770909769&dcn=8a9691540170705f2c9b79e3c17000d5&posi=986517&grp=%3F%3F%3F&nl=1634088317007&rts=1634088316826&pix=1&et=1&a=3fd981ca24e847b7bd8f90d7130cd947&m=aXAtMTAtMjItMTE4LTEyNA..&p=MC4wMDE5ODkxNTM&b=MTMxMzg7NzMzNzt0b3lvdGEuaHU7Ozs7YWMzMzQzYTc0OWViNGIwYWJjNzM1M2M5MWM2ZGQxYTk7Mjk1OTkzNjA7MTYzNDA4NTAwMTs7MC4wMDE5ODkxNTM7OzA7OzMwNjE5NTY0ODtlNGQyNTdkMGQ5Y2E3NmVjZGFiMzY4NjFhZDliNzhmOWU0YThlYzUxOzE.&uid=y-OHDHr0VE2upQMusfL2SM3d5sw5rM%7EA&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxNw..&xoi=MHxERVU.&af=6&dety=2
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=MSNUSEN11&tp=msft_muid%3D225CE5DFF1226E1C0C16F510F0606F66!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dhomepage!msft_rid%3Dae165b70a85c49aba9db9af737448f0c!msft_year%3D!msft_asid%3D1634088316340|946177486228538500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.68.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-68-138.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 17:56:26 GMT
server
nginx/1.20.1
accept-ranges
bytes
content-length
43
content-type
image/gif
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 82ED 		19 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,55940,58319,58294,55953,58292,58160,55829,55859,55986,57926,55965&referrer=www.msn.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=MSNUSEN11&tp=msft_muid%3D225CE5DFF1226E1C0C16F510F0606F66!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dhomepage!msft_rid%3Dae165b70a85c49aba9db9af737448f0c!msft_year%3D!msft_asid%3D1634088316340|946177486228538500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:17 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
talon-1.0.37.js
cdn.js7k.com/ix/ Frame 82ED 		76 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.37.js
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=MSNUSEN11&tp=msft_muid%3D225CE5DFF1226E1C0C16F510F0606F66!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dhomepage!msft_rid%3Dae165b70a85c49aba9db9af737448f0c!msft_year%3D!msft_asid%3D1634088316340|946177486228538500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 00:18:29 GMT
x-content-type-options
nosniff
age
4009
x-amz-server-side-encryption
AES256
content-length
78331
x-amz-id-2
WKeCw+ZF21M9LCFVL/tqh+UQ9VeEQNAEI9Sn93nwUwWX81i+mX/lXoEc0RFdDRsch2opkPXOZmw=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 10 Aug 2021 15:57:38 GMT
server
ATS
etag
"89552f1206dff50a36eaa1887718e2c3"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
45HWB8MD46XBAFCG
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
click
ad.doubleclick.net/ddm/adj/N526601.2621703GROUPMCOMPETENCEC/B25554596.310902695;gdpr=0;gdpr_consent=;sz=300x250;ord=753143784;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;click=https://... Frame 82ED 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N526601.2621703GROUPMCOMPETENCEC/B25554596.310902695;gdpr=0;gdpr_consent=;sz=300x250;ord=753143784;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;click=https://fra1-ib.adnxs.com/click?FSe1SBgbAkBClrzakdP_PwAAAMDMzAhAVGv0eav3BECWrfVFQtsHQBMQU-XRSVQaXY4OQvibsjx8NWZhAAAAAE8XMgAYAQAAqRwAAAIAAADALEAS5NoAAAAAAABVU0QAVVNEACwB-gBALAAAAAABAgUCAAAAAJwA7iEo_wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21ixs_BgiUgLIXEMDZgJIBGOS1AyAAKAAxZmZmZmZm9j86CUZSQTE6NTc4MUDSLEm1N_jCZKrrP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbi-P2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMzNyNGUkExOjU3ODE=/bn=90860/clickenc=
Requested by
Host: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QK0DvD9NAcAAAMA1gAFAQj86piLBhCToMyqnrqSqhoY3Zy6kIT_ptk8KjYJFSe1SBgbAkARQpa82pHT_z8ZAAAAwMzMCEAhVGv0eav3BEAplq31RULbB0AxAAAAgML14D8wz67IATiYAkCpOUgCUMDZgJIBWOS1A2AAaMDYOHjsxQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoClQF1ZignYScsIDE2OTQzNjgsIDE2MzQwODgzMTYpO3VmKCdpJywgNTYyNDM1NiwgMTYzNDA4ODMxNik7dWYoJ2cnLCAxNDQwODM3NixCOwAsYycsIDQ5MDUzNzE2RjwAMHInLCAzMDYxOTU2NDg2HwD0dQGSAtkEIVZIazdhUWlVZ0xJWEVNRFpnSklCR0FBZzVMVURNQUk0QUVBQVNLazVVTS11eUFGWUFHQzFCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQ3FnQkNyQUJBTGtCa2JTaXV3ZWdCRURCQWZLR1FDTkMyd2RBeVFFQUFBQ2dIcjBDUU5rQnRUZjR3bVNxNnpfZ0FhU2sxd0wxQVRNenN6LVlBZ0NnQWdTMUFnQUFBQUM5QWdBQUFBRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk0TGZSR3hBRUdBRXRPMFFRT3FJREV3aXdtTDhiRUFvWUFTMzE2QlZBTWdOMWJtdTZBd2xHVWtFeE9qVTNPREhnQTlJc2dBVFk0SmNHaUFUcjRKY0drQVFCbUFRQnNnUUpDTmIyZlJEMW9fNE11Z1FaQ08wSUViZ2VoZXRSdUw0X0dRQUFBQUFBQUFBQUlOYjJmY0VFdUI2RjYxRzR2al9KQgG_DQEYMkFRQThRUQ0OKEFBQUlnRmxTMnBCERMUUEFfc1FVARoJAThNRUZEbmNVRWdlZ0JFREouKAAAMC4oAAhOa0YJMchBQThEX2dCZDZaRXZBRnVMWHZCdmdGb0xWbmdnWURSVlZTaUFZQWtBWUJtQVlBb1FabVoFAjRiMlA2Z0dCTElHSkFrQRUBBEJFFQsIQUJrGQwAQx0YRExnR0NnLi6aApkBIWl4c19CZzpdAixPUzFBeUFBS0FBeFoFbZBabTlqODZDVVpTUVRFNk5UYzRNVURTTEVtMU5fakNaS3JyUDFFGW0ARh15MEdHNEhvWHJVYmktUDIdGABIHZEMSGdBaUVxAQHwaUR3UHcuLrICIDIyNUNFNURGRjEyMjZFMUMwQzE2RjUxMEYwNjA2RjY22AIB4AK7zlTqAhRodHRwczovL3d3dy5tc24uY29tL_ICEQoGQURWX0lEEgcxNjk0MzY48gISCgZDUEdfSUQSCDFtsBjyAgoKBUNQASgYATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFZAAeNOgDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8O0BMIADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA6YF4AMA6AMA-AMDgAQAkgQOL29wZW5ydGIyL21zZnSYBACiBA8yMTYuMTMxLjExNC4xMzmoBACyBAwIABAAGAAgADAAOAC4BADABI6ajyLIBADSBA43MzM3I0ZSQTE6NTc4MdoEAggB4AQA8ATA2YCSAfoEEgkAAAAgXw9JQBEAAACgkJIhQIgFAZgFAKAF____________AaoFIGFjMzM0M2E3NDllYjRiMGFiYzczNTNjOTFjNmRkMWE5wAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9s2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBrQl2gYWChAJERkBAdZM4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCfAwvwZAAMgH7MUF0gcNCRE6ATgI2gcGCSc44AcA6gcCCADwB-jXAvoHBfIFAQHyBQEEgghKFQA.&s=36069c9b62c4c075f428ce3d021c8d7856d2ebbb&pp=1.989153
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
f5bc7c3202018ea144f310a07efbc2d5576ed4caf1a144785dcc994975a4d795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23141
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/677702/56362512/ Frame 82ED 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/677702/56362512/skeleton.js
Requested by
Host: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QK0DvD9NAcAAAMA1gAFAQj86piLBhCToMyqnrqSqhoY3Zy6kIT_ptk8KjYJFSe1SBgbAkARQpa82pHT_z8ZAAAAwMzMCEAhVGv0eav3BEAplq31RULbB0AxAAAAgML14D8wz67IATiYAkCpOUgCUMDZgJIBWOS1A2AAaMDYOHjsxQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoClQF1ZignYScsIDE2OTQzNjgsIDE2MzQwODgzMTYpO3VmKCdpJywgNTYyNDM1NiwgMTYzNDA4ODMxNik7dWYoJ2cnLCAxNDQwODM3NixCOwAsYycsIDQ5MDUzNzE2RjwAMHInLCAzMDYxOTU2NDg2HwD0dQGSAtkEIVZIazdhUWlVZ0xJWEVNRFpnSklCR0FBZzVMVURNQUk0QUVBQVNLazVVTS11eUFGWUFHQzFCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQ3FnQkNyQUJBTGtCa2JTaXV3ZWdCRURCQWZLR1FDTkMyd2RBeVFFQUFBQ2dIcjBDUU5rQnRUZjR3bVNxNnpfZ0FhU2sxd0wxQVRNenN6LVlBZ0NnQWdTMUFnQUFBQUM5QWdBQUFBRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk0TGZSR3hBRUdBRXRPMFFRT3FJREV3aXdtTDhiRUFvWUFTMzE2QlZBTWdOMWJtdTZBd2xHVWtFeE9qVTNPREhnQTlJc2dBVFk0SmNHaUFUcjRKY0drQVFCbUFRQnNnUUpDTmIyZlJEMW9fNE11Z1FaQ08wSUViZ2VoZXRSdUw0X0dRQUFBQUFBQUFBQUlOYjJmY0VFdUI2RjYxRzR2al9KQgG_DQEYMkFRQThRUQ0OKEFBQUlnRmxTMnBCERMUUEFfc1FVARoJAThNRUZEbmNVRWdlZ0JFREouKAAAMC4oAAhOa0YJMchBQThEX2dCZDZaRXZBRnVMWHZCdmdGb0xWbmdnWURSVlZTaUFZQWtBWUJtQVlBb1FabVoFAjRiMlA2Z0dCTElHSkFrQRUBBEJFFQsIQUJrGQwAQx0YRExnR0NnLi6aApkBIWl4c19CZzpdAixPUzFBeUFBS0FBeFoFbZBabTlqODZDVVpTUVRFNk5UYzRNVURTTEVtMU5fakNaS3JyUDFFGW0ARh15MEdHNEhvWHJVYmktUDIdGABIHZEMSGdBaUVxAQHwaUR3UHcuLrICIDIyNUNFNURGRjEyMjZFMUMwQzE2RjUxMEYwNjA2RjY22AIB4AK7zlTqAhRodHRwczovL3d3dy5tc24uY29tL_ICEQoGQURWX0lEEgcxNjk0MzY48gISCgZDUEdfSUQSCDFtsBjyAgoKBUNQASgYATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFZAAeNOgDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8O0BMIADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA6YF4AMA6AMA-AMDgAQAkgQOL29wZW5ydGIyL21zZnSYBACiBA8yMTYuMTMxLjExNC4xMzmoBACyBAwIABAAGAAgADAAOAC4BADABI6ajyLIBADSBA43MzM3I0ZSQTE6NTc4MdoEAggB4AQA8ATA2YCSAfoEEgkAAAAgXw9JQBEAAACgkJIhQIgFAZgFAKAF____________AaoFIGFjMzM0M2E3NDllYjRiMGFiYzczNTNjOTFjNmRkMWE5wAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9s2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBrQl2gYWChAJERkBAdZM4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCfAwvwZAAMgH7MUF0gcNCRE6ATgI2gcGCSc44AcA6gcCCADwB-jXAvoHBfIFAQHyBQEEgghKFQA.&s=36069c9b62c4c075f428ce3d021c8d7856d2ebbb&pp=1.989153
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.139.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-139-130.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3d2982d8889bf478e37459abb936e4c731a787e31e1edee129d15e9ed0faf0be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
gzip
x-server-name
app23.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
u
d.lemonpi.io/ Frame 82ED 		49 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.lemonpi.io/u
Requested by
Host: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QK0DvD9NAcAAAMA1gAFAQj86piLBhCToMyqnrqSqhoY3Zy6kIT_ptk8KjYJFSe1SBgbAkARQpa82pHT_z8ZAAAAwMzMCEAhVGv0eav3BEAplq31RULbB0AxAAAAgML14D8wz67IATiYAkCpOUgCUMDZgJIBWOS1A2AAaMDYOHjsxQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoClQF1ZignYScsIDE2OTQzNjgsIDE2MzQwODgzMTYpO3VmKCdpJywgNTYyNDM1NiwgMTYzNDA4ODMxNik7dWYoJ2cnLCAxNDQwODM3NixCOwAsYycsIDQ5MDUzNzE2RjwAMHInLCAzMDYxOTU2NDg2HwD0dQGSAtkEIVZIazdhUWlVZ0xJWEVNRFpnSklCR0FBZzVMVURNQUk0QUVBQVNLazVVTS11eUFGWUFHQzFCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQ3FnQkNyQUJBTGtCa2JTaXV3ZWdCRURCQWZLR1FDTkMyd2RBeVFFQUFBQ2dIcjBDUU5rQnRUZjR3bVNxNnpfZ0FhU2sxd0wxQVRNenN6LVlBZ0NnQWdTMUFnQUFBQUM5QWdBQUFBRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk0TGZSR3hBRUdBRXRPMFFRT3FJREV3aXdtTDhiRUFvWUFTMzE2QlZBTWdOMWJtdTZBd2xHVWtFeE9qVTNPREhnQTlJc2dBVFk0SmNHaUFUcjRKY0drQVFCbUFRQnNnUUpDTmIyZlJEMW9fNE11Z1FaQ08wSUViZ2VoZXRSdUw0X0dRQUFBQUFBQUFBQUlOYjJmY0VFdUI2RjYxRzR2al9KQgG_DQEYMkFRQThRUQ0OKEFBQUlnRmxTMnBCERMUUEFfc1FVARoJAThNRUZEbmNVRWdlZ0JFREouKAAAMC4oAAhOa0YJMchBQThEX2dCZDZaRXZBRnVMWHZCdmdGb0xWbmdnWURSVlZTaUFZQWtBWUJtQVlBb1FabVoFAjRiMlA2Z0dCTElHSkFrQRUBBEJFFQsIQUJrGQwAQx0YRExnR0NnLi6aApkBIWl4c19CZzpdAixPUzFBeUFBS0FBeFoFbZBabTlqODZDVVpTUVRFNk5UYzRNVURTTEVtMU5fakNaS3JyUDFFGW0ARh15MEdHNEhvWHJVYmktUDIdGABIHZEMSGdBaUVxAQHwaUR3UHcuLrICIDIyNUNFNURGRjEyMjZFMUMwQzE2RjUxMEYwNjA2RjY22AIB4AK7zlTqAhRodHRwczovL3d3dy5tc24uY29tL_ICEQoGQURWX0lEEgcxNjk0MzY48gISCgZDUEdfSUQSCDFtsBjyAgoKBUNQASgYATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFZAAeNOgDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8O0BMIADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA6YF4AMA6AMA-AMDgAQAkgQOL29wZW5ydGIyL21zZnSYBACiBA8yMTYuMTMxLjExNC4xMzmoBACyBAwIABAAGAAgADAAOAC4BADABI6ajyLIBADSBA43MzM3I0ZSQTE6NTc4MdoEAggB4AQA8ATA2YCSAfoEEgkAAAAgXw9JQBEAAACgkJIhQIgFAZgFAKAF____________AaoFIGFjMzM0M2E3NDllYjRiMGFiYzczNTNjOTFjNmRkMWE5wAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9s2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBrQl2gYWChAJERkBAdZM4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCfAwvwZAAMgH7MUF0gcNCRE6ATgI2gcGCSc44AcA6gcCCADwB-jXAvoHBfIFAQHyBQEEgghKFQA.&s=36069c9b62c4c075f428ce3d021c8d7856d2ebbb&pp=1.989153
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.165.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-165-104.eu-west-1.compute.amazonaws.com
Software
openresty/1.15.8.1 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:17 GMT
Server
openresty/1.15.8.1
Access-Control-Allow-Methods
GET, POST
Content-Type
image/gif
Access-Control-Allow-Origin
*
cache-control
no-cache, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
49
v2
odr.mookie1.com/t/ Frame 82ED
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_876576%26src.visitorid%3D%25%25COOKIE%25%25
  • https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7018355880291793045&gdpr=0&gdpr_consent=
43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7018355880291793045&gdpr=0&gdpr_consent=
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:17 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://odr.mookie1.com/t/v2?tagid=V2_876576&src.visitorid=7018355880291793045&gdpr=0&gdpr_consent=
Date
Wed, 13 Oct 2021 01:25:17 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
rd_log
fra1-ib.adnxs.com/ Frame 82ED 		0
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKyDvD9MgcAAAMA1gAFAQj86piLBhCToMyqnrqSqhoY3Zy6kIT_ptk8KjYJFSe1SBgbAkARQpa82pHT_z8ZAAAAwMzMCEAhVGv0eav3BEAplq31RULbB0AxAAAAgML14D8wz67IATiYAkCpOUgCUMDZgJIBWOS1A2AAaMDYOHjsxQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoClQF1ZignYScsIDE2OTQzNjgsIDE2MzQwODgzMTYpO3VmKCdpJywgNTYyNDM1NiwgMTYzNDA4ODMxNik7dWYoJ2cnLCAxNDQwODM3NixCOwAsYycsIDQ5MDUzNzE2RjwAMHInLCAzMDYxOTU2NDg2HwD0dQGSAtkEIVZIazdhUWlVZ0xJWEVNRFpnSklCR0FBZzVMVURNQUk0QUVBQVNLazVVTS11eUFGWUFHQzFCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQ3FnQkNyQUJBTGtCa2JTaXV3ZWdCRURCQWZLR1FDTkMyd2RBeVFFQUFBQ2dIcjBDUU5rQnRUZjR3bVNxNnpfZ0FhU2sxd0wxQVRNenN6LVlBZ0NnQWdTMUFnQUFBQUM5QWdBQUFBRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk0TGZSR3hBRUdBRXRPMFFRT3FJREV3aXdtTDhiRUFvWUFTMzE2QlZBTWdOMWJtdTZBd2xHVWtFeE9qVTNPREhnQTlJc2dBVFk0SmNHaUFUcjRKY0drQVFCbUFRQnNnUUpDTmIyZlJEMW9fNE11Z1FaQ08wSUViZ2VoZXRSdUw0X0dRQUFBQUFBQUFBQUlOYjJmY0VFdUI2RjYxRzR2al9KQgG_DQEYMkFRQThRUQ0OKEFBQUlnRmxTMnBCERMUUEFfc1FVARoJAThNRUZEbmNVRWdlZ0JFREouKAAAMC4oAAhOa0YJMchBQThEX2dCZDZaRXZBRnVMWHZCdmdGb0xWbmdnWURSVlZTaUFZQWtBWUJtQVlBb1FabVoFAjRiMlA2Z0dCTElHSkFrQRUBBEJFFQsIQUJrGQwAQx0YRExnR0NnLi6aApkBIWl4c19CZzpdAixPUzFBeUFBS0FBeFoFbZBabTlqODZDVVpTUVRFNk5UYzRNVURTTEVtMU5fakNaS3JyUDFFGW0ARh15MEdHNEhvWHJVYmktUDIdGABIHZEMSGdBaUVxAQHwaUR3UHcuLrICIDIyNUNFNURGRjEyMjZFMUMwQzE2RjUxMEYwNjA2RjY22AIB4AK7zlTqAhRodHRwczovL3d3dy5tc24uY29tL_ICEQoGQURWX0lEEgcxNjk0MzY48gISCgZDUEdfSUQSCDFtsBjyAgoKBUNQASgYATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFZAAeNOgDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8O0BMIADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA6YF4AMA6AMA-AMDgAQAkgQOL29wZW5ydGIyL21zZnSYBACiBA8yMTYuMTMxLjExNC4xMzmoBACyBAwIABAAGAAgADAAOAK4BADABI6ajyLIBADSBA43MzM3I0ZSQTE6NTc4MdoEAggB4AQA8ATA2YCSAfoEEgkAAAAgXw9JQBEAAACgkJIhQIgFAZgFAKAF____________AaoFIGFjMzM0M2E3NDllYjRiMGFiYzczNTNjOTFjNmRkMWE5wAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9s2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBrQl2gYWChAJERkBAdZM4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCfAwvwZAAMgH7MUF0gcNCRE6ATgI2gcGCScw4AcA6gcCCADwBwD6BwXwBQEB8AUBBIIIShUA&s=80dd043b95398943d6381706d03e2345b211b44a&bdref=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp,https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&
Requested by
Host: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QK0DvD9NAcAAAMA1gAFAQj86piLBhCToMyqnrqSqhoY3Zy6kIT_ptk8KjYJFSe1SBgbAkARQpa82pHT_z8ZAAAAwMzMCEAhVGv0eav3BEAplq31RULbB0AxAAAAgML14D8wz67IATiYAkCpOUgCUMDZgJIBWOS1A2AAaMDYOHjsxQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoClQF1ZignYScsIDE2OTQzNjgsIDE2MzQwODgzMTYpO3VmKCdpJywgNTYyNDM1NiwgMTYzNDA4ODMxNik7dWYoJ2cnLCAxNDQwODM3NixCOwAsYycsIDQ5MDUzNzE2RjwAMHInLCAzMDYxOTU2NDg2HwD0dQGSAtkEIVZIazdhUWlVZ0xJWEVNRFpnSklCR0FBZzVMVURNQUk0QUVBQVNLazVVTS11eUFGWUFHQzFCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQ3FnQkNyQUJBTGtCa2JTaXV3ZWdCRURCQWZLR1FDTkMyd2RBeVFFQUFBQ2dIcjBDUU5rQnRUZjR3bVNxNnpfZ0FhU2sxd0wxQVRNenN6LVlBZ0NnQWdTMUFnQUFBQUM5QWdBQUFBRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk0TGZSR3hBRUdBRXRPMFFRT3FJREV3aXdtTDhiRUFvWUFTMzE2QlZBTWdOMWJtdTZBd2xHVWtFeE9qVTNPREhnQTlJc2dBVFk0SmNHaUFUcjRKY0drQVFCbUFRQnNnUUpDTmIyZlJEMW9fNE11Z1FaQ08wSUViZ2VoZXRSdUw0X0dRQUFBQUFBQUFBQUlOYjJmY0VFdUI2RjYxRzR2al9KQgG_DQEYMkFRQThRUQ0OKEFBQUlnRmxTMnBCERMUUEFfc1FVARoJAThNRUZEbmNVRWdlZ0JFREouKAAAMC4oAAhOa0YJMchBQThEX2dCZDZaRXZBRnVMWHZCdmdGb0xWbmdnWURSVlZTaUFZQWtBWUJtQVlBb1FabVoFAjRiMlA2Z0dCTElHSkFrQRUBBEJFFQsIQUJrGQwAQx0YRExnR0NnLi6aApkBIWl4c19CZzpdAixPUzFBeUFBS0FBeFoFbZBabTlqODZDVVpTUVRFNk5UYzRNVURTTEVtMU5fakNaS3JyUDFFGW0ARh15MEdHNEhvWHJVYmktUDIdGABIHZEMSGdBaUVxAQHwaUR3UHcuLrICIDIyNUNFNURGRjEyMjZFMUMwQzE2RjUxMEYwNjA2RjY22AIB4AK7zlTqAhRodHRwczovL3d3dy5tc24uY29tL_ICEQoGQURWX0lEEgcxNjk0MzY48gISCgZDUEdfSUQSCDFtsBjyAgoKBUNQASgYATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFZAAeNOgDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8O0BMIADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA6YF4AMA6AMA-AMDgAQAkgQOL29wZW5ydGIyL21zZnSYBACiBA8yMTYuMTMxLjExNC4xMzmoBACyBAwIABAAGAAgADAAOAC4BADABI6ajyLIBADSBA43MzM3I0ZSQTE6NTc4MdoEAggB4AQA8ATA2YCSAfoEEgkAAAAgXw9JQBEAAACgkJIhQIgFAZgFAKAF____________AaoFIGFjMzM0M2E3NDllYjRiMGFiYzczNTNjOTFjNmRkMWE5wAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9s2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBrQl2gYWChAJERkBAdZM4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCfAwvwZAAMgH7MUF0gcNCRE6ATgI2gcGCSc44AcA6gcCCADwB-jXAvoHBfIFAQHyBQEEgghKFQA.&s=36069c9b62c4c075f428ce3d021c8d7856d2ebbb&pp=1.989153
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:17 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
00df7794-b8b6-4165-800f-bb13030d20c0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
fra1-ib.adnxs.com/ Frame 82ED 		0
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKrDPD9KwYAAAMA1gAFAQj86piLBhCToMyqnrqSqhoY3Zy6kIT_ptk8KjYJFSe1SBgbAkARQpa82pHT_z8ZAAAAwMzMCEAhVGv0eav3BEAplq31RULbB0AxAAAAgML14D8wz67IATiYAkCpOUgCUMDZgJIBWOS1A2AAaMDYOHjsxQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoClQF1ZignYScsIDE2OTQzNjgsIDE2MzQwODgzMTYpO3VmKCdpJywgNTYyNDM1NiwgMTYzNDA4ODMxNik7dWYoJ2cnLCAxNDQwODM3NixCOwAsYycsIDQ5MDUzNzE2RjwAMHInLCAzMDYxOTU2NDg2HwD0dQGSAtkEIVZIazdhUWlVZ0xJWEVNRFpnSklCR0FBZzVMVURNQUk0QUVBQVNLazVVTS11eUFGWUFHQzFCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQ3FnQkNyQUJBTGtCa2JTaXV3ZWdCRURCQWZLR1FDTkMyd2RBeVFFQUFBQ2dIcjBDUU5rQnRUZjR3bVNxNnpfZ0FhU2sxd0wxQVRNenN6LVlBZ0NnQWdTMUFnQUFBQUM5QWdBQUFBRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk0TGZSR3hBRUdBRXRPMFFRT3FJREV3aXdtTDhiRUFvWUFTMzE2QlZBTWdOMWJtdTZBd2xHVWtFeE9qVTNPREhnQTlJc2dBVFk0SmNHaUFUcjRKY0drQVFCbUFRQnNnUUpDTmIyZlJEMW9fNE11Z1FaQ08wSUViZ2VoZXRSdUw0X0dRQUFBQUFBQUFBQUlOYjJmY0VFdUI2RjYxRzR2al9KQgG_DQEYMkFRQThRUQ0OKEFBQUlnRmxTMnBCERMUUEFfc1FVARoJAThNRUZEbmNVRWdlZ0JFREouKAAAMC4oAAhOa0YJMchBQThEX2dCZDZaRXZBRnVMWHZCdmdGb0xWbmdnWURSVlZTaUFZQWtBWUJtQVlBb1FabVoFAjRiMlA2Z0dCTElHSkFrQRUBBEJFFQsIQUJrGQwAQx0YRExnR0NnLi6aApkBIWl4c19CZzpdAixPUzFBeUFBS0FBeFoFbZBabTlqODZDVVpTUVRFNk5UYzRNVURTTEVtMU5fakNaS3JyUDFFGW0ARh15MEdHNEhvWHJVYmktUDIdGABIHZEMSGdBaUVxAQH0aQFEd1B3Li6yAiAyMjVDRTVERkYxMjI2RTFDMEMxNkY1MTBGMDYwNkY2NtgCAeACu85U6gIUaHR0cHM6Ly93d3cubXNuLmNvbS-AAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOmBeADAOgDAPgDA4AEAJIEDi9vcGVucnRiMi9tc2Z0mAQAogQPMjE2LjEzMS4xMTQuMTM5qAQAsgQMCAAQABgAIAAwADgCuAQAwASOmo8iyAQA0gQONzMzNyNGUkExOjU3ODHaBAIIAeAEAPAEwNmAkgH6BBIJAAAAIF8PSUARAAAAoJCSIUCIBQGYBQCgBf___________wGqBSBhYzMzNDNhNzQ5ZWI0YjBhYmM3MzUzYzkxYzZkZDFhOcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYUB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBrQl2gYWChAAAAAAAAkWBQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaQCAAMAA4vwZAAMgH7MUF0gcNAcwFAQE4CNoHBgknNOAHAOoHAggA8AcA-gcSFSQAEQUqEAAAAIIIShUA&s=b1bfeaf88a3a44e431b260c54714f8eb517a0a91
Requested by
Host: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QK0DvD9NAcAAAMA1gAFAQj86piLBhCToMyqnrqSqhoY3Zy6kIT_ptk8KjYJFSe1SBgbAkARQpa82pHT_z8ZAAAAwMzMCEAhVGv0eav3BEAplq31RULbB0AxAAAAgML14D8wz67IATiYAkCpOUgCUMDZgJIBWOS1A2AAaMDYOHjsxQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoClQF1ZignYScsIDE2OTQzNjgsIDE2MzQwODgzMTYpO3VmKCdpJywgNTYyNDM1NiwgMTYzNDA4ODMxNik7dWYoJ2cnLCAxNDQwODM3NixCOwAsYycsIDQ5MDUzNzE2RjwAMHInLCAzMDYxOTU2NDg2HwD0dQGSAtkEIVZIazdhUWlVZ0xJWEVNRFpnSklCR0FBZzVMVURNQUk0QUVBQVNLazVVTS11eUFGWUFHQzFCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQ3FnQkNyQUJBTGtCa2JTaXV3ZWdCRURCQWZLR1FDTkMyd2RBeVFFQUFBQ2dIcjBDUU5rQnRUZjR3bVNxNnpfZ0FhU2sxd0wxQVRNenN6LVlBZ0NnQWdTMUFnQUFBQUM5QWdBQUFBRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk0TGZSR3hBRUdBRXRPMFFRT3FJREV3aXdtTDhiRUFvWUFTMzE2QlZBTWdOMWJtdTZBd2xHVWtFeE9qVTNPREhnQTlJc2dBVFk0SmNHaUFUcjRKY0drQVFCbUFRQnNnUUpDTmIyZlJEMW9fNE11Z1FaQ08wSUViZ2VoZXRSdUw0X0dRQUFBQUFBQUFBQUlOYjJmY0VFdUI2RjYxRzR2al9KQgG_DQEYMkFRQThRUQ0OKEFBQUlnRmxTMnBCERMUUEFfc1FVARoJAThNRUZEbmNVRWdlZ0JFREouKAAAMC4oAAhOa0YJMchBQThEX2dCZDZaRXZBRnVMWHZCdmdGb0xWbmdnWURSVlZTaUFZQWtBWUJtQVlBb1FabVoFAjRiMlA2Z0dCTElHSkFrQRUBBEJFFQsIQUJrGQwAQx0YRExnR0NnLi6aApkBIWl4c19CZzpdAixPUzFBeUFBS0FBeFoFbZBabTlqODZDVVpTUVRFNk5UYzRNVURTTEVtMU5fakNaS3JyUDFFGW0ARh15MEdHNEhvWHJVYmktUDIdGABIHZEMSGdBaUVxAQHwaUR3UHcuLrICIDIyNUNFNURGRjEyMjZFMUMwQzE2RjUxMEYwNjA2RjY22AIB4AK7zlTqAhRodHRwczovL3d3dy5tc24uY29tL_ICEQoGQURWX0lEEgcxNjk0MzY48gISCgZDUEdfSUQSCDFtsBjyAgoKBUNQASgYATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFZAAeNOgDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8O0BMIADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA6YF4AMA6AMA-AMDgAQAkgQOL29wZW5ydGIyL21zZnSYBACiBA8yMTYuMTMxLjExNC4xMzmoBACyBAwIABAAGAAgADAAOAC4BADABI6ajyLIBADSBA43MzM3I0ZSQTE6NTc4MdoEAggB4AQA8ATA2YCSAfoEEgkAAAAgXw9JQBEAAACgkJIhQIgFAZgFAKAF____________AaoFIGFjMzM0M2E3NDllYjRiMGFiYzczNTNjOTFjNmRkMWE5wAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9s2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBrQl2gYWChAJERkBAdZM4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCfAwvwZAAMgH7MUF0gcNCRE6ATgI2gcGCSc44AcA6gcCCADwB-jXAvoHBfIFAQHyBQEEgghKFQA.&s=36069c9b62c4c075f428ce3d021c8d7856d2ebbb&pp=1.989153
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:17 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
09fdee08-c16b-4c8f-afda-31683e9b8539
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/217/ Frame 82ED 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/217/trk.js
Requested by
Host: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QK0DvD9NAcAAAMA1gAFAQj86piLBhCToMyqnrqSqhoY3Zy6kIT_ptk8KjYJFSe1SBgbAkARQpa82pHT_z8ZAAAAwMzMCEAhVGv0eav3BEAplq31RULbB0AxAAAAgML14D8wz67IATiYAkCpOUgCUMDZgJIBWOS1A2AAaMDYOHjsxQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoClQF1ZignYScsIDE2OTQzNjgsIDE2MzQwODgzMTYpO3VmKCdpJywgNTYyNDM1NiwgMTYzNDA4ODMxNik7dWYoJ2cnLCAxNDQwODM3NixCOwAsYycsIDQ5MDUzNzE2RjwAMHInLCAzMDYxOTU2NDg2HwD0dQGSAtkEIVZIazdhUWlVZ0xJWEVNRFpnSklCR0FBZzVMVURNQUk0QUVBQVNLazVVTS11eUFGWUFHQzFCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQ3FnQkNyQUJBTGtCa2JTaXV3ZWdCRURCQWZLR1FDTkMyd2RBeVFFQUFBQ2dIcjBDUU5rQnRUZjR3bVNxNnpfZ0FhU2sxd0wxQVRNenN6LVlBZ0NnQWdTMUFnQUFBQUM5QWdBQUFBRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk0TGZSR3hBRUdBRXRPMFFRT3FJREV3aXdtTDhiRUFvWUFTMzE2QlZBTWdOMWJtdTZBd2xHVWtFeE9qVTNPREhnQTlJc2dBVFk0SmNHaUFUcjRKY0drQVFCbUFRQnNnUUpDTmIyZlJEMW9fNE11Z1FaQ08wSUViZ2VoZXRSdUw0X0dRQUFBQUFBQUFBQUlOYjJmY0VFdUI2RjYxRzR2al9KQgG_DQEYMkFRQThRUQ0OKEFBQUlnRmxTMnBCERMUUEFfc1FVARoJAThNRUZEbmNVRWdlZ0JFREouKAAAMC4oAAhOa0YJMchBQThEX2dCZDZaRXZBRnVMWHZCdmdGb0xWbmdnWURSVlZTaUFZQWtBWUJtQVlBb1FabVoFAjRiMlA2Z0dCTElHSkFrQRUBBEJFFQsIQUJrGQwAQx0YRExnR0NnLi6aApkBIWl4c19CZzpdAixPUzFBeUFBS0FBeFoFbZBabTlqODZDVVpTUVRFNk5UYzRNVURTTEVtMU5fakNaS3JyUDFFGW0ARh15MEdHNEhvWHJVYmktUDIdGABIHZEMSGdBaUVxAQHwaUR3UHcuLrICIDIyNUNFNURGRjEyMjZFMUMwQzE2RjUxMEYwNjA2RjY22AIB4AK7zlTqAhRodHRwczovL3d3dy5tc24uY29tL_ICEQoGQURWX0lEEgcxNjk0MzY48gISCgZDUEdfSUQSCDFtsBjyAgoKBUNQASgYATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8IQ1BHFQ8QCwoHQ1AVDhAQCgVJTwFZAAeNOgDyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8O0BMIADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA6YF4AMA6AMA-AMDgAQAkgQOL29wZW5ydGIyL21zZnSYBACiBA8yMTYuMTMxLjExNC4xMzmoBACyBAwIABAAGAAgADAAOAC4BADABI6ajyLIBADSBA43MzM3I0ZSQTE6NTc4MdoEAggB4AQA8ATA2YCSAfoEEgkAAAAgXw9JQBEAAACgkJIhQIgFAZgFAKAF____________AaoFIGFjMzM0M2E3NDllYjRiMGFiYzczNTNjOTFjNmRkMWE5wAUAyQUAAAAAAADwP9IFCQkAAAAAAQ9s2AUB4AUB8AWFAfoFBAgAEACQBgCYBgC4BgDBBgEgMAAA8D_QBrQl2gYWChAJERkBAdZM4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCfAwvwZAAMgH7MUF0gcNCRE6ATgI2gcGCSc44AcA6gcCCADwB-jXAvoHBfIFAQHyBQEEgghKFQA.&s=36069c9b62c4c075f428ce3d021c8d7856d2ebbb&pp=1.989153
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d450cb09bfdfb2712a08158c7afd6863c616dadfb632023199c75b75782c23d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Sep 2021 08:36:54 GMT
Server
AkamaiNetStorage
ETag
"68277f83cbab253ca48962032df81624:1632818214.66988"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29380
Expires
Thu, 13 Oct 2022 01:25:17 GMT
ab
ams1-ib.adnxs.com/ Frame ED39 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKODfD9jgYAAAMA1gAFAQj86piLBhD_lJuL853MmH0YjNKt5auGtvJLKjYJWrBL3SZs2j8RShEZfk3W2D8ZAAAA4KNwEkAhwH0dOGdE2T8p4noUrkfh2j8xAAAAgD0K5z8wpqaAAjiYAkDyVkgCUIyyuJUBWOS1A2AAaK2QZXittQWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJZdWYoJ2EnLCA0MDg1MDU0LCAxNjM0MDg4MzE2KTt1ZignaScsIDYzNzg1MTIsIDE2MzQwODgzMTYpO3VmKCdyJywgMzEzMzk5NTY0LCAuHwDwi5IC8QMhZEZ4MGV3ajFxZlVXRUl5eXVKVUJHQUFnNUxVRE1BQTRBRUFBU1BKV1VLYW1nQUpZQUdEVUFtZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJBYWdCQWJBQkFMa0JibG9PaTBqaDJqX0JBVzVhRG90STRkb195UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FaQ29oUVAxQVQwSzF6NllBZ0NnQWdHMUFnASMEQzkJCPBGRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE5UbmdBOUlzZ0FUNnBQb0dpQVR4M3Z3R2tBUUFtQVFCd1FRQUEBUwEBCE1rRQEHCQEYRFlCQUR4QgkNBQEcaUFXX0lLa0YFDRxBQUE4RC14Qh0_NHdRWGhlaFN1Ui1IYVA4LigABF9SLigACDJRVQE_BEFBAfi4LUFGa01nQzhBWFpyYmtHLUFXLXF2a0JnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYmgVYCQ2Z0dCTElHSkFrAUkJAQBCHb8EQmsJFAEBAEMdGEBMZ0dDZy4umgKZASFCeFVDRj71AaBPUzFBeUFBS0FBeDRYb1Vya2ZoMmo4NkNVRk5VekU2TkRFMU9VRFNMRRFhDER3UDEdYQBGERgMQUFBRx0YAEcdGABIHRgMSGdBaS4JAvCfdy4usgIgMjI1Q0U1REZGMTIyNkUxQzBDMTZGNTEwRjA2MDZGNjbYAgHgArvOVOoCFGh0dHBzOi8vd3d3Lm1zbi5jb20v8gIRCgZBRFZfSUQSBzQwODUwNTTyAhIKBkNQR19JRBIIMTM1MjI2NDnyAgoKBUNQX0lEEgEw8gINCghBRFZfRlJFURIBMPICDQoIUkVNX1VTRVISATDyAgwKCAFWFENPREUSAAUPCENQRxUPEAsKB0NQFQ4QEAoFSU8FgRw2Mzc4NTEy8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfDtATCAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOmBeADAOgDAPgDA4AEAJIEDi9vcGVucnRiMi9tc2Z0mAQAogQPMjE2LjEzMS4xMTQuMTM5qAQAsgQMCAAQABgAIAAwADgAuAQAwASl8vwgyAQA0gQPMTExMjIjQU1TMTo0MTU52gQCCAHgBADwBIyyuJUB-gQSCQAAACBfD0lAEQAAAKCQkiFAiAUBmAUAoAX___________8BqgUgZDhjMDZkOTNiZmYwNDIzOGJiYTUyNjY4Y2RkMGVmYjDABQDJBQAAAAAAAPA_0gUJCQAAAAUPaNgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgUgLADwP9AGkkLaBhYKEAkRGQEB1kzgBgHyBgIIAIAHAYgHAKAHAboHDwFIABgJ8DC_BkAAyAettQXSBw0JEToBOAjaBwYJJzzgBwDqBwIIAPAH6NcC-gcSFSYAEREvBIIIShUA&s=fb8282cf36d3c3f534e2e9455059e08e7bdd42a0&pp=0.38808
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=MSNUSEN15&tp=msft_muid%3D225CE5DFF1226E1C0C16F510F0606F66!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dhomepage!msft_rid%3Dae165b70a85c49aba9db9af737448f0c!msft_year%3D!msft_asid%3D1634088316321|611572499606302500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e5b333f480bbfcb3f0190c54b77670ff9d97a9af9c72aec3d21bd3b4cfb5885d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:17 GMT
Content-Encoding
gzip
X-Creative-ID
313399564
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cdb3ef5b-ea2a-4fad-8832-5d4d41f6692f
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adEvent.do
prod-m-node-3113.ssp.advertising.com/admax/ Frame ED39 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.advertising.com/admax/adEvent.do?tidi=770909769&dcn=8a9691540170705f2c9b79e3c17000d5&posi=986526&grp=%3F%3F%3F&nl=1634088317071&rts=1634088316826&pix=1&et=1&a=6258e02d4b5d464a8a0c4ee0335c9329&m=aXAtMTAtMjItMTAxLTM0&p=MC4wMDAzODgwOA&b=MTMxMzg7MTExMjI7ZXhhbXBsZS5jb207Ozs7ZDhjMDZkOTNiZmYwNDIzOGJiYTUyNjY4Y2RkMGVmYjA7Mjk1OTk3MzU7MTYzNDA4NTAwMTs7MC4wMDAzODgwODs7MDs7MzEzMzk5NTY0OzIwMGQ3NzUwNzhkNmE1ZjhlZWNlZDhhNzUwMjIyMzk3OGEyNzI3MDM7MQ..&uid=y-OHDHr0VE2upQMusfL2SM3d5sw5rM%7EA&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxNw..&xoi=MHxERVU.&af=6&dety=2
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=MSNUSEN15&tp=msft_muid%3D225CE5DFF1226E1C0C16F510F0606F66!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dhomepage!msft_rid%3Dae165b70a85c49aba9db9af737448f0c!msft_year%3D!msft_asid%3D1634088316321|611572499606302500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.68.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-68-138.eu-central-1.compute.amazonaws.com
Software
nginx/1.20.1 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 17:56:26 GMT
server
nginx/1.20.1
accept-ranges
bytes
content-length
43
content-type
image/gif
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame ED39 		19 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,55940,58294,55953,58292,58160,55829,55859,55986,57926,55965,55939&referrer=www.msn.com&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=MSNUSEN15&tp=msft_muid%3D225CE5DFF1226E1C0C16F510F0606F66!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dhomepage!msft_rid%3Dae165b70a85c49aba9db9af737448f0c!msft_year%3D!msft_asid%3D1634088316321|611572499606302500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:17 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
talon-1.0.37.js
cdn.js7k.com/ix/ Frame ED39 		76 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.37.js
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=MSNUSEN15&tp=msft_muid%3D225CE5DFF1226E1C0C16F510F0606F66!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Dhomepage!msft_rid%3Dae165b70a85c49aba9db9af737448f0c!msft_year%3D!msft_asid%3D1634088316321|611572499606302500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.22 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 00:18:29 GMT
x-content-type-options
nosniff
age
4009
x-amz-server-side-encryption
AES256
content-length
78331
x-amz-id-2
WKeCw+ZF21M9LCFVL/tqh+UQ9VeEQNAEI9Sn93nwUwWX81i+mX/lXoEc0RFdDRsch2opkPXOZmw=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 10 Aug 2021 15:57:38 GMT
server
ATS
etag
"89552f1206dff50a36eaa1887718e2c3"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
45HWB8MD46XBAFCG
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 82ED 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 11:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51567
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Oct 2021 11:05:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/ Frame 82ED 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211011/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N526601.2621703GROUPMCOMPETENCEC/B25554596.310902695;gdpr=0;gdpr_consent=;sz=300x250;ord=753143784;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;click=https://fra1-ib.adnxs.com/click?FSe1SBgbAkBClrzakdP_PwAAAMDMzAhAVGv0eav3BECWrfVFQtsHQBMQU-XRSVQaXY4OQvibsjx8NWZhAAAAAE8XMgAYAQAAqRwAAAIAAADALEAS5NoAAAAAAABVU0QAVVNEACwB-gBALAAAAAABAgUCAAAAAJwA7iEo_wAAAAA./bcr=AAAAAAAA8D8=/cnd=%21ixs_BgiUgLIXEMDZgJIBGOS1AyAAKAAxZmZmZmZm9j86CUZSQTE6NTc4MUDSLEm1N_jCZKrrP1EAAAAAAAAAAFkAAAAAAAAAAGG4HoXrUbi-P2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMzNyNGUkExOjU3ODE=/bn=90860/clickenc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 00:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 00:36:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 82ED 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 11 Oct 2021 10:04:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141625
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 11 Oct 2022 10:04:52 GMT
script.js
acdn.adnxs-simple.com/strikeforce/ Frame ED39 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: ams1-ib.adnxs.com
URL: https://ams1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKODfD9jgYAAAMA1gAFAQj86piLBhD_lJuL853MmH0YjNKt5auGtvJLKjYJWrBL3SZs2j8RShEZfk3W2D8ZAAAA4KNwEkAhwH0dOGdE2T8p4noUrkfh2j8xAAAAgD0K5z8wpqaAAjiYAkDyVkgCUIyyuJUBWOS1A2AAaK2QZXittQWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJZdWYoJ2EnLCA0MDg1MDU0LCAxNjM0MDg4MzE2KTt1ZignaScsIDYzNzg1MTIsIDE2MzQwODgzMTYpO3VmKCdyJywgMzEzMzk5NTY0LCAuHwDwi5IC8QMhZEZ4MGV3ajFxZlVXRUl5eXVKVUJHQUFnNUxVRE1BQTRBRUFBU1BKV1VLYW1nQUpZQUdEVUFtZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJBYWdCQWJBQkFMa0JibG9PaTBqaDJqX0JBVzVhRG90STRkb195UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FaQ29oUVAxQVQwSzF6NllBZ0NnQWdHMUFnASMEQzkJCPBGRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE5UbmdBOUlzZ0FUNnBQb0dpQVR4M3Z3R2tBUUFtQVFCd1FRQUEBUwEBCE1rRQEHCQEYRFlCQUR4QgkNBQEcaUFXX0lLa0YFDRxBQUE4RC14Qh0_NHdRWGhlaFN1Ui1IYVA4LigABF9SLigACDJRVQE_BEFBAfi4LUFGa01nQzhBWFpyYmtHLUFXLXF2a0JnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYmgVYCQ2Z0dCTElHSkFrAUkJAQBCHb8EQmsJFAEBAEMdGEBMZ0dDZy4umgKZASFCeFVDRj71AaBPUzFBeUFBS0FBeDRYb1Vya2ZoMmo4NkNVRk5VekU2TkRFMU9VRFNMRRFhDER3UDEdYQBGERgMQUFBRx0YAEcdGABIHRgMSGdBaS4JAvCfdy4usgIgMjI1Q0U1REZGMTIyNkUxQzBDMTZGNTEwRjA2MDZGNjbYAgHgArvOVOoCFGh0dHBzOi8vd3d3Lm1zbi5jb20v8gIRCgZBRFZfSUQSBzQwODUwNTTyAhIKBkNQR19JRBIIMTM1MjI2NDnyAgoKBUNQX0lEEgEw8gINCghBRFZfRlJFURIBMPICDQoIUkVNX1VTRVISATDyAgwKCAFWFENPREUSAAUPCENQRxUPEAsKB0NQFQ4QEAoFSU8FgRw2Mzc4NTEy8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfDtATCAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOmBeADAOgDAPgDA4AEAJIEDi9vcGVucnRiMi9tc2Z0mAQAogQPMjE2LjEzMS4xMTQuMTM5qAQAsgQMCAAQABgAIAAwADgAuAQAwASl8vwgyAQA0gQPMTExMjIjQU1TMTo0MTU52gQCCAHgBADwBIyyuJUB-gQSCQAAACBfD0lAEQAAAKCQkiFAiAUBmAUAoAX___________8BqgUgZDhjMDZkOTNiZmYwNDIzOGJiYTUyNjY4Y2RkMGVmYjDABQDJBQAAAAAAAPA_0gUJCQAAAAUPaNgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgUgLADwP9AGkkLaBhYKEAkRGQEB1kzgBgHyBgIIAIAHAYgHAKAHAboHDwFIABgJ8DC_BkAAyAettQXSBw0JEToBOAjaBwYJJzzgBwDqBwIIAPAH6NcC-gcSFSYAEREvBIIIShUA&s=fb8282cf36d3c3f534e2e9455059e08e7bdd42a0&pp=0.38808
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9beca840b30066fbb5a4aa67e434ec99b749b784618a7ef01812dea52f215098

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:17 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Sep 2021 13:00:25 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"614b28e9-1d981"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
40451
Expires
Thu, 14 Oct 2021 01:25:19 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame ED39
Redirect Chain
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js;ord=1542435789
  • https://securepubads.g.doubleclick.net/tag/js/gpt.js
79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
f13f628307a1e10b9cfff1a13d31dfa97c6657ec8d29f8fd3c7fab55077b0195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1014 / 889 of 1000 / last-modified: 1634076306"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27015
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Oct 2021 01:25:17 GMT

Redirect headers

date
Wed, 13 Oct 2021 01:25:17 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://securepubads.g.doubleclick.net/tag/js/gpt.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Wed, 13 Oct 2021 01:55:17 GMT
rd_log
ams1-ib.adnxs.com/ Frame ED39 		0
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKMDfD9jAYAAAMA1gAFAQj86piLBhD_lJuL853MmH0YjNKt5auGtvJLKjYJWrBL3SZs2j8RShEZfk3W2D8ZAAAA4KNwEkAhwH0dOGdE2T8p4noUrkfh2j8xAAAAgD0K5z8wpqaAAjiYAkDyVkgCUIyyuJUBWOS1A2AAaK2QZXittQWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJZdWYoJ2EnLCA0MDg1MDU0LCAxNjM0MDg4MzE2KTt1ZignaScsIDYzNzg1MTIsIDE2MzQwODgzMTYpO3VmKCdyJywgMzEzMzk5NTY0LCAuHwDwi5IC8QMhZEZ4MGV3ajFxZlVXRUl5eXVKVUJHQUFnNUxVRE1BQTRBRUFBU1BKV1VLYW1nQUpZQUdEVUFtZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJBYWdCQWJBQkFMa0JibG9PaTBqaDJqX0JBVzVhRG90STRkb195UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FaQ29oUVAxQVQwSzF6NllBZ0NnQWdHMUFnASMEQzkJCPBGRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE5UbmdBOUlzZ0FUNnBQb0dpQVR4M3Z3R2tBUUFtQVFCd1FRQUEBUwEBCE1rRQEHCQEYRFlCQUR4QgkNBQEcaUFXX0lLa0YFDRxBQUE4RC14Qh0_NHdRWGhlaFN1Ui1IYVA4LigABF9SLigACDJRVQE_BEFBAfi4LUFGa01nQzhBWFpyYmtHLUFXLXF2a0JnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYmgVYCQ2Z0dCTElHSkFrAUkJAQBCHb8EQmsJFAEBAEMdGEBMZ0dDZy4umgKZASFCeFVDRj71AaBPUzFBeUFBS0FBeDRYb1Vya2ZoMmo4NkNVRk5VekU2TkRFMU9VRFNMRRFhDER3UDEdYQBGERgMQUFBRx0YAEcdGABIHRgMSGdBaS4JAvCfdy4usgIgMjI1Q0U1REZGMTIyNkUxQzBDMTZGNTEwRjA2MDZGNjbYAgHgArvOVOoCFGh0dHBzOi8vd3d3Lm1zbi5jb20v8gIRCgZBRFZfSUQSBzQwODUwNTTyAhIKBkNQR19JRBIIMTM1MjI2NDnyAgoKBUNQX0lEEgEw8gINCghBRFZfRlJFURIBMPICDQoIUkVNX1VTRVISATDyAgwKCAFWFENPREUSAAUPCENQRxUPEAsKB0NQFQ4QEAoFSU8FgRw2Mzc4NTEy8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfDtATCAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOmBeADAOgDAPgDA4AEAJIEDi9vcGVucnRiMi9tc2Z0mAQAogQPMjE2LjEzMS4xMTQuMTM5qAQAsgQMCAAQABgAIAAwADgCuAQAwASl8vwgyAQA0gQPMTExMjIjQU1TMTo0MTU52gQCCAHgBADwBIyyuJUB-gQSCQAAACBfD0lAEQAAAKCQkiFAiAUBmAUAoAX___________8BqgUgZDhjMDZkOTNiZmYwNDIzOGJiYTUyNjY4Y2RkMGVmYjDABQDJBQAAAAAAAPA_0gUJCQAAAAUPaNgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgUgLADwP9AGkkLaBhYKEAkRGQEB1kzgBgHyBgIIAIAHAYgHAKAHAboHDwFIABgJ8DC_BkAAyAettQXSBw0JEToBOAjaBwYJJzTgBwDqBwIIAPAHAPoHEhUkABERLQSCCEoVAA..&s=5b4a54a45d138684e61f49b5eeba85f228c445a7&bdref=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp,https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&
Requested by
Host: ams1-ib.adnxs.com
URL: https://ams1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKODfD9jgYAAAMA1gAFAQj86piLBhD_lJuL853MmH0YjNKt5auGtvJLKjYJWrBL3SZs2j8RShEZfk3W2D8ZAAAA4KNwEkAhwH0dOGdE2T8p4noUrkfh2j8xAAAAgD0K5z8wpqaAAjiYAkDyVkgCUIyyuJUBWOS1A2AAaK2QZXittQWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJZdWYoJ2EnLCA0MDg1MDU0LCAxNjM0MDg4MzE2KTt1ZignaScsIDYzNzg1MTIsIDE2MzQwODgzMTYpO3VmKCdyJywgMzEzMzk5NTY0LCAuHwDwi5IC8QMhZEZ4MGV3ajFxZlVXRUl5eXVKVUJHQUFnNUxVRE1BQTRBRUFBU1BKV1VLYW1nQUpZQUdEVUFtZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJBYWdCQWJBQkFMa0JibG9PaTBqaDJqX0JBVzVhRG90STRkb195UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FaQ29oUVAxQVQwSzF6NllBZ0NnQWdHMUFnASMEQzkJCPBGRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE5UbmdBOUlzZ0FUNnBQb0dpQVR4M3Z3R2tBUUFtQVFCd1FRQUEBUwEBCE1rRQEHCQEYRFlCQUR4QgkNBQEcaUFXX0lLa0YFDRxBQUE4RC14Qh0_NHdRWGhlaFN1Ui1IYVA4LigABF9SLigACDJRVQE_BEFBAfi4LUFGa01nQzhBWFpyYmtHLUFXLXF2a0JnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYmgVYCQ2Z0dCTElHSkFrAUkJAQBCHb8EQmsJFAEBAEMdGEBMZ0dDZy4umgKZASFCeFVDRj71AaBPUzFBeUFBS0FBeDRYb1Vya2ZoMmo4NkNVRk5VekU2TkRFMU9VRFNMRRFhDER3UDEdYQBGERgMQUFBRx0YAEcdGABIHRgMSGdBaS4JAvCfdy4usgIgMjI1Q0U1REZGMTIyNkUxQzBDMTZGNTEwRjA2MDZGNjbYAgHgArvOVOoCFGh0dHBzOi8vd3d3Lm1zbi5jb20v8gIRCgZBRFZfSUQSBzQwODUwNTTyAhIKBkNQR19JRBIIMTM1MjI2NDnyAgoKBUNQX0lEEgEw8gINCghBRFZfRlJFURIBMPICDQoIUkVNX1VTRVISATDyAgwKCAFWFENPREUSAAUPCENQRxUPEAsKB0NQFQ4QEAoFSU8FgRw2Mzc4NTEy8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfDtATCAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOmBeADAOgDAPgDA4AEAJIEDi9vcGVucnRiMi9tc2Z0mAQAogQPMjE2LjEzMS4xMTQuMTM5qAQAsgQMCAAQABgAIAAwADgAuAQAwASl8vwgyAQA0gQPMTExMjIjQU1TMTo0MTU52gQCCAHgBADwBIyyuJUB-gQSCQAAACBfD0lAEQAAAKCQkiFAiAUBmAUAoAX___________8BqgUgZDhjMDZkOTNiZmYwNDIzOGJiYTUyNjY4Y2RkMGVmYjDABQDJBQAAAAAAAPA_0gUJCQAAAAUPaNgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgUgLADwP9AGkkLaBhYKEAkRGQEB1kzgBgHyBgIIAIAHAYgHAKAHAboHDwFIABgJ8DC_BkAAyAettQXSBw0JEToBOAjaBwYJJzzgBwDqBwIIAPAH6NcC-gcSFSYAEREvBIIIShUA&s=fb8282cf36d3c3f534e2e9455059e08e7bdd42a0&pp=0.38808
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:17 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cbc9f01b-b1e8-4fe4-9e35-09af126ff957
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
ams1-ib.adnxs.com/ Frame ED39 		0
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKFC_D9hQUAAAMA1gAFAQj86piLBhD_lJuL853MmH0YjNKt5auGtvJLKjYJWrBL3SZs2j8RShEZfk3W2D8ZAAAA4KNwEkAhwH0dOGdE2T8p4noUrkfh2j8xAAAAgD0K5z8wpqaAAjiYAkDyVkgCUIyyuJUBWOS1A2AAaK2QZXittQWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJZdWYoJ2EnLCA0MDg1MDU0LCAxNjM0MDg4MzE2KTt1ZignaScsIDYzNzg1MTIsIDE2MzQwODgzMTYpO3VmKCdyJywgMzEzMzk5NTY0LCAuHwDwi5IC8QMhZEZ4MGV3ajFxZlVXRUl5eXVKVUJHQUFnNUxVRE1BQTRBRUFBU1BKV1VLYW1nQUpZQUdEVUFtZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJBYWdCQWJBQkFMa0JibG9PaTBqaDJqX0JBVzVhRG90STRkb195UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FaQ29oUVAxQVQwSzF6NllBZ0NnQWdHMUFnASMEQzkJCPBGRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE5UbmdBOUlzZ0FUNnBQb0dpQVR4M3Z3R2tBUUFtQVFCd1FRQUEBUwEBCE1rRQEHCQEYRFlCQUR4QgkNBQEcaUFXX0lLa0YFDRxBQUE4RC14Qh0_NHdRWGhlaFN1Ui1IYVA4LigABF9SLigACDJRVQE_BEFBAfi4LUFGa01nQzhBWFpyYmtHLUFXLXF2a0JnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYmgVYCQ2Z0dCTElHSkFrAUkJAQBCHb8EQmsJFAEBAEMdGEBMZ0dDZy4umgKZASFCeFVDRj71AaBPUzFBeUFBS0FBeDRYb1Vya2ZoMmo4NkNVRk5VekU2TkRFMU9VRFNMRRFhDER3UDEdYQBGERgMQUFBRx0YAEcdGABIHRgMSGdBaS4JAvSoAXcuLrICIDIyNUNFNURGRjEyMjZFMUMwQzE2RjUxMEYwNjA2RjY22AIB4AK7zlTqAhRodHRwczovL3d3dy5tc24uY29tL4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA6YF4AMA6AMA-AMDgAQAkgQOL29wZW5ydGIyL21zZnSYBACiBA8yMTYuMTMxLjExNC4xMzmoBACyBAwIABAAGAAgADAAOAK4BADABKXy_CDIBADSBA8xMTEyMiNBTVMxOjQxNTnaBAIIAeAEAPAEjLK4lQH6BBIJAAAAIF8PSUARAAAAoJCSIUCIBQGYBQCgBf___________wGqBSBkOGMwNmQ5M2JmZjA0MjM4YmJhNTI2NjhjZGQwZWZiMMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGkkLaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgADAAOL8GQADIB621BdIHDQkAAAAAAAAAJQ4M2gcGCAUJOOAHAOoHAggA8AcA-gcSCRFcAe8FAQSCCEoVAA..&s=eb8d5a3c9756f1498717f1632c8b39972e4c69f2
Requested by
Host: ams1-ib.adnxs.com
URL: https://ams1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKODfD9jgYAAAMA1gAFAQj86piLBhD_lJuL853MmH0YjNKt5auGtvJLKjYJWrBL3SZs2j8RShEZfk3W2D8ZAAAA4KNwEkAhwH0dOGdE2T8p4noUrkfh2j8xAAAAgD0K5z8wpqaAAjiYAkDyVkgCUIyyuJUBWOS1A2AAaK2QZXittQWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJZdWYoJ2EnLCA0MDg1MDU0LCAxNjM0MDg4MzE2KTt1ZignaScsIDYzNzg1MTIsIDE2MzQwODgzMTYpO3VmKCdyJywgMzEzMzk5NTY0LCAuHwDwi5IC8QMhZEZ4MGV3ajFxZlVXRUl5eXVKVUJHQUFnNUxVRE1BQTRBRUFBU1BKV1VLYW1nQUpZQUdEVUFtZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJBYWdCQWJBQkFMa0JibG9PaTBqaDJqX0JBVzVhRG90STRkb195UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FaQ29oUVAxQVQwSzF6NllBZ0NnQWdHMUFnASMEQzkJCPBGRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE5UbmdBOUlzZ0FUNnBQb0dpQVR4M3Z3R2tBUUFtQVFCd1FRQUEBUwEBCE1rRQEHCQEYRFlCQUR4QgkNBQEcaUFXX0lLa0YFDRxBQUE4RC14Qh0_NHdRWGhlaFN1Ui1IYVA4LigABF9SLigACDJRVQE_BEFBAfi4LUFGa01nQzhBWFpyYmtHLUFXLXF2a0JnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYmgVYCQ2Z0dCTElHSkFrAUkJAQBCHb8EQmsJFAEBAEMdGEBMZ0dDZy4umgKZASFCeFVDRj71AaBPUzFBeUFBS0FBeDRYb1Vya2ZoMmo4NkNVRk5VekU2TkRFMU9VRFNMRRFhDER3UDEdYQBGERgMQUFBRx0YAEcdGABIHRgMSGdBaS4JAvCfdy4usgIgMjI1Q0U1REZGMTIyNkUxQzBDMTZGNTEwRjA2MDZGNjbYAgHgArvOVOoCFGh0dHBzOi8vd3d3Lm1zbi5jb20v8gIRCgZBRFZfSUQSBzQwODUwNTTyAhIKBkNQR19JRBIIMTM1MjI2NDnyAgoKBUNQX0lEEgEw8gINCghBRFZfRlJFURIBMPICDQoIUkVNX1VTRVISATDyAgwKCAFWFENPREUSAAUPCENQRxUPEAsKB0NQFQ4QEAoFSU8FgRw2Mzc4NTEy8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfDtATCAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOmBeADAOgDAPgDA4AEAJIEDi9vcGVucnRiMi9tc2Z0mAQAogQPMjE2LjEzMS4xMTQuMTM5qAQAsgQMCAAQABgAIAAwADgAuAQAwASl8vwgyAQA0gQPMTExMjIjQU1TMTo0MTU52gQCCAHgBADwBIyyuJUB-gQSCQAAACBfD0lAEQAAAKCQkiFAiAUBmAUAoAX___________8BqgUgZDhjMDZkOTNiZmYwNDIzOGJiYTUyNjY4Y2RkMGVmYjDABQDJBQAAAAAAAPA_0gUJCQAAAAUPaNgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgUgLADwP9AGkkLaBhYKEAkRGQEB1kzgBgHyBgIIAIAHAYgHAKAHAboHDwFIABgJ8DC_BkAAyAettQXSBw0JEToBOAjaBwYJJzzgBwDqBwIIAPAH6NcC-gcSFSYAEREvBIIIShUA&s=fb8282cf36d3c3f534e2e9455059e08e7bdd42a0&pp=0.38808
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:17 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
92d17fbf-8839-47db-82d2-75d8e0751c38
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/217/ Frame ED39 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/217/trk.js
Requested by
Host: ams1-ib.adnxs.com
URL: https://ams1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKODfD9jgYAAAMA1gAFAQj86piLBhD_lJuL853MmH0YjNKt5auGtvJLKjYJWrBL3SZs2j8RShEZfk3W2D8ZAAAA4KNwEkAhwH0dOGdE2T8p4noUrkfh2j8xAAAAgD0K5z8wpqaAAjiYAkDyVkgCUIyyuJUBWOS1A2AAaK2QZXittQWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJZdWYoJ2EnLCA0MDg1MDU0LCAxNjM0MDg4MzE2KTt1ZignaScsIDYzNzg1MTIsIDE2MzQwODgzMTYpO3VmKCdyJywgMzEzMzk5NTY0LCAuHwDwi5IC8QMhZEZ4MGV3ajFxZlVXRUl5eXVKVUJHQUFnNUxVRE1BQTRBRUFBU1BKV1VLYW1nQUpZQUdEVUFtZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJBYWdCQWJBQkFMa0JibG9PaTBqaDJqX0JBVzVhRG90STRkb195UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FaQ29oUVAxQVQwSzF6NllBZ0NnQWdHMUFnASMEQzkJCPBGRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE5UbmdBOUlzZ0FUNnBQb0dpQVR4M3Z3R2tBUUFtQVFCd1FRQUEBUwEBCE1rRQEHCQEYRFlCQUR4QgkNBQEcaUFXX0lLa0YFDRxBQUE4RC14Qh0_NHdRWGhlaFN1Ui1IYVA4LigABF9SLigACDJRVQE_BEFBAfi4LUFGa01nQzhBWFpyYmtHLUFXLXF2a0JnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYmgVYCQ2Z0dCTElHSkFrAUkJAQBCHb8EQmsJFAEBAEMdGEBMZ0dDZy4umgKZASFCeFVDRj71AaBPUzFBeUFBS0FBeDRYb1Vya2ZoMmo4NkNVRk5VekU2TkRFMU9VRFNMRRFhDER3UDEdYQBGERgMQUFBRx0YAEcdGABIHRgMSGdBaS4JAvCfdy4usgIgMjI1Q0U1REZGMTIyNkUxQzBDMTZGNTEwRjA2MDZGNjbYAgHgArvOVOoCFGh0dHBzOi8vd3d3Lm1zbi5jb20v8gIRCgZBRFZfSUQSBzQwODUwNTTyAhIKBkNQR19JRBIIMTM1MjI2NDnyAgoKBUNQX0lEEgEw8gINCghBRFZfRlJFURIBMPICDQoIUkVNX1VTRVISATDyAgwKCAFWFENPREUSAAUPCENQRxUPEAsKB0NQFQ4QEAoFSU8FgRw2Mzc4NTEy8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfDtATCAAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOmBeADAOgDAPgDA4AEAJIEDi9vcGVucnRiMi9tc2Z0mAQAogQPMjE2LjEzMS4xMTQuMTM5qAQAsgQMCAAQABgAIAAwADgAuAQAwASl8vwgyAQA0gQPMTExMjIjQU1TMTo0MTU52gQCCAHgBADwBIyyuJUB-gQSCQAAACBfD0lAEQAAAKCQkiFAiAUBmAUAoAX___________8BqgUgZDhjMDZkOTNiZmYwNDIzOGJiYTUyNjY4Y2RkMGVmYjDABQDJBQAAAAAAAPA_0gUJCQAAAAUPaNgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgUgLADwP9AGkkLaBhYKEAkRGQEB1kzgBgHyBgIIAIAHAYgHAKAHAboHDwFIABgJ8DC_BkAAyAettQXSBw0JEToBOAjaBwYJJzzgBwDqBwIIAPAH6NcC-gcSFSYAEREvBIIIShUA&s=fb8282cf36d3c3f534e2e9455059e08e7bdd42a0&pp=0.38808
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d450cb09bfdfb2712a08158c7afd6863c616dadfb632023199c75b75782c23d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Sep 2021 08:36:54 GMT
Server
AkamaiNetStorage
ETag
"68277f83cbab253ca48962032df81624:1632818214.66988"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29380
Expires
Thu, 13 Oct 2022 01:25:17 GMT
main.gr.19.8.248.js
static.adsafeprotected.com/ Frame 82ED 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.248.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/677702/56362512/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-62.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eebdf79938702147857b839ad40eb72d15039198a7037047f2594861b34c4968

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 05:10:04 GMT
content-encoding
gzip
age
1023314
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 28 Sep 2021 19:49:53 GMT
server
AmazonS3
etag
W/"5a63013af7144f483e91b9eaa7b84842"
vary
Accept-Encoding
x-amz-version-id
2gbG1pdI7EeodCyfWvQIwJrUYmsJozck
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
QvUhrOb1cqlrzFkAq8bU7POfbWFpb-tytJvNVGZL2Udk172SEK7jgA==
async_usersync.html
acdn.adnxs.com/dmp/ Frame 68C9 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=280&pub_id=43801
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.msn.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=7271693395134067963; anj=dTM7k!M4/8CxrEQF']wIg2In=qKiS$!]tbP6j2F-XstGt!@DlX$pW+x
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 14 Oct 2021 01:25:19 GMT
Date
Wed, 13 Oct 2021 01:25:17 GMT
Connection
keep-alive
Vary
Accept-Encoding
vevent
fra1-ib.adnxs.com/ Frame 82ED 		0
825 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKrDPD9KwYAAAMA1gAFAQj86piLBhCToMyqnrqSqhoY3Zy6kIT_ptk8KjYJFSe1SBgbAkARQpa82pHT_z8ZAAAAwMzMCEAhVGv0eav3BEAplq31RULbB0AxAAAAgML14D8wz67IATiYAkCpOUgCUMDZgJIBWOS1A2AAaMDYOHjsxQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoClQF1ZignYScsIDE2OTQzNjgsIDE2MzQwODgzMTYpO3VmKCdpJywgNTYyNDM1NiwgMTYzNDA4ODMxNik7dWYoJ2cnLCAxNDQwODM3NixCOwAsYycsIDQ5MDUzNzE2RjwAMHInLCAzMDYxOTU2NDg2HwD0dQGSAtkEIVZIazdhUWlVZ0xJWEVNRFpnSklCR0FBZzVMVURNQUk0QUVBQVNLazVVTS11eUFGWUFHQzFCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQ3FnQkNyQUJBTGtCa2JTaXV3ZWdCRURCQWZLR1FDTkMyd2RBeVFFQUFBQ2dIcjBDUU5rQnRUZjR3bVNxNnpfZ0FhU2sxd0wxQVRNenN6LVlBZ0NnQWdTMUFnQUFBQUM5QWdBQUFBRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk0TGZSR3hBRUdBRXRPMFFRT3FJREV3aXdtTDhiRUFvWUFTMzE2QlZBTWdOMWJtdTZBd2xHVWtFeE9qVTNPREhnQTlJc2dBVFk0SmNHaUFUcjRKY0drQVFCbUFRQnNnUUpDTmIyZlJEMW9fNE11Z1FaQ08wSUViZ2VoZXRSdUw0X0dRQUFBQUFBQUFBQUlOYjJmY0VFdUI2RjYxRzR2al9KQgG_DQEYMkFRQThRUQ0OKEFBQUlnRmxTMnBCERMUUEFfc1FVARoJAThNRUZEbmNVRWdlZ0JFREouKAAAMC4oAAhOa0YJMchBQThEX2dCZDZaRXZBRnVMWHZCdmdGb0xWbmdnWURSVlZTaUFZQWtBWUJtQVlBb1FabVoFAjRiMlA2Z0dCTElHSkFrQRUBBEJFFQsIQUJrGQwAQx0YRExnR0NnLi6aApkBIWl4c19CZzpdAixPUzFBeUFBS0FBeFoFbZBabTlqODZDVVpTUVRFNk5UYzRNVURTTEVtMU5fakNaS3JyUDFFGW0ARh15MEdHNEhvWHJVYmktUDIdGABIHZEMSGdBaUVxAQH0aQFEd1B3Li6yAiAyMjVDRTVERkYxMjI2RTFDMEMxNkY1MTBGMDYwNkY2NtgCAeACu85U6gIUaHR0cHM6Ly93d3cubXNuLmNvbS-AAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOmBeADAOgDAPgDA4AEAJIEDi9vcGVucnRiMi9tc2Z0mAQAogQPMjE2LjEzMS4xMTQuMTM5qAQAsgQMCAAQABgAIAAwADgCuAQAwASOmo8iyAQA0gQONzMzNyNGUkExOjU3ODHaBAIIAeAEAPAEwNmAkgH6BBIJAAAAIF8PSUARAAAAoJCSIUCIBQGYBQCgBf___________wGqBSBhYzMzNDNhNzQ5ZWI0YjBhYmM3MzUzYzkxYzZkZDFhOcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYUB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBrQl2gYWChAAAAAAAAkWBQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaQCAAMAA4vwZAAMgH7MUF0gcNAcwFAQE4CNoHBgknNOAHAOoHAggA8AcA-gcSFSQAEQUqEAAAAIIIShUA&s=b1bfeaf88a3a44e431b260c54714f8eb517a0a91&type=nv&nvt=5&jm=1003&px=1001&py=380&bw=208&bh=250&sid=4437987841363128283&vd=ct~0|rr~0&sv=217&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=3282767&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=7099&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/217/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:17 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f6650f0f-aedb-486e-b679-cc2a90fe4281
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1a
i.clean.gg/ Frame ED39 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Wed, 13 Oct 2021 01:25:17 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D348 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 11 Oct 2021 10:04:54 GMT
expires
Tue, 11 Oct 2022 10:04:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
141623
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 82ED 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Oct 2021 01:25:17 GMT
index.html
s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/ Frame D258 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
b45ee7ed997986ac7c01faa63db5adae9573deb8c3fb3d880ad843c27c0eaa3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2904
date
Tue, 12 Oct 2021 08:09:05 GMT
expires
Wed, 13 Oct 2021 08:09:05 GMT
last-modified
Wed, 11 Aug 2021 07:41:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
62172
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 82ED 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsteoOIP-gvPcKEqqPpOOkLyqereVuMoTBK3FsiliTliM-lA2PJ8t_JIiR6dPaf0ndgeqFZQtl2hKqC4D3prDnp_wd1LOT7Y8nmsnA_8ja-sJvv-69HnuJgpW3_7jg&sig=Cg0ArKJSzF62X3rR364AEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=161&cbvp=1&cstd=159&cisv=r20211011.86546&adurl=
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
AAPrc8o.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPrc8o.img?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg&x=414&y=228
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bcfa10bad0541ff5904ded107c9d7238e758b9491dc968f2acc7d8929c4e7090
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Wed, 13 Oct 2021 00:35:53 GMT
x-datacenter
northeu
x-source-length
157742
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=428997
x-activityid
e88896b4-a901-48cd-8274-a01f130e67b1
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPrc8o?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg&x=414&y=228
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
4304
expires
Mon, 18 Oct 2021 00:35:14 GMT
BB1fYHC0.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		636 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1fYHC0.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ea9c481ed3f3b1d83e8f2b3562881cd84e805101f6a0b342f097a0379cdda04c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 08:19:30 GMT
x-datacenter
northeu
x-source-length
2107
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=370430
x-activityid
3cd6e6c8-1f02-493d-ad99-4dc649c14ef9
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1fYHC0?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
636
expires
Sun, 17 Oct 2021 08:19:07 GMT
AAywOab.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		640 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAywOab.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5647d6e4fe65dadc8621ea2af7af33e586f7badd85f252d6132903cd0da80889
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Mon, 11 Oct 2021 00:13:03 GMT
x-datacenter
northeu
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=254870
x-activityid
ba246529-d592-4e0a-a750-58ff7e16177b
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywOab?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
640
expires
Sat, 16 Oct 2021 00:13:07 GMT
AAPr5Hw.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPr5Hw.img?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg&x=386&y=114
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
87f8e73ea1c8f733b98d946567fbab93a829dfb3787c932453b8c2e84133d00f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Wed, 13 Oct 2021 01:06:39 GMT
x-datacenter
northeu
x-source-length
22878
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430841
x-activityid
040c8c13-cede-40c4-acfb-94c12ee770e2
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPr5Hw?h=84&w=104&m=6&q=60&u=t&o=t&l=f&f=jpg&x=386&y=114
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2345
expires
Mon, 18 Oct 2021 01:05:58 GMT
AA9z9sE.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		695 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AA9z9sE.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e6336a5d2ad8d9714605e0786c9b5d117f1d3c324daa667d1e7fbbd04edd3d34
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA9z9sE
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Sat, 09 Oct 2021 06:01:48 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
592
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=103030
x-activityid
82fcff5b-59bf-4f50-a78c-2a85da3b39c9
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9z9sE?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
695
expires
Thu, 14 Oct 2021 06:02:27 GMT
async_usersync
ib.adnxs.com/ Frame 68C9 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=280&pub_id=43801&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=280&pub_id=43801
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:17 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
28060928-b483-4e81-b851-e27e53b75899
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
pubads_impl_2021100701.js
securepubads.g.doubleclick.net/gpt/ Frame ED39 		366 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126551
x-xss-protection
0
last-modified
Thu, 07 Oct 2021 08:38:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Oct 2021 01:25:17 GMT
skeleton.js
static.adsafeprotected.com/ Frame 82ED
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/677702/56362512/skeleton.js?adsafe_url=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-62.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 08:35:57 GMT
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
age
8441361
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
eZKvYaGR4rU9Swfk53Ozk6j2yl11LNCjmrTzUSZxJv9elRJzkeEHcw==

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:17 GMT
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 4C6B 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-62.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 08:08:31 GMT
content-encoding
gzip
age
1012607
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
0mUZ_jbU955TCDmIvpcAelyiDPoM3gLUXhgpFbNSPG6x-tzEPOBNmA==
bg.jpg
s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/ Frame D258 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/bg.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
77c734452400cf78c4055d6e865f37142ef160d097a2cb19d2c5d6c68002c417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 12:49:23 GMT
x-content-type-options
nosniff
age
45354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22648
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 07:41:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Oct 2021 12:49:23 GMT
text1a.png
s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/ Frame D258 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/text1a.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
685ce6ca08f079ccc7dc2b71decdfca139065fc67607bd8e6de94147bd235c07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 13:21:35 GMT
x-content-type-options
nosniff
age
43422
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1549
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 07:41:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Oct 2021 13:21:35 GMT
text1b.png
s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/ Frame D258 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/text1b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
7a25d66cfb50b6d2dc41dfeb35a73fbe84a80545be987b04441de70a181b5e0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 04:41:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 07:41:00 GMT
server
sffe
age
74603
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1515
x-xss-protection
0
expires
Wed, 13 Oct 2021 04:41:54 GMT
text1c.png
s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/ Frame D258 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/text1c.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
45afb8907f66958d3c82770f0908c6f4b2e83cf7b84df70844e729e6143106c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 08:08:30 GMT
x-content-type-options
nosniff
age
62207
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1166
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 07:41:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Oct 2021 08:08:30 GMT
text2.png
s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/ Frame D258 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/text2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
3609065881766d577528802df7baf1f6f255eb654757f33f83ceaf767d6b5d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 13:49:56 GMT
x-content-type-options
nosniff
age
41721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2324
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 07:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Oct 2021 13:49:56 GMT
logo.png
s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/ Frame D258 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
c2b62853233ae257982c0d318217cea226194dc298773ebe871881f29b828f50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 17:45:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 07:41:00 GMT
server
sffe
age
27587
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1914
x-xss-protection
0
expires
Wed, 13 Oct 2021 17:45:30 GMT
stoerer1.png
s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/ Frame D258 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/stoerer1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
d839d03def48b73d79c1f66bc02eabb4d90477b45238d788a6864a66d762cc6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 13:49:56 GMT
x-content-type-options
nosniff
age
41721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2378
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 07:41:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Oct 2021 13:49:56 GMT
verbrauch.png
s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/ Frame D258 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/verbrauch.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
372f8a1e4079c2b89761433932fc28dda4f266681b7676630752576c3f586328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 23:41:23 GMT
x-content-type-options
nosniff
age
6234
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22053
x-xss-protection
0
last-modified
Wed, 11 Aug 2021 07:41:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Oct 2021 23:41:23 GMT
info.png
s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/ Frame D258 		713 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/info.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
726faf95e5a25b36cf2c06b089bd1b401768b82964b6ac4f25c6de62c51e6890
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 08:51:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 07:41:01 GMT
server
sffe
age
59651
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
713
x-xss-protection
0
expires
Wed, 13 Oct 2021 08:51:06 GMT
close.png
s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/ Frame D258 		501 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/img/close.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
fd61b384d2546db2cf5e2acbaea6633728ad41fa4dc3f32401000ce087809e1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 08:54:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 07:41:00 GMT
server
sffe
age
59450
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
501
x-xss-protection
0
expires
Wed, 13 Oct 2021 08:54:27 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D258 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/6638290/1628667660722/300x250_RAV4%20PHEV_V2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Oct 2021 01:25:17 GMT
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=677702&asId=e37619bd-a75a-8b54-94bd-0a1debded7a2&tv=%7Bc:qSNgxm,pingTime:-2,time:212,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:306,bdZ:436,beA:466,beZ:467,mfA:628,cmA:629,inA:630,inZ:633,prA:633,prZ:636,si:644,poA:645,poZ:657,cmZ:657,mfZ:657,loA:665,loZ:667,ltA:677,ltZ:677%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:177%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:212,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:1132.383.300.250,am:i,cc:1132.383.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sLGc32M+11%7C12*.677702-56362512%7C121%7C122%7C123,idMap:12*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,slid:%5BjacSandbox_893462,jacPosition_rectangle1_home_1,rectangle1_homepage_container_539e17db-ff8e-4614-9fe7-559c842a66da,rectangle1_homepage_539e17db-ff8e-4614-9fe7-559c842a66da,main,content,maincontent%5D,sinceFw:32,readyFired:true%7D&br=c
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-181-211.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:17 GMT
x-server-name
dt29.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
pagead2.googlesyndication.com/bg/ Frame D348 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 19:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
22521
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13308
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 19:09:56 GMT
integrator.js
adservice.google.com/adsid/ Frame ED39 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.msn.com
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame ED39 		436 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3924126618916393&correlator=3223207973313345&output=ldjh&impl=fifs&eid=31062392&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211013&iu_parts=21804004266%3A22569761985%2CMSN_DE_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie_enabled=1&cdm=www.msn.com&bc=31&abxe=1&lmt=1634088317&dt=1634088317481&dlt=1634088316734&idt=727&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=322&adks=277376852&ucis=ac4ciebk6gee&ifi=1&ifk=1011644935&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&top=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1442358260.1634088317&ga_sid=1634088317&ga_hid=269807144&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b32a411896c05c51f7efa237ad91af2744b781498bb9af7708af0e7f515037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
228
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.msn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B63F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 13 Oct 2021 01:25:17 GMT
expires
Thu, 13 Oct 2022 01:25:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
async_usersync.html
acdn.adnxs.com/dmp/ Frame AB5C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=280&pub_id=43801
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.msn.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=7271693395134067963; anj=dTM7k!M4/8CxrEQF']wIg2In=qKiS$!]tbP6j2F-XstGt!@DlX$pW+x
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 14 Oct 2021 01:25:19 GMT
Date
Wed, 13 Oct 2021 01:25:17 GMT
Connection
keep-alive
Vary
Accept-Encoding
vevent
ams1-ib.adnxs.com/ Frame ED39 		0
825 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKFC_D9hQUAAAMA1gAFAQj86piLBhD_lJuL853MmH0YjNKt5auGtvJLKjYJWrBL3SZs2j8RShEZfk3W2D8ZAAAA4KNwEkAhwH0dOGdE2T8p4noUrkfh2j8xAAAAgD0K5z8wpqaAAjiYAkDyVkgCUIyyuJUBWOS1A2AAaK2QZXittQWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJZdWYoJ2EnLCA0MDg1MDU0LCAxNjM0MDg4MzE2KTt1ZignaScsIDYzNzg1MTIsIDE2MzQwODgzMTYpO3VmKCdyJywgMzEzMzk5NTY0LCAuHwDwi5IC8QMhZEZ4MGV3ajFxZlVXRUl5eXVKVUJHQUFnNUxVRE1BQTRBRUFBU1BKV1VLYW1nQUpZQUdEVUFtZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJBYWdCQWJBQkFMa0JibG9PaTBqaDJqX0JBVzVhRG90STRkb195UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FaQ29oUVAxQVQwSzF6NllBZ0NnQWdHMUFnASMEQzkJCPBGRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE5UbmdBOUlzZ0FUNnBQb0dpQVR4M3Z3R2tBUUFtQVFCd1FRQUEBUwEBCE1rRQEHCQEYRFlCQUR4QgkNBQEcaUFXX0lLa0YFDRxBQUE4RC14Qh0_NHdRWGhlaFN1Ui1IYVA4LigABF9SLigACDJRVQE_BEFBAfi4LUFGa01nQzhBWFpyYmtHLUFXLXF2a0JnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYmgVYCQ2Z0dCTElHSkFrAUkJAQBCHb8EQmsJFAEBAEMdGEBMZ0dDZy4umgKZASFCeFVDRj71AaBPUzFBeUFBS0FBeDRYb1Vya2ZoMmo4NkNVRk5VekU2TkRFMU9VRFNMRRFhDER3UDEdYQBGERgMQUFBRx0YAEcdGABIHRgMSGdBaS4JAvSoAXcuLrICIDIyNUNFNURGRjEyMjZFMUMwQzE2RjUxMEYwNjA2RjY22AIB4AK7zlTqAhRodHRwczovL3d3dy5tc24uY29tL4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA6YF4AMA6AMA-AMDgAQAkgQOL29wZW5ydGIyL21zZnSYBACiBA8yMTYuMTMxLjExNC4xMzmoBACyBAwIABAAGAAgADAAOAK4BADABKXy_CDIBADSBA8xMTEyMiNBTVMxOjQxNTnaBAIIAeAEAPAEjLK4lQH6BBIJAAAAIF8PSUARAAAAoJCSIUCIBQGYBQCgBf___________wGqBSBkOGMwNmQ5M2JmZjA0MjM4YmJhNTI2NjhjZGQwZWZiMMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGkkLaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgADAAOL8GQADIB621BdIHDQkAAAAAAAAAJQ4M2gcGCAUJOOAHAOoHAggA8AcA-gcSCRFcAe8FAQSCCEoVAA..&s=eb8d5a3c9756f1498717f1632c8b39972e4c69f2&type=nv&nvt=5&jm=1003&px=436&py=232&bw=728&bh=90&sid=4437987841363128283&vd=ct~0|rr~0&sv=217&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=4199206&sw=1600&sh=1200&pw=1600&ph=7099&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/217/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:17 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4c58b3d9-b998-45ba-8d06-176044984f70
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 82ED 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsteoOIP-gvPcKEqqPpOOkLyqereVuMoTBK3FsiliTliM-lA2PJ8t_JIiR6dPaf0ndgeqFZQtl2hKqC4D3prDnp_wd1LOT7Y8nmsnA_8ja-sJvv-69HnuJgpW3_7jg&sig=Cg0ArKJSzF62X3rR364AEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=407&vt=11&dtpt=246&dett=3&cstd=159&cisv=r20211011.86546&adurl=
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
async_usersync
ib.adnxs.com/ Frame AB5C 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=280&pub_id=43801&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=280&pub_id=43801
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:17 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e46b0e3b-c214-4450-a25a-25519f1cd955
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=677702&asId=e37619bd-a75a-8b54-94bd-0a1debded7a2&tv=%7Bc:qSNgBz,time:473,type:e,im:%7Bpci:%7Btdr:174%7D,imprf:%7Bttecl:538,ecd:10,tsecr:80%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:128,o:345,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:1132.383.300.250,am:i,cc:1132.383.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~300.250%5D%7D%7D,%7Bsl:i,t:345,wc:0.0.1600.1200,ac:1132.383.300.250,am:i,cc:1132.383.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B128~100%5D,as:%5B128~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sLGc32M+11%7C12*.677702-56362512%7C121%7C122%7C123,idMap:12*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-181-211.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:17 GMT
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame D348 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYa_CfTVmYZX7BdX53gOltIHoDwAAAAA4AeAEAg&bg=!lpWlldHNAAbGFvHlxhY7ACkAdvg8WuuHPQ2n2IYLlt6w1ibTOfIWtIVbsCiB-D_7rXkeA7_zP4vB3AIAAACCUgAAAAtoAQcKAHkh-mDMiTAN5XLWzYe6APObVzlxJGK3gat7Ut8CeAF59rBg7yoqKTuZYVJNJSXZLwl72vzJjsPkAHYHOZloS5rH0l5MJEnMlmbWGkPNFh2WuEhDVu9x5o9C_k0l6PH26RzbDmPFS46MCHwJL2f0m_JuvBxMXtWpI4_amQLewFjZRLZbhUaXzrLVJVTrJ44bNeO92XIY9mnG1HJH19NADd7noLdxElljeYgqXtfiznmUDJthwoHrqP1ZJ7ai1ZxEp2_YkK758GkFigrZmVEiuhpHx3Pvk6DZ1UppvDF8VRpvvc5h9NXBVSftraukMccoKr6BBpZIpXXIVQgVxrKdLh5fW3eUw5vZGqx7_lUi6htudY6wQ5D90jHK7VfmZxzt9Jgw7Wngu9QR4ze-B9EB3CwyH90Rd5-EmOVpfeTk0T28-5YLrkjTYdKUKNJILIrWi9HcvrIgtDJBBcpHMM-fxpj6LBK4Kffz8fODGY7eXmV-m-7j0whBwuF6YkA9hhxZrdhYHOPVmq7irK61h9CGsBLaX36szCbLZeO8UrazabWZd4tnHwN-7xbZIfBJVPP_4XP8Z1TiYDvx6GFK9gDEELbb3kUTs9Xlx7na0Ytk8RN9F6HofT7G4Inmw4w7-3gEvnQrPpDBrRDJpH9rEeHbH8xtWPFG3aFYwC_aqdv5WfVFQ7oLd4Fr85GqsQcGBXMEZyXDlMU1CsRKDGP4O4uD6aC7rL4CDLvJ9B3Wgma800m0L4YRxin3Ym_TKpneFG7tOribcZZPJBRuFfFaHSdQd3XxgKUUfMwWTsDy6ApgDZVWxar5-Z4r2UdacO8P5AJo4fZuwErFkiTRlmethi2Ag5fLfI80VISPdMqqZInNfARm_e3Nw2O7x-c33s52t-Fk2G-2vrCL-4DcKUPMwSrnpYRfXC9INS7Cze35FrhtHRScMNrRb3DYqyECjOTPnN9lYjYpFf8FoIvY1tnAVEIhVUct_jS9ioL-_Xeb0jouL8tQzONeaeNbocK-c9aviK3LHA_e8waI3B88M4XaSqo040bjxz7jObFyJyY-ellGZMZekknKi-bnNKiK2LvCI-_wJM4KxKeVkK34JoTeY76098JagYH_cpU25IYzKM6dYtfHCfrytKbQUgLm9As
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame ED39 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.msn.com
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame ED39 		52 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3924126618916393&correlator=3223207973313345&output=ldjh&impl=fifs&eid=31062392&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211013&iu_parts=78792240%3A22569761985%2CMSN_DE_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&cookie=ID%3D76066f00d54fb4d2%3AT%3D1634088317%3AS%3DALNI_MZDJUHCM3F4aVpcoZYszvZuTFBsMQ&cdm=www.msn.com&bc=31&abxe=1&lmt=1634088317&dt=1634088317762&dlt=1634088316734&idt=727&ea=0&frm=23&biw=1600&bih=1200&isw=728&ish=90&oid=2&adxs=436&adys=232&adks=642144610&ucis=yk7kpyfv8b2c&ifi=2&ifk=1011644935&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&top=https%3A%2F%2Fwww.msn.com%2Fen-us%3Frefurl%3D%252fen-us%252flifestyle%252flifestyle-buzz%252fkatie-holmes-talks-about-that-bra-and-cardigan-moment%252far-AAJTECj%253focid%253dspartandhp&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x90&ga_vid=1442358260.1634088317&ga_sid=1634088317&ga_hid=269807144&ga_fc=false&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
65927b0549fabe196dd950eafa8a37aebb7687cefae0ac80bbe79c652d3a8e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18034
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.msn.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame ED39 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
71e40db0dd0e5c6163e6056e1f493f69ffb422b3c6e5877506408b12b6a06c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8587
x-xss-protection
0
sp-frame.html
tag.idsync.analytics.yahoo.com/ Frame 4F62 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.7.2/jac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74

Request headers

:method
GET
:authority
tag.idsync.analytics.yahoo.com
:scheme
https
:path
/sp-frame.html?referrer=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
cookie
A3=d=AQABBHw1ZmECEKjwNX8JlWbEdZ3d8jwGHogFEgEBAQGGZ2FwYQAAAAAA_eMAAA&S=AQAAAltY-N6c8C-7giIivasuQw0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

content-encoding
gzip
age
222
content-type
text/html
date
Wed, 13 Oct 2021 01:25:17 GMT
etag
"324f9bb044d7d71fa083c18b96aa4662+gzip"
last-modified
Wed, 18 Aug 2021 13:17:52 GMT
server
ECS (frb/669E)
vary
Accept-Encoding
x-amz-id-2
Ps/MsdOfI4uruIX8g9f+uRIVZJh8djkgtVEk9bLmmaq6Jn4MHxH8fGsgoHUrpdYhTAcPVHAbKiQ=
x-amz-request-id
Z1YAFZMG8SS0BH57
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3220
cms
cms.analytics.yahoo.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=MSFT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=677702&asId=e37619bd-a75a-8b54-94bd-0a1debded7a2&tv=%7Bc:qSNgDu,pingTime:-10,time:592,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1634088317800%7C%7C4da2ab0b604e9dd81217d0bf9d3551ab%7C%7Cc7e7172c7781b034963ef5178f1479dd%7C%7C26a5b55e734ecc58e31c7d6e8b4c68eb%7C%7C797d9a38d896d7eb3b6fa3cca010a0ca%7C%7Cca9f77b4747670dd9d804da4a4ad4bec%7C%7C6a50df37834a93c3d59beddf8866944a%7C%7Cb10fac10468e1f7d1fd6e4f04aeb7007%7C%7C1629390669%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-181-211.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:17 GMT
x-server-name
dt33.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
17-361657-68ddb2ab
static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-2923b6c2/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-2923b6c2/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/17-361657-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f2945e416ddd2a188d0e64d44332f349b56c49ac13036b0b4fc946a2ebf87d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-activity-id
00000000-4a1e-4a19-8eff-ab007376f514
vary
Accept-Encoding
content-length
655
x-xss-protection
1
x-aspnetmvc-version
5.2
last-modified
Tue, 12 Oct 2021 18:20:58 GMT
server
Microsoft-IIS/8.5
x-az
{did:951b20c4cd6d42d29795c846b4755d88, rid: 20, sn: neurope-prod-hp, dt: 2021-10-12T06:10:47.7373156Z, bt: 2021-10-01T00:14:52.8166315Z}
x-frame-options
SAMEORIGIN
x-s1
2021-10-12T18:20:58
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-transform, max-age=31510487
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-appversion
20211001_24816374
expires
Wed, 12 Oct 2022 18:20:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ED39 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 13 Oct 2021 01:25:17 GMT
BBqlEdK.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		594 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBqlEdK.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
63478e930215112adb29425b1b1bb0f531381e85a159b4b5907629c11fc55991
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Sun, 10 Oct 2021 07:40:32 GMT
x-datacenter
northeu
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=195263
x-activityid
3d3ce278-aa6e-4e8c-a485-41ecb431cb96
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBqlEdK?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
594
expires
Fri, 15 Oct 2021 07:39:40 GMT
AAMehvA.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAMehvA.img?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
029cbf0100b313219863e61a67f9a971a1297920bea93229f43f30b9aaeabc5d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Sun, 10 Oct 2021 09:08:48 GMT
x-datacenter
northeu
x-source-length
128138
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=200521
x-activityid
a664b453-99b3-4501-8e3c-83a5f628d271
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAMehvA?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
14094
expires
Fri, 15 Oct 2021 09:07:18 GMT
BB1epHIs.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1epHIs.img?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2b712627283b50d3786db72c77da81e7ea9ff5cd361eb0f49e5d2c3737e096f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Mon, 11 Oct 2021 14:58:26 GMT
x-datacenter
northeu
x-source-length
106569
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=307986
x-activityid
5817f880-1377-4955-84e6-f187071d2949
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1epHIs?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
5348
expires
Sat, 16 Oct 2021 14:58:23 GMT
AANUdSY.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AANUdSY.img?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd972a8f26571531ed6cc456f7cd2da098a2eb36f00861de19f49a4fcbb2edfa
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 01:39:14 GMT
x-datacenter
northeu
x-source-length
208896
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=346372
x-activityid
fbf1ea48-0e09-4e1a-b62a-eec307becc75
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AANUdSY?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
6965
expires
Sun, 17 Oct 2021 01:38:09 GMT
BB194HRJ.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB194HRJ.img?h=197&w=306&m=6&q=60&u=t&o=t&l=f&x=1817&y=640
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6f3153fe0256ad1cd6f80768f62dde22bb47edef2caa97006625fed1f4fe17ad
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 23:52:32 GMT
x-datacenter
northeu
x-source-length
940779
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426456
x-activityid
abea3557-e1e6-4751-b425-601fd04c2aa7
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB194HRJ?h=197&w=306&m=6&q=60&u=t&o=t&l=f&x=1817&y=640
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
14249
expires
Sun, 17 Oct 2021 23:52:53 GMT
BBjLpNF.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		471 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBjLpNF.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d2844262bf9d7cb8fb0c8437bdbb40dadd193fd31f16a66e978e9a3c190b110
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Mon, 11 Oct 2021 02:37:06 GMT
x-datacenter
northeu
x-source-length
351
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=263509
x-activityid
6c125262-936e-480e-8948-7552f5ecb6ae
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBjLpNF?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
471
expires
Sat, 16 Oct 2021 02:37:06 GMT
AAPr7OJ.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPr7OJ.img?h=82&w=100&m=6&q=60&u=t&o=t&l=f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a7aa37e5713cc71e45cdd0d1e9f6715d35d0890c0cdd01b9795a9bff6a86443a
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 23:52:32 GMT
x-datacenter
northeu
x-source-length
378531
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426385
x-activityid
40f6fba1-faa4-4a36-ac23-ef9ca448dc01
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPr7OJ?h=82&w=100&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2305
expires
Sun, 17 Oct 2021 23:51:42 GMT
AAgnIPB.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		711 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAgnIPB.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c83ffcdb1004e6b8ebd23d39bd83dff1c131a8ddbe1583f897ff158c25b4afa
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 07:23:09 GMT
x-datacenter
northeu
x-source-length
18952
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=366941
x-activityid
3bae5e7a-8f9e-47b9-ad7d-8ee852926870
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAgnIPB?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
711
expires
Sun, 17 Oct 2021 07:20:58 GMT
AACl4vY.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		690 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AACl4vY.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4821ce434a205521d97f3183a539f1faf2f9f089f887bb4fcfedc1b9c8b345c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Mon, 11 Oct 2021 02:58:14 GMT
x-datacenter
northeu
x-source-length
4142
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=264765
x-activityid
1a4be31f-3b6f-43e5-b7bb-6da39dfe7d36
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl4vY?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
690
expires
Sat, 16 Oct 2021 02:58:02 GMT
AAPqYZt.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPqYZt.img?h=82&w=100&m=6&q=60&u=t&o=t&l=f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f8d1a32ae6dca7e73f857fb22d087f69dc3ff06be3a825e031fc814ae07c8f84
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 23:52:32 GMT
x-datacenter
northeu
x-source-length
3609170
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426461
x-activityid
d2223fd5-ffce-4648-b566-8bf8021dbc7d
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPqYZt?h=82&w=100&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2990
expires
Sun, 17 Oct 2021 23:52:58 GMT
AAfZ6og.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		663 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAfZ6og.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
49eefa06fd8b2b228e6ee5f7d3af6f3ccfff82fd3762ebb3df322881d76e27b7
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Sat, 09 Oct 2021 08:08:16 GMT
x-datacenter
northeu
x-source-length
18424
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=110638
x-activityid
75d211f6-ab0f-4688-bb84-2ef9cc5b994b
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAfZ6og?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
663
expires
Thu, 14 Oct 2021 08:09:15 GMT
BB1gRJts.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1gRJts.img?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=456&y=158
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5007ee1edee42bc47d17ffe2c39fe385c7bd99d1a3dc7b3f7f1c021687345265
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 23:52:32 GMT
x-datacenter
northeu
x-source-length
172785
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426438
x-activityid
774a3258-6613-48d8-9749-35f555ac4b19
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1gRJts?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=456&y=158
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
3317
expires
Sun, 17 Oct 2021 23:52:35 GMT
BBCleeG.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		628 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBCleeG.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1fe86d21df7f0e1c075b4b14adf691e6af8b468ed2f66fd8cca6e6f98a897299
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBCleeG
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Mon, 11 Oct 2021 03:25:42 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
20493
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=266371
x-activityid
510a9d7d-b9bd-47be-8161-c837eda1edcc
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBCleeG?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
628
expires
Sat, 16 Oct 2021 03:24:48 GMT
AAPrb8K.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPrb8K.img?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=526&y=242
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1dc87aaaf80e24bd34e27af185f08a5d050d98ea4becedd7b0ef07c5295b3d1c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 21:44:12 GMT
x-datacenter
northeu
x-source-length
860873
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=418636
x-activityid
6510e482-7cba-4d10-9df3-abde295a10a4
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPrb8K?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=526&y=242
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
20614
expires
Sun, 17 Oct 2021 21:42:33 GMT
BB1e6XdQ.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		575 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1e6XdQ.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5c099f1d79e45728021be14c4bc8cff7910f26cd0ebeec08520521346271f44
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Sun, 10 Oct 2021 21:44:04 GMT
x-datacenter
northeu
x-source-length
5249
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=245915
x-activityid
a5589db9-c056-4a02-a191-c3a410a879ba
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1e6XdQ?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
575
expires
Fri, 15 Oct 2021 21:43:52 GMT
BB11O75S.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB11O75S.img?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=558&y=699
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b498455f613758434d457bb8b66234d0bb650c2c1a3951c6a54aa6acb73002bc
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Fri, 08 Oct 2021 07:16:32 GMT
x-datacenter
northeu
x-source-length
634383
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=21057
x-activityid
99c86e47-6dd8-481f-a212-3fe381517e8f
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB11O75S?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=558&y=699
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
3177
expires
Wed, 13 Oct 2021 07:16:14 GMT
AA9tqjr.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		679 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AA9tqjr.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5610226e0bc7f1a0ae11254a35d7e058ae18ead411eb6d5b2331ccbcba8e9359
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 08:05:03 GMT
x-datacenter
northeu
x-source-length
1664
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=369608
x-activityid
4853c664-48c0-4bb0-a277-19ab7174c4ad
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9tqjr?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
679
expires
Sun, 17 Oct 2021 08:05:25 GMT
AAPrbU6.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPrbU6.img?h=197&w=306&m=6&q=60&u=t&o=t&l=f&x=400&y=201
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
431e56243237c49670f54cbee69d68fa8b6dfe9c59283b339e17c86894b83f0e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Wed, 13 Oct 2021 00:47:06 GMT
x-datacenter
northeu
x-source-length
226897
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429610
x-activityid
1f47bc77-9881-4cd2-8851-280d5e254a42
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPrbU6?h=197&w=306&m=6&q=60&u=t&o=t&l=f&x=400&y=201
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
11904
expires
Mon, 18 Oct 2021 00:45:27 GMT
AAPfDBI.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPfDBI.img?h=197&w=306&m=6&q=60&u=t&o=t&l=f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60f2da850d50df498352834b04499e50fc0230e2a4b75eea0aa9c81a34e090f6
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 07:04:17 GMT
x-datacenter
northeu
x-source-length
183230
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=365930
x-activityid
1c2d8472-9367-4009-9b65-b4387ab38412
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPfDBI?h=197&w=306&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
15598
expires
Sun, 17 Oct 2021 07:04:07 GMT
th
www.bing.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d81d2d63ae9095ff06d70d36e8d432ec&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
27b559fb21037e7972ffabb594b1cafcb9247f6fa94100b16a03cff3d250a8c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 890D375353244296AF61CB7B75C74F50 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
2184
BBNsWtr.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		674 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBNsWtr.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
107ebc2c18780f04dbd1e296986ac1296129bf83fd70bf2d0eb7ccef2c2b53b8
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Sun, 10 Oct 2021 03:16:45 GMT
x-datacenter
northeu
x-source-length
661
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=179522
x-activityid
f48632cc-6157-47be-9406-cfba40e5aef3
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNsWtr?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
674
expires
Fri, 15 Oct 2021 03:17:19 GMT
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.a47a36624815f9bb55b17f8d64c0f25b&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
c31872e85b49834246a25c46c870fcddf837d55d0cd648d0061cba0d37272bfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: BED0544DDE454E4AB9CA690C427C3B3C Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
2602
AAADLcm.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		785 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAADLcm.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad6337c4c48d8db777b119261cbd3714d78e1a0f8c4e1aaae5fcbf308e378773
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Mon, 11 Oct 2021 03:38:58 GMT
x-datacenter
northeu
x-source-length
2028
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=267267
x-activityid
c00f4e9d-05f0-4688-b13d-4c581f93bac2
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAADLcm?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
785
expires
Sat, 16 Oct 2021 03:39:44 GMT
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.7e840e4795f81ec96ae0939a01b68594&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
8af27e90b7feaca0281a29255241074894e0538785d388d11bb3d67de672eb97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 107190B123244414A1FBFE57E94BF695 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3027
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.6a3e9e38446792e4e029d68532403044&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
310a2544197b3ebea2143dabbb8f7516228c0246e7250aa338f8d350de50be98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 233F0BA535C24573A330332046D48725 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3045
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.8d291905ea7f86c28afca3db146049e3&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
311328df6b25b2aebd094c30999b651066917b6647924fbc3538709bfdf302cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: ADAEBE9287B148FBBB2B184289A66DF9 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3092
BBgjtLu.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		344 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBgjtLu.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6ab09839dfd5e9e4193ae436fb64705cdcb063d12dd9d4962c40aa262b8f17f0
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBgjtLu
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 07:07:56 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
283
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=366160
x-activityid
12f1a53a-93f6-4c18-ae8d-550cd841019a
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBgjtLu?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
344
expires
Sun, 17 Oct 2021 07:07:57 GMT
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.80afa8b0e58ab911f6db73b49b50ed53&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e443d0139087244f62a3706af746e152c52e1b21eb59bd26ad611a9f7cf3f661

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: C60B7451416345589BEA4131ACB826EF Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3162
AAxf7dg.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		402 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAxf7dg.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a183c867937b3c0166937e749f52f90512fd097922ecd602a768649182d2604d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAxf7dg
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Sun, 10 Oct 2021 00:59:57 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=171243
x-activityid
37940972-3785-495e-98a1-33fe9e312333
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAxf7dg?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
402
expires
Fri, 15 Oct 2021 00:59:20 GMT
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.81da61adce17089a4498716a73bba2e9&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e769b6557007cfe73eed4d7fee49308e023f69fcde083088e1fd7f22c653d504

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: CE4E8689A1984A6A8EF1092EEDE9A986 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
2950
BB1vTrk.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		424 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1vTrk.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c49529a9a33f002f4e6de1ff638cb7aff7649894ae517a5a397122b5dabad2ae
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Sat, 09 Oct 2021 19:44:19 GMT
x-datacenter
northeu
x-source-length
320
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=152343
x-activityid
5bc2594a-4931-4aaf-9306-b320bb8a6361
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1vTrk?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
424
expires
Thu, 14 Oct 2021 19:44:20 GMT
th
www.bing.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.dcc1284fe955ce6eb16c772853b5e8d4&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
93a0d2cd7595584ed09363bbf9dcca489c5e45f3c93497476f04dd00e23365e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 620596A7CDB245E2998BCD44F42B4019 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
3748
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.2eb5f67d50ac686b2fb475b996c0080b&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
bc507438a8174c454cc483ce128f1baa1fc0f6525ae63fbc828b294d4176bd81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: BCA5EE5E86EF4A47A09714DCBCFB7591 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
2766
AAvcS6D.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAvcS6D.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
28fc3eb91dde3de99ffd7a31cd728888eb2dc330c0de927db232fb342fab1a03
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 07:59:59 GMT
x-datacenter
northeu
x-source-length
1466
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=369282
x-activityid
5968b53c-233c-4d42-a7e8-07352466e76e
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAvcS6D?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
731
expires
Sun, 17 Oct 2021 07:59:59 GMT
th
www.bing.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.eb3f0c491e59d78fbf36bc7969ea8ef5&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
ff8affc919f1e588a5eeb487afc5d1ea6a279e486c46e614c308ec35ef70a6e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 91C37FEAEFAE4123BF8A5EC0076CCCEE Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
2508
BB10dZOG.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		308 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB10dZOG.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9c35c9853ea99d94357966d697ae8e434f52f06ebdec142f0482d57dcbbef91f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Sun, 10 Oct 2021 17:28:25 GMT
x-datacenter
northeu
x-source-length
1682
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=230607
x-activityid
ad0b3c7d-e6d9-4fa6-88e4-0666f0bbe3f0
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZOG?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
308
expires
Fri, 15 Oct 2021 17:28:44 GMT
th
www.bing.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d00c6e628b3f1a2f59702593dd0ec0b8&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
6ad7628be49bba147b10b9601c891c33863529bd2bf7aa46b8bc9480c140c625

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: AB8A42E4F529447C8B7612BD3981155E Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_MISS
timing-allow-origin
*
access-control-allow-headers
*
content-length
2116
th
www.bing.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.3491a8916c58156e29b589924c60872f&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
546599a5eba884c3cbf5a629916caa125f11ffb03e1683526cb2dda51b0b4345

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 160C9C95FA2B4A65919DDC4ACA517F07 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3847
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
silentpassport
www.msn.com/en-us/homepage/secure/ Frame 248C
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1634088315&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2fhomepage%2fsecure%2fsilentpassport%3fsecure%3dtrue&...
  • https://www.msn.com/en-us/homepage/secure/silentpassport?secure=true&lc=1033
239 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/homepage/secure/silentpassport?secure=true&lc=1033
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
Security Headers
Name Value
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.msn.com
:scheme
https
:path
/en-us/homepage/secure/silentpassport?secure=true&lc=1033
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
cookie
_EDGE_S=F=1; _EDGE_V=1; MC1=GUID=601bd0096db54567a317ef4d7344cda8&HASH=601b&LV=202110&V=4&LU=1634088314373; MS0=16297ab53bdf45dcadf3c9b7827040ae; ocid=spartandhp; PreferencesMsn=eyJFeHBpcnlUaW1lIjo2MzgwMTIyMTExNTUwMDMyNjQsIlZlcnNpb24iOjF90; RecentStocks=; anoncknm=; adslrid=N; MUID=0DC7A365ECBD6A392AA2B3AAEDF86BE3; __gads=ID=76066f00d54fb4d2:T=1634088317:S=ALNI_MZDJUHCM3F4aVpcoZYszvZuTFBsMQ; timeZoneOffsetInMins=0; _SS=SID=00
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

cache-control
private, no-transform
content-length
185
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
User-Agent
set-cookie
RecentStocks=; domain=www.msn.com; expires=Tue, 12-Oct-2021 01:25:18 GMT; path=/; secure; HttpOnly
access-control-allow-origin
*
x-aspnetmvc-version
5.2
x-appversion
20211010_25060845
x-activity-id
fab63ee6-0874-4120-bf58-56452b3d1d46
x-az
{did:951b20c4cd6d42d29795c846b4755d88, rid: 17, sn: neurope-prod-hp, dt: 2021-09-29T17:47:48.3063183Z, bt: 2021-10-10T00:20:00.8083002Z}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-powered-by
ASP.NET
access-control-allow-methods
HEAD,GET,OPTIONS
x-xss-protection
1
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: FAB63EE608744120BF5856452B3D1D46 Ref B: PRG01EDGE0808 Ref C: 2021-10-13T01:25:17Z
date
Wed, 13 Oct 2021 01:25:17 GMT

Redirect headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
Wed, 13 Oct 2021 01:24:17 GMT
Location
https://www.msn.com/en-us/homepage/secure/silentpassport?secure=true&lc=1033
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy
strict-origin-when-cross-origin
x-ms-route-info
R3_BL2
x-ms-request-id
08460c5f-3b03-49a7-acc8-1c2fff086f3f
PPServer
PPV: 30 H: BL02EPF00001886 V: 0
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Set-Cookie
uaid=d43a8a5425d4476f9a41e83f5810e3ae; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=1184&lt=1634088317&co=2; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Date
Wed, 13 Oct 2021 01:25:17 GMT
Content-Length
0
getuid
eb2.3lift.com/
Redirect Chain
  • https://eb2.3lift.com/mapuid?suid=0DC7A365ECBD6A392AA2B3AAEDF86BE3&sid=16
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
date
Wed, 13 Oct 2021 01:25:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
collect
px.ads.linkedin.com/
Redirect Chain
  • https://www.bizographics.com/collect/?fmt=gif&pid=7850
  • https://px.ads.linkedin.com/collect?fmt=gif&pid=7850
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Ffmt%3Dgif%26pid%3D7850%26liSync%3Dtrue
  • https://px.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true
0
0
msnhomepagehistory.aspx
www.bing.com/ 		2 B
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/msnhomepagehistory.aspx?_=1634088316113
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:17 GMT
content-encoding
br
x-msedge-ref
Ref A: 93AB2838EB974FAC8263350E40FB0C86 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:17Z
x-snr-routing
1
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
access-control-allow-origin
https://www.msn.com
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
content-length
6
expires
-1
AA2SEPB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA2SEPB.img?m=6&o=true&u=true&n=true&w=305&h=300
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d62b79b737117ba2c79fa5c6deafa5f3d9eacf7ea18808e0d775d27c5d4cb1c1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA2SEPB
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Fri, 08 Oct 2021 18:33:22 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
261918
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=61653
x-activityid
8c529225-7c18-4a7d-901a-bb5b6ef319bd
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA2SEPB?m=6&o=true&u=true&n=true&w=305&h=300
content-length
15033
expires
Wed, 13 Oct 2021 18:32:50 GMT
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
BBqlEdK.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		594 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBqlEdK.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
63478e930215112adb29425b1b1bb0f531381e85a159b4b5907629c11fc55991
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Sun, 10 Oct 2021 07:40:32 GMT
x-datacenter
northeu
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=195263
x-activityid
3d3ce278-aa6e-4e8c-a485-41ecb431cb96
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBqlEdK?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
594
expires
Fri, 15 Oct 2021 07:39:40 GMT
BB1epHIs.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1epHIs.img?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2b712627283b50d3786db72c77da81e7ea9ff5cd361eb0f49e5d2c3737e096f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Mon, 11 Oct 2021 14:58:26 GMT
x-datacenter
northeu
x-source-length
106569
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=307986
x-activityid
5817f880-1377-4955-84e6-f187071d2949
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1epHIs?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
5348
expires
Sat, 16 Oct 2021 14:58:23 GMT
BB194HRJ.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB194HRJ.img?h=197&w=306&m=6&q=60&u=t&o=t&l=f&x=1817&y=640
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6f3153fe0256ad1cd6f80768f62dde22bb47edef2caa97006625fed1f4fe17ad
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 23:52:32 GMT
x-datacenter
northeu
x-source-length
940779
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426456
x-activityid
abea3557-e1e6-4751-b425-601fd04c2aa7
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB194HRJ?h=197&w=306&m=6&q=60&u=t&o=t&l=f&x=1817&y=640
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
14249
expires
Sun, 17 Oct 2021 23:52:53 GMT
AAPqYZt.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPqYZt.img?h=82&w=100&m=6&q=60&u=t&o=t&l=f
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f8d1a32ae6dca7e73f857fb22d087f69dc3ff06be3a825e031fc814ae07c8f84
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 23:52:32 GMT
x-datacenter
northeu
x-source-length
3609170
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426461
x-activityid
d2223fd5-ffce-4648-b566-8bf8021dbc7d
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPqYZt?h=82&w=100&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2990
expires
Sun, 17 Oct 2021 23:52:58 GMT
AAPr7OJ.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPr7OJ.img?h=82&w=100&m=6&q=60&u=t&o=t&l=f
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a7aa37e5713cc71e45cdd0d1e9f6715d35d0890c0cdd01b9795a9bff6a86443a
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 23:52:32 GMT
x-datacenter
northeu
x-source-length
378531
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426385
x-activityid
40f6fba1-faa4-4a36-ac23-ef9ca448dc01
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPr7OJ?h=82&w=100&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2305
expires
Sun, 17 Oct 2021 23:51:42 GMT
AANUdSY.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AANUdSY.img?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd972a8f26571531ed6cc456f7cd2da098a2eb36f00861de19f49a4fcbb2edfa
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 01:39:14 GMT
x-datacenter
northeu
x-source-length
208896
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=346372
x-activityid
fbf1ea48-0e09-4e1a-b62a-eec307becc75
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AANUdSY?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
6965
expires
Sun, 17 Oct 2021 01:38:09 GMT
AAgnIPB.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		711 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAgnIPB.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c83ffcdb1004e6b8ebd23d39bd83dff1c131a8ddbe1583f897ff158c25b4afa
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
last-modified
Tue, 12 Oct 2021 07:23:09 GMT
x-datacenter
northeu
x-source-length
18952
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=366941
x-activityid
3bae5e7a-8f9e-47b9-ad7d-8ee852926870
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAgnIPB?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
711
expires
Sun, 17 Oct 2021 07:20:58 GMT
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.7e840e4795f81ec96ae0939a01b68594&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
8af27e90b7feaca0281a29255241074894e0538785d388d11bb3d67de672eb97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 74B5BA7B94DF44468EA3D89F45FB0648 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3027
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.8d291905ea7f86c28afca3db146049e3&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
311328df6b25b2aebd094c30999b651066917b6647924fbc3538709bfdf302cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 688E6CF6AB1E4EFF8ECC23FEAE9597B0 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3092
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.6a3e9e38446792e4e029d68532403044&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
310a2544197b3ebea2143dabbb8f7516228c0246e7250aa338f8d350de50be98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 381D4A0EF41C4DB589B6CB983C969449 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3045
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.80afa8b0e58ab911f6db73b49b50ed53&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e443d0139087244f62a3706af746e152c52e1b21eb59bd26ad611a9f7cf3f661

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: D91E4BAD2042436980D70217CD09F17A Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3162
th
www.bing.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.eb3f0c491e59d78fbf36bc7969ea8ef5&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
ff8affc919f1e588a5eeb487afc5d1ea6a279e486c46e614c308ec35ef70a6e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 9413E77005DC45A8969BB99A8EB00504 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
2508
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.81da61adce17089a4498716a73bba2e9&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e769b6557007cfe73eed4d7fee49308e023f69fcde083088e1fd7f22c653d504

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: E75A0F3369FE4D0EA7367D99BDAC8368 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
2950
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.2eb5f67d50ac686b2fb475b996c0080b&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
bc507438a8174c454cc483ce128f1baa1fc0f6525ae63fbc828b294d4176bd81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 4CE4B1C1756F4F209214A4006BF6420E Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
2766
TaboolaCookieSyncScript.js
cdn.taboola.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/TaboolaCookieSyncScript.js
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f20a080cb6f3540c27ec0aa19010bf2351681a7a8d9e791603e8c9626591b9ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
H.Y5st4f9YCLW_cyz9zrbO7e673uzGOr
content-encoding
gzip
etag
"c82b00ef266759f04018438bb542679a"
age
5908
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
817
x-amz-id-2
f3kaCUbjeqUviXRu29sb6/wFka4PiMCcu9FTTRo1SaLL4tKelLy1G+6r6Guk5SnW5nQcQtd0CiY=
x-served-by
cache-hhn4028-HHN
last-modified
Mon, 16 Oct 2017 10:26:53 GMT
server
AmazonS3
x-timer
S1634088318.030370,VS0,VE0
date
Wed, 13 Oct 2021 01:25:18 GMT
vary
Accept-Encoding
x-amz-request-id
Z8Y5XQDWNT9CKM3T
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
62
x-cache-hits
13
MSNIdSync.js
widgets.outbrain.com/external/publishers/msn/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/external/publishers/msn/MSNIdSync.js
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bdedb783ca58950069becc083e52b1c589a6db707e45c18f3fdd2a7bef13aac3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 05:43:58 GMT
server
AkamaiNetStorage
etag
"38b34060ca840f9d2e00550542d1e3c6:1633326715.088243"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2138
sync.js
ib.3lift.com/ 		275 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/sync.js
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.29.33 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:10:56 GMT
via
1.1 0363fab377de19b9b4f85394469f6fca.cloudfront.net (CloudFront)
last-modified
Wed, 13 Oct 2021 01:10:56 GMT
age
862
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-C2
content-length
275
x-amz-cf-id
Gg5gkT4Tco46Be-vOB4fe50NJTh2rfVM7REiO45pD_OooBU5J-10jg==
BBCleeG.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		628 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBCleeG.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1fe86d21df7f0e1c075b4b14adf691e6af8b468ed2f66fd8cca6e6f98a897299
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBCleeG
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Mon, 11 Oct 2021 03:25:42 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
20493
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=266370
x-activityid
510a9d7d-b9bd-47be-8161-c837eda1edcc
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBCleeG?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
628
expires
Sat, 16 Oct 2021 03:24:48 GMT
BB1gRJts.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1gRJts.img?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=456&y=158
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5007ee1edee42bc47d17ffe2c39fe385c7bd99d1a3dc7b3f7f1c021687345265
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Tue, 12 Oct 2021 23:52:32 GMT
x-datacenter
northeu
x-source-length
172785
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426437
x-activityid
774a3258-6613-48d8-9749-35f555ac4b19
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1gRJts?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=456&y=158
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
3317
expires
Sun, 17 Oct 2021 23:52:35 GMT
AAMehvA.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAMehvA.img?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
029cbf0100b313219863e61a67f9a971a1297920bea93229f43f30b9aaeabc5d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Sun, 10 Oct 2021 09:08:48 GMT
x-datacenter
northeu
x-source-length
128138
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=200520
x-activityid
a664b453-99b3-4501-8e3c-83a5f628d271
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAMehvA?h=250&w=206&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
14094
expires
Fri, 15 Oct 2021 09:07:18 GMT
AAfZ6og.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		663 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAfZ6og.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
49eefa06fd8b2b228e6ee5f7d3af6f3ccfff82fd3762ebb3df322881d76e27b7
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Sat, 09 Oct 2021 08:08:16 GMT
x-datacenter
northeu
x-source-length
18424
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=110637
x-activityid
75d211f6-ab0f-4688-bb84-2ef9cc5b994b
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAfZ6og?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
663
expires
Thu, 14 Oct 2021 08:09:15 GMT
BB1e6XdQ.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		575 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1e6XdQ.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5c099f1d79e45728021be14c4bc8cff7910f26cd0ebeec08520521346271f44
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Sun, 10 Oct 2021 21:44:04 GMT
x-datacenter
northeu
x-source-length
5249
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=245914
x-activityid
a5589db9-c056-4a02-a191-c3a410a879ba
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1e6XdQ?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
575
expires
Fri, 15 Oct 2021 21:43:52 GMT
AAPrbU6.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPrbU6.img?h=197&w=306&m=6&q=60&u=t&o=t&l=f&x=400&y=201
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
431e56243237c49670f54cbee69d68fa8b6dfe9c59283b339e17c86894b83f0e
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Wed, 13 Oct 2021 00:47:06 GMT
x-datacenter
northeu
x-source-length
226897
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429609
x-activityid
1f47bc77-9881-4cd2-8851-280d5e254a42
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPrbU6?h=197&w=306&m=6&q=60&u=t&o=t&l=f&x=400&y=201
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
11904
expires
Mon, 18 Oct 2021 00:45:27 GMT
BB11O75S.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB11O75S.img?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=558&y=699
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b498455f613758434d457bb8b66234d0bb650c2c1a3951c6a54aa6acb73002bc
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Fri, 08 Oct 2021 07:16:32 GMT
x-datacenter
northeu
x-source-length
634383
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=21056
x-activityid
99c86e47-6dd8-481f-a212-3fe381517e8f
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB11O75S?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=558&y=699
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
3177
expires
Wed, 13 Oct 2021 07:16:14 GMT
AAPfDBI.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPfDBI.img?h=197&w=306&m=6&q=60&u=t&o=t&l=f
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
60f2da850d50df498352834b04499e50fc0230e2a4b75eea0aa9c81a34e090f6
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Tue, 12 Oct 2021 07:04:17 GMT
x-datacenter
northeu
x-source-length
183230
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=365929
x-activityid
1c2d8472-9367-4009-9b65-b4387ab38412
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPfDBI?h=197&w=306&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
15598
expires
Sun, 17 Oct 2021 07:04:07 GMT
th
www.bing.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.3491a8916c58156e29b589924c60872f&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
546599a5eba884c3cbf5a629916caa125f11ffb03e1683526cb2dda51b0b4345

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 3FED48BED4A24B32BDD009B4F055E064 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3847
BBNsWtr.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		674 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBNsWtr.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
107ebc2c18780f04dbd1e296986ac1296129bf83fd70bf2d0eb7ccef2c2b53b8
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Sun, 10 Oct 2021 03:16:45 GMT
x-datacenter
northeu
x-source-length
661
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=179521
x-activityid
f48632cc-6157-47be-9406-cfba40e5aef3
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNsWtr?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
674
expires
Fri, 15 Oct 2021 03:17:19 GMT
AACl4vY.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		690 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AACl4vY.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4821ce434a205521d97f3183a539f1faf2f9f089f887bb4fcfedc1b9c8b345c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Mon, 11 Oct 2021 02:58:14 GMT
x-datacenter
northeu
x-source-length
4142
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=264764
x-activityid
1a4be31f-3b6f-43e5-b7bb-6da39dfe7d36
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl4vY?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
690
expires
Sat, 16 Oct 2021 02:58:02 GMT
AAxf7dg.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		402 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAxf7dg.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a183c867937b3c0166937e749f52f90512fd097922ecd602a768649182d2604d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAxf7dg
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Sun, 10 Oct 2021 00:59:57 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=171242
x-activityid
37940972-3785-495e-98a1-33fe9e312333
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAxf7dg?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
402
expires
Fri, 15 Oct 2021 00:59:20 GMT
BBjLpNF.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		471 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBjLpNF.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d2844262bf9d7cb8fb0c8437bdbb40dadd193fd31f16a66e978e9a3c190b110
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Mon, 11 Oct 2021 02:37:06 GMT
x-datacenter
northeu
x-source-length
351
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=263508
x-activityid
6c125262-936e-480e-8948-7552f5ecb6ae
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBjLpNF?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
471
expires
Sat, 16 Oct 2021 02:37:06 GMT
AAADLcm.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		785 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAADLcm.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad6337c4c48d8db777b119261cbd3714d78e1a0f8c4e1aaae5fcbf308e378773
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Mon, 11 Oct 2021 03:38:58 GMT
x-datacenter
northeu
x-source-length
2028
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=267266
x-activityid
c00f4e9d-05f0-4688-b13d-4c581f93bac2
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAADLcm?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
785
expires
Sat, 16 Oct 2021 03:39:44 GMT
AAPrb8K.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAPrb8K.img?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=526&y=242
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1dc87aaaf80e24bd34e27af185f08a5d050d98ea4becedd7b0ef07c5295b3d1c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Tue, 12 Oct 2021 21:44:12 GMT
x-datacenter
northeu
x-source-length
860873
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=418635
x-activityid
6510e482-7cba-4d10-9df3-abde295a10a4
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPrb8K?h=82&w=100&m=6&q=60&u=t&o=t&l=f&x=526&y=242
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
20614
expires
Sun, 17 Oct 2021 21:42:33 GMT
AAvcS6D.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AAvcS6D.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
28fc3eb91dde3de99ffd7a31cd728888eb2dc330c0de927db232fb342fab1a03
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Tue, 12 Oct 2021 07:59:59 GMT
x-datacenter
northeu
x-source-length
1466
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=369281
x-activityid
5968b53c-233c-4d42-a7e8-07352466e76e
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAvcS6D?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
731
expires
Sun, 17 Oct 2021 07:59:59 GMT
BB10dZOG.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		308 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB10dZOG.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9c35c9853ea99d94357966d697ae8e434f52f06ebdec142f0482d57dcbbef91f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Sun, 10 Oct 2021 17:28:25 GMT
x-datacenter
northeu
x-source-length
1682
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=230606
x-activityid
ad0b3c7d-e6d9-4fa6-88e4-0666f0bbe3f0
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZOG?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
308
expires
Fri, 15 Oct 2021 17:28:44 GMT
BBgjtLu.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		344 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BBgjtLu.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6ab09839dfd5e9e4193ae436fb64705cdcb063d12dd9d4962c40aa262b8f17f0
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBgjtLu
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Tue, 12 Oct 2021 07:07:56 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
283
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=366159
x-activityid
12f1a53a-93f6-4c18-ae8d-550cd841019a
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBgjtLu?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
344
expires
Sun, 17 Oct 2021 07:07:57 GMT
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8850 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 12 Oct 2021 16:52:01 GMT
expires
Wed, 12 Oct 2022 16:52:01 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
30797
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame DA5E 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
752e093cc5305e5235c9c91e2978d48bd3c79792360399a708ab784e2e3963b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5OjcRa/MFKno2+AvtSmRiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 13 Oct 2021 01:25:18 GMT
date
Wed, 13 Oct 2021 01:25:18 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-5OjcRa/MFKno2+AvtSmRiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 4F62 		38 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=undefined&euconsent=undefined&us_privacy=undefined&referrer=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj
Requested by
Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=https%3A%2F%2Fwww.msn.com%2Fen-us%2Flifestyle%2Flifestyle-buzz%2Fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2Far-AAJTECj
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tag.idsync.analytics.yahoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
ATS/7.1.2.138
Age
0
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://tag.idsync.analytics.yahoo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
AA9tqjr.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		679 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/AA9tqjr.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5610226e0bc7f1a0ae11254a35d7e058ae18ead411eb6d5b2331ccbcba8e9359
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Tue, 12 Oct 2021 08:05:03 GMT
x-datacenter
northeu
x-source-length
1664
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=369607
x-activityid
4853c664-48c0-4bb0-a277-19ab7174c4ad
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9tqjr?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
679
expires
Sun, 17 Oct 2021 08:05:25 GMT
BB1vTrk.img
static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/ 		424 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB1vTrk.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c49529a9a33f002f4e6de1ff638cb7aff7649894ae517a5a397122b5dabad2ae
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Sat, 09 Oct 2021 19:44:19 GMT
x-datacenter
northeu
x-source-length
320
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=152342
x-activityid
5bc2594a-4931-4aaf-9306-b320bb8a6361
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1vTrk?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
424
expires
Thu, 14 Oct 2021 19:44:20 GMT
AA2SEPB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA2SEPB.img?m=6&o=true&u=true&n=true&w=305&h=300
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d62b79b737117ba2c79fa5c6deafa5f3d9eacf7ea18808e0d775d27c5d4cb1c1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA2SEPB
date
Wed, 13 Oct 2021 01:25:18 GMT
last-modified
Fri, 08 Oct 2021 18:33:22 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
261918
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=61652
x-activityid
8c529225-7c18-4a7d-901a-bb5b6ef319bd
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA2SEPB?m=6&o=true&u=true&n=true&w=305&h=300
content-length
15033
expires
Wed, 13 Oct 2021 18:32:50 GMT
container.html
539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2142 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Wed, 13 Oct 2021 01:25:17 GMT
expires
Thu, 13 Oct 2022 01:25:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
th
www.bing.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.a47a36624815f9bb55b17f8d64c0f25b&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
c31872e85b49834246a25c46c870fcddf837d55d0cd648d0061cba0d37272bfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:17 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 4B79AF3CB8764C72994B4C6BAB91BC35 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
2602
th
www.bing.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d81d2d63ae9095ff06d70d36e8d432ec&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
27b559fb21037e7972ffabb594b1cafcb9247f6fa94100b16a03cff3d250a8c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: B2491AE23C1C4079838D110B5C712C1F Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
2184
th
www.bing.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.dcc1284fe955ce6eb16c772853b5e8d4&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
93a0d2cd7595584ed09363bbf9dcca489c5e45f3c93497476f04dd00e23365e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 479BBE2F322D460FA2B38E1FAD0D5C93 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
3748
th
www.bing.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d00c6e628b3f1a2f59702593dd0ec0b8&pid=Wdp&h=82&w=100&rs=6&c=6&qlt=70
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us?refurl=%2fen-us%2flifestyle%2flifestyle-buzz%2fkatie-holmes-talks-about-that-bra-and-cardigan-moment%2far-AAJTECj%3focid%3dspartandhp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
6ad7628be49bba147b10b9601c891c33863529bd2bf7aa46b8bc9480c140c625

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-msedge-ref
Ref A: 33C59DB3FEC74A7CAC305FCB3F0CC310 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
2116
sync
eb2.3lift.com/ Frame 0E79 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/sync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a65b8799985dac9f53ed94f817a8be3e978c1cbe3a7f01ca2b8c688f29a83fed

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
cookie
tluid=14902451332859027369
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
content-type
text/html; charset=utf-8
content-length
465
set-cookie
sync=CgoIgQIQ4uqDuscvCgoI4gEQ4uqDuscvCgoI5gEQ4uqDuscvCgoIhwIQ4uqDuscvCgkICRDi6oO6xy8KCQg6EOLqg7rHLwoJCAsQ4uqDuscvCgoIjAIQ4uqDuscvCgoIzgEQ4uqDuscvCgkIXxDi6oO6xy8=; Max-Age=7776000; Expires=Tue, 11 Jan 2022 01:25:18 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=14902451332859027369; Max-Age=7776000; Expires=Tue, 11 Jan 2022 01:25:18 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
user.sync
api.taboola.com/1.2/json/taboola-usersync/ 		110 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.taboola.com/1.2/json/taboola-usersync/user.sync?app.type=desktop&app.apikey=e60e3b54fc66bae12e060a4a66536126f26e6cf8&response.callback=taboolaHandleUpdateUserId
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/TaboolaCookieSyncScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
abda4721f7c3decb74c8921e0638b06b48a387f4aa3fcdfee396231b45901916

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Wed, 13 Oct 2021 01:25:18 GMT
content-encoding
gzip
server
nginx
x-timer
S1634088318.193703,VS0,VE8
x-served-by
cache-hhn4028-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
uidmap
sync.outbrain.com/ 		90 B
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.outbrain.com/uidmap
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/external/publishers/msn/MSNIdSync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
682b3f8f83792d34bd956f14c546f54e2da4ae47d780d0cecc37525ba778ec84

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Wed, 13 Oct 2021 01:25:18 GMT
content-encoding
gzip
Content-Type
application/json
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
X-TraceId
1570d921cce6845ad15ba603104b956a
Content-Length
115
/
b1sync.zemanta.com/usersync/msn/ 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/msn/?puid=225CE5DFF1226E1C0C16F510F0606F66
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:18 GMT
Content-Length
26
Content-Type
image/gif
164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
pagead2.googlesyndication.com/bg/ Frame 8850 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 19:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
22522
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13308
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 12 Oct 2022 19:09:56 GMT
vevent
fra1-ib.adnxs.com/ Frame 82ED 		0
825 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKrDPD9KwYAAAMA1gAFAQj86piLBhCToMyqnrqSqhoY3Zy6kIT_ptk8KjYJFSe1SBgbAkARQpa82pHT_z8ZAAAAwMzMCEAhVGv0eav3BEAplq31RULbB0AxAAAAgML14D8wz67IATiYAkCpOUgCUMDZgJIBWOS1A2AAaMDYOHjsxQWAAQGKAQNVU0SSAQNVU0SYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoClQF1ZignYScsIDE2OTQzNjgsIDE2MzQwODgzMTYpO3VmKCdpJywgNTYyNDM1NiwgMTYzNDA4ODMxNik7dWYoJ2cnLCAxNDQwODM3NixCOwAsYycsIDQ5MDUzNzE2RjwAMHInLCAzMDYxOTU2NDg2HwD0dQGSAtkEIVZIazdhUWlVZ0xJWEVNRFpnSklCR0FBZzVMVURNQUk0QUVBQVNLazVVTS11eUFGWUFHQzFCbWdBY0FCNEFJQUJBSWdCQUpBQkFKZ0JBS0FCQ3FnQkNyQUJBTGtCa2JTaXV3ZWdCRURCQWZLR1FDTkMyd2RBeVFFQUFBQ2dIcjBDUU5rQnRUZjR3bVNxNnpfZ0FhU2sxd0wxQVRNenN6LVlBZ0NnQWdTMUFnQUFBQUM5QWdBQUFBRGdBZ0RvQWdENEFnQ0FBd0dZQXdHaUF3NEk0TGZSR3hBRUdBRXRPMFFRT3FJREV3aXdtTDhiRUFvWUFTMzE2QlZBTWdOMWJtdTZBd2xHVWtFeE9qVTNPREhnQTlJc2dBVFk0SmNHaUFUcjRKY0drQVFCbUFRQnNnUUpDTmIyZlJEMW9fNE11Z1FaQ08wSUViZ2VoZXRSdUw0X0dRQUFBQUFBQUFBQUlOYjJmY0VFdUI2RjYxRzR2al9KQgG_DQEYMkFRQThRUQ0OKEFBQUlnRmxTMnBCERMUUEFfc1FVARoJAThNRUZEbmNVRWdlZ0JFREouKAAAMC4oAAhOa0YJMchBQThEX2dCZDZaRXZBRnVMWHZCdmdGb0xWbmdnWURSVlZTaUFZQWtBWUJtQVlBb1FabVoFAjRiMlA2Z0dCTElHSkFrQRUBBEJFFQsIQUJrGQwAQx0YRExnR0NnLi6aApkBIWl4c19CZzpdAixPUzFBeUFBS0FBeFoFbZBabTlqODZDVVpTUVRFNk5UYzRNVURTTEVtMU5fakNaS3JyUDFFGW0ARh15MEdHNEhvWHJVYmktUDIdGABIHZEMSGdBaUVxAQH0aQFEd1B3Li6yAiAyMjVDRTVERkYxMjI2RTFDMEMxNkY1MTBGMDYwNkY2NtgCAeACu85U6gIUaHR0cHM6Ly93d3cubXNuLmNvbS-AAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOmBeADAOgDAPgDA4AEAJIEDi9vcGVucnRiMi9tc2Z0mAQAogQPMjE2LjEzMS4xMTQuMTM5qAQAsgQMCAAQABgAIAAwADgCuAQAwASOmo8iyAQA0gQONzMzNyNGUkExOjU3ODHaBAIIAeAEAPAEwNmAkgH6BBIJAAAAIF8PSUARAAAAoJCSIUCIBQGYBQCgBf___________wGqBSBhYzMzNDNhNzQ5ZWI0YjBhYmM3MzUzYzkxYzZkZDFhOcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYUB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBrQl2gYWChAAAAAAAAkWBQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaQCAAMAA4vwZAAMgH7MUF0gcNAcwFAQE4CNoHBgknNOAHAOoHAggA8AcA-gcSFSQAEQUqEAAAAIIIShUA&s=b1bfeaf88a3a44e431b260c54714f8eb517a0a91&type=pv&jm=1003&px=1132&py=383&bw=300&bh=250&sf=1&sid=4437987841363128283&vd=ct~0|rr~6&sv=217&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=3282767&cid=3&cr=pv&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/217/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ddefc85d-f2e3-4cff-8a44-369f7120a9a2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 68C9 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=280&pub_id=43801&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=280&pub_id=43801
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a6988bb6-b81e-497c-a168-6676851236bb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 0E79 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 0E79
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMhqFEmK7SwD7xqV_wNLAPY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMhqFEmK7SwD7xqV_wNLAPY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMhqFEmK7SwD7xqV_wNLAPY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E79
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ5MDI0NTEzMzI4NTkwMjczNjk%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ5MDI0NTEzMzI4NTkwMjczNjk%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ5MDI0NTEzMzI4NTkwMjczNjk%3D
date
Wed, 13 Oct 2021 01:25:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 0E79 		0
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=14902451332859027369&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.11.69 -, , ASN (),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
1PeRBatyrRaQLjNR3ioAAA==
xuid
eb2.3lift.com/ Frame 0E79
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/14902451332859027369?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-1xtvY4ZE2oSF3ouLYfWDlVsPX3ubJoBvHWMSQx5jeQ--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1xtvY4ZE2oSF3ouLYfWDlVsPX3ubJoBvHWMSQx5jeQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 13 Oct 2021 01:25:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-1xtvY4ZE2oSF3ouLYfWDlVsPX3ubJoBvHWMSQx5jeQ--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 0E79 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=14902451332859027369&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.157.70.90 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
c.gif
c.bing.com/ Frame 0E79 		42 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=14902451332859027369&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
etag
"367bb54357aad71:0"
last-modified
Wed, 15 Sep 2021 17:29:40 GMT
x-msedge-ref
Ref A: C9572FEC67AA46A6B92A7F92212B6B76 Ref B: PRG01EDGE0717 Ref C: 2021-10-13T01:25:18Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame 0E79
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=14902451332859027369
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14902451332859027369&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14902451332859027369&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4W7WY9K4P9BMNM2XQA97
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=14902451332859027369&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 0E79
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 0E79
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3848541916611467137&dongle=d407
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=3848541916611467137&dongle=d407
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=3848541916611467137&dongle=d407
pragma
no-cache
date
Wed, 13 Oct 2021 01:25:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
adview
securepubads.g.doubleclick.net/pagead/ Frame 2142 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2l_kfTVmYfqXMdyK7_UP6f07qtHBv2Wu7ajwsA76tIzxvgEQASD0_JIhYMkGoAGylKfbA8gBA-ACAKgDAcgDmQSqBOECT9Dc1Z62hkqi2GUgVQqH_j2tMK5WJY9ovHSTsuLBikdBD2PuVNC2njOgN9-g0AT070DtB54s6dFRErsJzsoItC4qNAgVJN8ICM2uTLfXi_ITz00g76gF2fvxXUic_10fwei5_ZkNWcrTushlPIsy0okXnZkIHBUtytSno3a5gPNo5vcnxBFbzHuast2ds24aKec66dooMZs6RMF8YiWdvFB6oJnW1TlsMIOyhFbGyDGUsutopIEaXlhooPxEU3yMBEJ0YGizO9nJkVhIjTUTFimTmgnNyTDU6Eeb_DRAeGxc-RnMLFnGX2GWpjOadOf8ewl5e2Ue_fCbKtpCRb7ykF9_eWSGsCtSWztc7sVQnzSUTxd-LUAoBxlEh1TKmrxbnrtqhfs4lixrpJMGWLfCY7pDeWD_4v_6my0e2mpWWLCcEV_v3i3xq_F_yr7piRINKCpmjenuu1VZGkBUD5RGB2fABNfUu-PpA-AEAZIFBAgEGAGSBQQIBRgEoAYDgAe269gkqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBCH-gbSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi0yODg1MDQ3ODIxOTM0NDI2gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTg5Mjk2Njc2MzQyMTA0ODAYuJIe&sigh=4OiyGpkGTRE
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/ Frame 2142 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/abg_lite_fy2019.js
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 00:36:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 00:36:28 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2142 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/window_focus_fy2019.js
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 01:11:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2142 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37935
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633952256361887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Oct 2021 01:25:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2142 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:09:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Oct 2021 01:09:36 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/ Frame 2142 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211011/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
cafe /
Resource Hash
1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 20:01:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11185
x-xss-protection
0
server
cafe
etag
5630310602010257655
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Oct 2021 20:01:08 GMT
17675210695519715615
tpc.googlesyndication.com/simgad/ Frame 2142 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17675210695519715615
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
fb0614cab71c48517a0813549c6dac39b608e5562fc91e55c680154d10716d1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 06 Oct 2021 10:17:25 GMT
x-content-type-options
nosniff
age
572873
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74854
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 01:02:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 06 Oct 2022 10:17:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DA5E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100701&jk=3924126618916393&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 82ED 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdvPKyPrf2TJX6kkCzjQnvgf7SszTbSV84ZH_JRYC7jxnWoXXa9I29PlDgbRCc2wyqPS8tDCA9tNdarfgEAks&sig=Cg0ArKJSzG3ceWyAH6qYEAE&id=lidar2&mcvt=1045&p=0,0,250,300&mtos=1045,1045,1045,1045,1045&tos=1045,0,0,0,0&v=20211011&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634088316743&rpt=708&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 7C03 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/external/publishers/msn/MSNIdSync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 -, , ASN (),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a40a2d129d1d6c6cca47c64752206d6ac5cf6a2801fc30c090489d5ca3122644

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
cookie
obuid=f02bb548-413a-486c-87b0-3dafa11c5143; muid=225CE5DFF1226E1C0C16F510F0606F66
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c474b20907d91e841bc277dfec5d9901:1634023186.523138"
last-modified
Tue, 12 Oct 2021 07:19:34 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Thu, 14 Oct 2021 01:25:18 GMT
date
Wed, 13 Oct 2021 01:25:18 GMT
content-length
5569
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
vevent
ams1-ib.adnxs.com/ Frame ED39 		0
825 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.msn.com%2F&e=wqT_3QKFC_D9hQUAAAMA1gAFAQj86piLBhD_lJuL853MmH0YjNKt5auGtvJLKjYJWrBL3SZs2j8RShEZfk3W2D8ZAAAA4KNwEkAhwH0dOGdE2T8p4noUrkfh2j8xAAAAgD0K5z8wpqaAAjiYAkDyVkgCUIyyuJUBWOS1A2AAaK2QZXittQWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJZdWYoJ2EnLCA0MDg1MDU0LCAxNjM0MDg4MzE2KTt1ZignaScsIDYzNzg1MTIsIDE2MzQwODgzMTYpO3VmKCdyJywgMzEzMzk5NTY0LCAuHwDwi5IC8QMhZEZ4MGV3ajFxZlVXRUl5eXVKVUJHQUFnNUxVRE1BQTRBRUFBU1BKV1VLYW1nQUpZQUdEVUFtZ0FjQUI0QUlBQkFJZ0JBSkFCQUpnQkFLQUJBYWdCQWJBQkFMa0JibG9PaTBqaDJqX0JBVzVhRG90STRkb195UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0FaQ29oUVAxQVQwSzF6NllBZ0NnQWdHMUFnASMEQzkJCPBGRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pReE5UbmdBOUlzZ0FUNnBQb0dpQVR4M3Z3R2tBUUFtQVFCd1FRQUEBUwEBCE1rRQEHCQEYRFlCQUR4QgkNBQEcaUFXX0lLa0YFDRxBQUE4RC14Qh0_NHdRWGhlaFN1Ui1IYVA4LigABF9SLigACDJRVQE_BEFBAfi4LUFGa01nQzhBWFpyYmtHLUFXLXF2a0JnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYmgVYCQ2Z0dCTElHSkFrAUkJAQBCHb8EQmsJFAEBAEMdGEBMZ0dDZy4umgKZASFCeFVDRj71AaBPUzFBeUFBS0FBeDRYb1Vya2ZoMmo4NkNVRk5VekU2TkRFMU9VRFNMRRFhDER3UDEdYQBGERgMQUFBRx0YAEcdGABIHRgMSGdBaS4JAvSoAXcuLrICIDIyNUNFNURGRjEyMjZFMUMwQzE2RjUxMEYwNjA2RjY22AIB4AK7zlTqAhRodHRwczovL3d3dy5tc24uY29tL4ADAIgDAZADAJgDFKADAaoDAMADrALIAwDYA6YF4AMA6AMA-AMDgAQAkgQOL29wZW5ydGIyL21zZnSYBACiBA8yMTYuMTMxLjExNC4xMzmoBACyBAwIABAAGAAgADAAOAK4BADABKXy_CDIBADSBA8xMTEyMiNBTVMxOjQxNTnaBAIIAeAEAPAEjLK4lQH6BBIJAAAAIF8PSUARAAAAoJCSIUCIBQGYBQCgBf___________wGqBSBkOGMwNmQ5M2JmZjA0MjM4YmJhNTI2NjhjZGQwZWZiMMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGkkLaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgADAAOL8GQADIB621BdIHDQkAAAAAAAAAJQ4M2gcGCAUJOOAHAOoHAggA8AcA-gcSCRFcAe8FAQSCCEoVAA..&s=eb8d5a3c9756f1498717f1632c8b39972e4c69f2&type=pv&jm=1003&px=436&py=232&bw=728&bh=90&sf=1&sid=4437987841363128283&vd=ct~0|rr~5&sv=217&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=4199206&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/217/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3469590a-0a9b-451c-94e1-f7adb14d873a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9D41 		143 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlBu2cGpyRGVMOAlXEuxVHG5qqL-Gmpm60hsUohq9iMkdvruOKLDDTrb6S4g_k
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 13 Oct 2021 01:00:15 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5FFA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 12 Oct 2021 21:06:15 GMT
expires
Wed, 13 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
15543
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2142 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28de0c92ffb9503cd9d102f6cb220cb5cd5958a7be84ea4cc784057d21ab0ff7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame AB5C 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=280&pub_id=43801&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=280&pub_id=43801
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
b164f64b-781b-4ecc-925c-19986a4c76b9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=677702&asId=e37619bd-a75a-8b54-94bd-0a1debded7a2&tv=%7Bc:qSNgQT,pingTime:1,time:1423,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:177%7D,%7Bpiv:100,vs:i,r:,t:345%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1078,o:345,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:1132.383.300.250,am:i,cc:1132.383.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~300.250%5D%7D%7D,%7Bsl:i,t:345,wc:0.0.1600.1200,ac:1132.383.300.250,am:i,cc:1132.383.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1078~100%5D,as:%5B1078~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:203,fm:sLGc32M+11%7C12*.677702-56362512%7C121%7C122%7C123,idMap:12*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-181-211.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
x-server-name
dt26.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=677702&asId=e37619bd-a75a-8b54-94bd-0a1debded7a2&tv=%7Bc:qSNgQU,pingTime:1,time:1424,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:177%7D,%7Bpiv:100,vs:i,r:,t:345%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:1079,o:345,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:1132.383.300.250,am:i,cc:1132.383.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~300.250%5D%7D%7D,%7Bsl:i,t:345,wc:0.0.1600.1200,ac:1132.383.300.250,am:i,cc:1132.383.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1079~100%5D,as:%5B1079~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:203,fm:sLGc32M+11%7C12*.677702-56362512%7C121%7C122%7C123,idMap:12*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.181.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-181-211.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
362358.gif
idsync.rlcdn.com/ Frame 7C03
Redirect Chain
  • https://idsync.rlcdn.com/420046.gif?partner_uid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
  • https://idsync.rlcdn.com/1000.gif?memo=CM7RGRJMCkgIARC-ngEaQGx4dnlNX2k2eHA2VUF6MndESHktaU1SWHhWVUhwVmdvQlI2NUU5TjM5TUF3YU1SY252bm9DU2NneVJnUFoyYXoQABoNCP7qmIsGEgUI6AcQAEIASgA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELfP_z_f1NPYsNGEOFTiL_0&google_cver=1
42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELfP_z_f1NPYsNGEOFTiL_0&google_cver=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Oct 2021 01:25:18 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELfP_z_f1NPYsNGEOFTiL_0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
29859
tags.bluekai.com/site/ Frame 7C03 		62 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29859?id=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:18 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
cookie-sync
sync.outbrain.com/ Frame 7C03
Redirect Chain
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&s=2&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=6PoZwdzCiVfJH1wqS0wN&gdpr=0&us_privacy=1---
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=6PoZwdzCiVfJH1wqS0wN&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:19 GMT
Cache-Control
no-cache
X-TraceId
2851438b4597c2ae52376af8d2156c2a
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
P3p
CP="We do not support P3P header."
Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=6PoZwdzCiVfJH1wqS0wN&gdpr=0&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 7C03
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7271693395134067963&obUid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7271693395134067963&obUid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:18 GMT
Cache-Control
no-cache
X-TraceId
a05e2a1a4274a975eef5801b8a68250
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
40b110ab-26d4-491b-a33f-8ff105c9995c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7271693395134067963&obUid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame 7C03
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=133726&dpuuid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&gdpr=0&gdpr_pd=1&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&gdpr=0&gdpr_pd=1&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.219.200 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v018-07edf1b28.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
PkNT0YrFQ+U=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v018-0da38673c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
NMg1J+btSFw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=133726&dpuuid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&gdpr=0&gdpr_pd=1&gdpr_consent=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
set
sync-jp.im-apps.net/imid/ Frame 7C03 		0
0
cookie-sync
sync.outbrain.com/ Frame 7C03
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=d98952e9-9268-46bc-b448-a2f14e3d805d
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=d98952e9-9268-46bc-b448-a2f14e3d805d
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:18 GMT
Cache-Control
no-cache
X-TraceId
8940439604c2f823becd3f8dc6bc8c64
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=d98952e9-9268-46bc-b448-a2f14e3d805d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
usermatch.gif
beacon.krxd.net/ Frame 7C03 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.171.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1634088318
x-served-by
beacon-n020-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.pixel
aa.agkn.com/adscores/ Frame 7C03 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.52.31 -, , ASN (),
Reverse DNS
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
cookie-sync
sync.outbrain.com/ Frame 7C03
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=ecae919b-3eb9-46b4-ba62-99623bd126c5
0
0
cookie-sync
sync.outbrain.com/ Frame 7C03
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=outbrain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329519229247263&expires=30&ssp=outbrain
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=babf4627-9858-4068-ba6a-cedbd75563b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=babf4627-9858-4068-ba6a-cedbd75563b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:18 GMT
Cache-Control
no-cache
X-TraceId
96f27c57f4f9eeb83dd664e95fbf5e7f
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=babf4627-9858-4068-ba6a-cedbd75563b0&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Wed, 13 Oct 2021 01:25:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 7C03 		43 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az%26uid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
586985
content-type
image/gif
expires
Wed, 13 Oct 2021 00:00:00 GMT
RX-76bc6ca4-8531-487e-8e1c-4b89780034e0-003
sync.targeting.unrulymedia.com/csync/ Frame 7C03
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEPs0Dip9JZs8wTyE45-i714&google_cver=1
  • https://sync.1rx.io/usersync/bidswitch/babf4627-9858-4068-ba6a-cedbd75563b0?gdpr=&gdpr_consent=
  • https://sync.1rx.io/usersync/bidswitch/babf4627-9858-4068-ba6a-cedbd75563b0?zcc=1&dspret=0&cb=1634088318772
  • https://sync.targeting.unrulymedia.com/csync/RX-76bc6ca4-8531-487e-8e1c-4b89780034e0-003
43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-76bc6ca4-8531-487e-8e1c-4b89780034e0-003
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-76bc6ca4-8531-487e-8e1c-4b89780034e0-003
pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
content-type
text/html
expires
0
cookie-sync
sync.outbrain.com/ Frame 7C03
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7018355880291793045
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7018355880291793045
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 13 Oct 2021 01:25:18 GMT
Cache-Control
no-cache
X-TraceId
4ed38a602668a254bb026983828d9404
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7018355880291793045
Date
Wed, 13 Oct 2021 01:25:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
ssps
px.powerlinks.com/user/sync/ Frame 7C03 		0
0
lons7jax
sync-tm.everesttech.net/upi/pid/ Frame 7C03
Redirect Chain
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmVTZFV5bkNCb3d3a1Fhb0pUUktqcG51M2hmZ0VwVmp2RjVOQmNIakptQjQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=1mpn7m0&google_gid=CAESEFjxZRfXc1J9__2TWTmnAtc&google_cver=1
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=1mpn7m0&
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3848541916611467137&newuser=1&dc_rc=2&dc_mr=5&dc_orig=1mpn7m0&
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=3d1f6166-357e-4300-a90d-c3e016ab60b1&dc_rc=3&dc_mr=5&dc_orig=1mpn7m0&
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26
0
0
lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
id.geistm.com/m/OB/ Frame 7C03 		0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.geistm.com/m/OB/lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.216.235 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:19 GMT
x-powered-by
Express
cookie-sync
sync.outbrain.com/ Frame 7C03
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=outbrain
  • https://creativecdn.com/cm-notify?pi=outbrain&tc=1
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=VLJnHugDB7hy2lfdoygj&pi=outbrain&tc=1
0
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 7C03 		0
0
cookiesyncredir
bttrack.com/Pixel/ Frame 7C03 		0
0
tpid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame 7C03 		49 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.111.115 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:19 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.18.10
content-type
image/gif
content-length
49
expires
0
/
loadus.exelator.com/load/ Frame 7C03 		0
0
cookie-sync
sync.outbrain.com/ Frame 7C03
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAw...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoC...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YWY1f4k_IyHXiPOLqDFwCAAABF0AAAIB&obUid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
0
0
partner
sync.search.spotxchange.com/ Frame 7C03 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 7C03 		0
0
cm
u.openx.net/w/1.0/ Frame 7C03 		0
0
sync
pixel.advertising.com/ups/58440/ Frame 7C03 		0
0
outbrain
sync.hgrtb.com/ Frame 7C03 		0
0
um
cs.emxdgt.com/ Frame 7C03 		0
0
server_match
ice.360yield.com/ Frame 7C03 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame 7C03 		0
0
/
s.ad.smaato.net/c/ Frame 7C03 		0
0
dpixel
cms.quantserve.com/ Frame 5FFA 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEByKEoVYFSredgAIHJc3Qq8&google_cver=1&google_push=AYg5qPKmtPXSZPDtzm31w4lqqYKH2kG_SxC3Nj15-spGgbh5X6sX-VcDZrZw8ByXas4xtRrRb0yoq3dHy4chbGhzuSuJ0y0Gt8k
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5FFA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA8Cej9K2YD4MYqd5nP9w_o&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEA8Cej9K2YD4MYqd5nP9w_o&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZnBRMzZhUncxTUF0MWM1&google_gid=CAESEA8Cej9K2YD4MYqd5nP9w_o&google_cver=1&google_push=AYg5qPK-2_bLOOdjbPOXguJlxD8I2vBIIZSjNlTuqUJV8ZM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZnBRMzZhUncxTUF0MWM1&google_gid=CAESEA8Cej9K2YD4MYqd5nP9w_o&google_cver=1&google_push=AYg5qPK-2_bLOOdjbPOXguJlxD8I2vBIIZSjNlTuqUJV8ZMBN6V-1pCu_Scq5BjEv-7ln_5v4gGMwDhnfdW1R8L6lfcLBaEoq36Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-0fc5286985aeff2d6@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZnBRMzZhUncxTUF0MWM1&google_gid=CAESEA8Cej9K2YD4MYqd5nP9w_o&google_cver=1&google_push=AYg5qPK-2_bLOOdjbPOXguJlxD8I2vBIIZSjNlTuqUJV8ZMBN6V-1pCu_Scq5BjEv-7ln_5v4gGMwDhnfdW1R8L6lfcLBaEoq36Q
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5FFA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEH0kh7OkCCXTFy0Lg7Tq0NU&google_cver=1&google_push=AYg5qPK_NEZOOms1rBKY9lxhRaKOlGhO3Z6DfhxC33ZEZeD1SwmC89QXNGw-cJ6Bor-D0_NjUgQHMyDpTKYXe...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEH0kh7OkCCXTFy0Lg7Tq0NU&google_push=AYg5qPK_NEZOOms1rBKY9lxhRaKOlGhO3Z6DfhxC33ZEZeD1SwmC89QXNGw-cJ6Bor-D0_NjUgQHMyDpTKYXe...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPK_NEZOOms1rBKY9lxhRaKOlGhO3Z6DfhxC33ZEZeD1SwmC89QXNGw-cJ6Bor-D0_NjUgQHMyDpTKYXeLp1_Y_zpSNaaM9h&google_hm=TUpFQVhkby1TQnprRXJw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPK_NEZOOms1rBKY9lxhRaKOlGhO3Z6DfhxC33ZEZeD1SwmC89QXNGw-cJ6Bor-D0_NjUgQHMyDpTKYXeLp1_Y_zpSNaaM9h&google_hm=TUpFQVhkby1TQnprRXJwVFRuR00=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AYg5qPK_NEZOOms1rBKY9lxhRaKOlGhO3Z6DfhxC33ZEZeD1SwmC89QXNGw-cJ6Bor-D0_NjUgQHMyDpTKYXeLp1_Y_zpSNaaM9h&google_hm=TUpFQVhkby1TQnprRXJwVFRuR00=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
sync.srv.stackadapt.com/ Frame 5FFA 		0
0
sync
dsp.adkernel.com/ Frame 5FFA 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEOZNJcNnUWyAN6tfU5RY-iI&google_cver=1&google_push=AYg5qPLRph-M-Pwwj7uaFcaVgkdO5aOTbMlPjtGCOAWOmglF-gR6YqtUT2NvhsN2GmI4nVhwq4gxIZMBt5C_21scfzlUNWYTAUni
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
attr
cm.g.doubleclick.net/pixel/ Frame 5FFA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JzB8fEdjPCpinwkyfFJZ6UBYX1uJU75PPJ9UV9ic6yqKvZny1SKqyV0wQ
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9D41
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
URL: https://539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlBu2cGpyRGVMOAlXEuxVHG5qqL-Gmpm60hsUohq9iMkdvruOKLDDTrb6S4g_k
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 13 Oct 2021 01:25:18 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 13-Oct-2021 02:25:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 13 Oct 2021 01:25:18 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 13 Oct 2021 01:25:18 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED39 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100701&jk=3924126618916393&bg=!WlmlWR3NAAbGFvHlxhY7ACkAdvg8WvHvJta7YX35UzBAlATXzuftVBZC-wbGM_xHD0VHN946UPkRCAIAAAFyUgAAAA1oAQcKABvABK0kHZgUV7nFhb8dsuhxTHEnAaAt_A23U2WZArePIX2fJ_xjInzcdoDwOr6kzonR5HgZaoGaLnJIuDZwm-Ous9mXgh83at9r5nDsf-X27_hpwZQiFqjUERrrbvqzu2nZJA2OXxwP45Nj5jDSeS2OJqamU5etgcRlI8I_FD5_dO9-12aRIuOjUsOwMw-3lTmUdNQY1NEdvrEUIM9CAESonHEX3MpAprYce3PElA9kaffvyXtsbdPV3he7mbLgXsReEk9EhtNu2H4fgCo5GgYMPcUmTR9NvFy_rtxag45K01J6b0Z9vApujRIs3bnjC9YwkH4ZtdSsimQiLAj-dhLE2ZViN9l34ghjA5M4vZ98lIJ32JUqnN5PqcC17b4n9OYxBkDvFhtiN2WkpMZqOvjw8rqV7EMtOJ8-GZXdF4t-MHjTCgPuc_UX67w862czTXE6v7ZmkypB1lpkmst6HuzCcy_NeSrgUjND6VcAp_wgbLSN88gchqv3_uck-50wAkyNwUhpKQ3BDxCcZc3AscXKICwH5TquLrLZ_6bO5v8rXREA8cmuahDMvIw6xpGPKoHVNIvA-Yd3fJTHIp_uK4C-8eZMFkIrfDb6kA0s51cfjLQ1zOd7YO6OzUmtW2PMdreFE9wwDJ88MPy5D4OqoVTQxO3ec82PjxGexTDOggPAm2XY5DprhP34ZtoW__s5r8HG2Fu1iN48rwlpeoFVG8keXYHb6wkna2oCf1hRimjHN2fEFaS3Xgxo_TTRf1DDi11JJeCvo6yUfvDiYkI2_YsSDIdMBX487vp_LXg8zqj_QvSK3FrEIrIlmIZwoor6uZDC_M84okVN5iy09Ro_bVNcibiBvIpM4JtJNe2gUkb9QlaNxxN3ghPcWW2AUiNddBVLGAhoj-gmnx25fFkvAAN6ePOj0mQL1Y-49ee7PV-HrPPq3dcM4nygOlzRf5Sl11LcxwAO-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame DB7A
Redirect Chain
  • https://ib.adnxs.com/async_usersync_file
  • https://acdn.adnxs.com/dmp/async_usersync.html
52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/en-us/homepage/_sc/js/d7cb56b9-9f625de1/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/7e-dab54c-68ddb2ab/62-8e66e0-94069b44/e4-c22b5d-57056260/e2-064fcc-68ddb2ab/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/ae-d521a8-f9c98504/e2-2522eb-19c4a06f/c3-382991-68ddb2ab/7b-4a4fc9-243aa040/a5-cc5510-53568de/6c-92ed56-c57e93ae/c6-457ab4-f9c98504/cc-373628-a7d95428/68-4d16fb-68ddb2ab/1b-0b9ea1-86e27032/52-478955-68ddb2ab?ver=20211010_25060845&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt55cf,moneyedge2cf,bingcollabedge3cf,bingcollabhp1cf,platagyhz3cf,article1cf,article5cf,gallery3cf,gallery5cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,weather5cf,csmoney2cf,msnsapphire2cf,1s-br30min,btrecrow1,1s-winauthservice&csopd=20210722164117&csopdb=20211004194641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.msn.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=7271693395134067963; anj=dTM7k!M4/8CxrEQF']wIg2In=qKiS$!]tbP6j2F-XstGt!@DlX$pW+x
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 14 Oct 2021 01:25:20 GMT
Date
Wed, 13 Oct 2021 01:25:18 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
nginx/1.17.9
Date
Wed, 13 Oct 2021 01:25:18 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Location
https://acdn.adnxs.com/dmp/async_usersync.html
AN-X-Request-Uuid
e9c4e912-3cc7-4563-917a-ddaf2422fad5
Set-Cookie
uuid2=7271693395134067963; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 11-Jan-2022 01:25:18 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
v1
match.sharethrough.com/sync/ 		68 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?supply_id=FPB1dLHF&supply_user_id=0DC7A365ECBD6A392AA2B3AAEDF86BE3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.175.167 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 01:25:18 GMT
content-length
68
content-type
image/png
sync
visitor.omnitagjs.com/visitor/ 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9871605be8d4b2a982914bf5c9348e7b&name=MSN&visitor=0DC7A365ECBD6A392AA2B3AAEDF86BE3&external=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 -, , ASN (),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Oct 2021 01:25:18 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0
async_usersync
ib.adnxs.com/ Frame DB7A 		0
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Oct 2021 01:25:18 GMT
X-Proxy-Origin
216.131.114.139; 216.131.114.139; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
919a6f82-3e32-4fda-b70c-c01549394112
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
srtb.msn.com/ 		0
0
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-ms-flightid,x-msedge-clientid
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

vary
Origin
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-ms-flightid,x-msedge-clientid
access-control-max-age
21600
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: DA9D0EC2BE144DC3AC423CBAD36DF44C Ref B: PRG01EDGE1113 Ref C: 2021-10-13T01:25:19Z
date
Wed, 13 Oct 2021 01:25:18 GMT
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true
Domain
sync-jp.im-apps.net
URL
https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=ecae919b-3eb9-46b4-ba62-99623bd126c5
Domain
px.powerlinks.com
URL
https://px.powerlinks.com/user/sync/ssps?userId=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&sourceId=9720221e-17c0-4db1-939f-9b2940f98506&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpowerlinks%26uid%3D%24%7BUSER%7D%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D1mpn7m0%26
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=VLJnHugDB7hy2lfdoygj&pi=outbrain&tc=1
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
Domain
bttrack.com
URL
https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Domain
loadus.exelator.com
URL
https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YWY1f4k_IyHXiPOLqDFwCAAABF0AAAIB&obUid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az%2526uid%253D%2523PMUID
Domain
u.openx.net
URL
https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az%26uid%3D
Domain
pixel.advertising.com
URL
https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true
Domain
sync.hgrtb.com
URL
https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az%26uid%3D%7BUSER_ID%7D
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az%0A
Domain
ice.360yield.com
URL
https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Domain
s.ad.smaato.net
URL
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECMYomxOIFBJUFZ7oQqv-GQ&google_cver=1&google_push=AYg5qPJzguFSUgBthnG5-WSiEi2ZkYnn-2JGZsdAz8NLIfSsd-6hpIcjaZibAybJQoVAnvbod1i-U9b15yCwKf645T8ya-8nRQ2s
Domain
srtb.msn.com
URL
https://srtb.msn.com/auction

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect boolean| originAgentCluster function| define function| require object| _pageTimings function| _perfMarker function| _perfMeasure object| JAC_CONFIG function| _llic function| loadDeferredImages function| $ function| jQuery object| awa string| behaviorKey object| Perf string| globalLeft function| Gemini object| Telemetry object| utils object| data object| MSANTracker string| deferredCanary object| g_ashsC function| g_hsSetup string| canary string| bindingObj object| confiant function| newGuid function| setImmediate function| clearImmediate function| binding object| Modernizr object| pp object| JAC function| adSetupDiv number| uiprBannerRenderDelayInMinutes object| JAC_QUEUE number| lnt_z function| populateAutosuggestResponse

27 Cookies

Domain/Path Name / Value
.msn.com/ Name: _EDGE_S
Value: F=1
.msn.com/ Name: _EDGE_V
Value: 1
.msn.com/ Name: MC1
Value: GUID=601bd0096db54567a317ef4d7344cda8&HASH=601b&LV=202110&V=4&LU=1634088314373
.msn.com/ Name: MS0
Value: 16297ab53bdf45dcadf3c9b7827040ae
.msn.com/ Name: ocid
Value: spartandhp
.login.live.com/ Name: uaid
Value: 811e1cf824dc4570a4f92ed4933897a6
.login.live.com/ Name: MSPRequ
Value: id=1184&lt=1634088314&co=1
.adnxs.com/ Name: uuid2
Value: 7271693395134067963
.msn.com/ Name: PreferencesMsn
Value: eyJFeHBpcnlUaW1lIjo2MzgwMTIyMTExNTUwMDMyNjQsIlZlcnNpb24iOjF90
.msn.com/ Name: RecentStocks
Value:
.msn.com/ Name: anoncknm
Value:
.msn.com/ Name: adslrid
Value: N
.scorecardresearch.com/ Name: UID
Value: 166U0JJXBZ6TKFUX4MAO9Ng1634088316
.bing.com/ Name: MUID
Value: 0DC7A365ECBD6A392AA2B3AAEDF86BE3
.c.bing.com/ Name: SRM_M
Value: 0DC7A365ECBD6A392AA2B3AAEDF86BE3
.c.msn.com/ Name: SM
Value: C
.msn.com/ Name: MUID
Value: 0DC7A365ECBD6A392AA2B3AAEDF86BE3
.c.msn.com/ Name: ANONCHK
Value: 0
.yahoo.com/ Name: A3
Value: d=AQABBHw1ZmECEKjwNX8JlWbEdZ3d8jwGHogFEgEBAQGGZ2FwYQAAAAAA_eMAAA&S=AQAAAltY-N6c8C-7giIivasuQw0
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2In=qKiS$!]tbP6j2F-XstGt!@DlX$pW+x
.adfarm1.adition.com/ Name: UserID1
Value: 7018355880291793045
.mookie1.com/ Name: id
Value: 10813213075352391999
.mookie1.com/ Name: mdata
Value: 1|10813213075352391999|1634088317127
.mookie1.com/ Name: ov
Value: b676a63d40d37f938bfa6af15916c257
.doubleclick.net/ Name: IDE
Value: AHWqTUlBu2cGpyRGVMOAlXEuxVHG5qqL-Gmpm60hsUohq9iMkdvruOKLDDTrb6S4g_k
.msn.com/ Name: __gads
Value: ID=76066f00d54fb4d2:T=1634088317:S=ALNI_MZDJUHCM3F4aVpcoZYszvZuTFBsMQ
www.msn.com/ Name: timeZoneOffsetInMins
Value: 0

5 Console Messages

Source Level URL
Text
network error URL: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/katie-holmes-talks-about-that-bra-and-cardigan-moment/ar-AAJTECj?ocid=spartandhp
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://static-global-s-msn-com.akamaized.net/img-resizer/tenant/amp/entityid/BB18RULE.img?h=27&w=27&m=6&q=60&u=t&o=t&l=f&f=png
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://jac.yahoosandbox.com/0.7.2/jac.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://px.powerlinks.com/user/sync/ssps?userId=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az&sourceId=9720221e-17c0-4db1-939f-9b2940f98506&rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpowerlinks%26uid%3D%24%7BUSER%7D%26obUid%3DlxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=lxvyM_i6xp6UAz2wDHy-iMRXxVUHpVgoBR65E9N39MAwaMRcnvnoCScgyRgPZ2az
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; report-uri /en-us/lifestyle/c8b79639-6cdd-4227-9c53-1da96ca07550/_csp;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26.at.atwola.com
539a028ea65147c773d0dad216498a76.safeframe.googlesyndication.com
aa.agkn.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
adservice.google.com
ajax.aspnetcdn.com
ams1-ib.adnxs.com
api.taboola.com
arc.msn.com
b1sync.zemanta.com
beacon.krxd.net
bttrack.com
c.bing.com
c.msn.com
cdn.adnxs.com
cdn.js7k.com
cdn.taboola.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
confiant.msn.com
cs.emxdgt.com
d.lemonpi.io
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dt.adsafeprotected.com
eb2.3lift.com
fra1-ib.adnxs.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.clean.gg
ib.3lift.com
ib.adnxs.com
ice.360yield.com
id.geistm.com
idsync.rlcdn.com
image8.pubmatic.com
img-prod-cms-rt-microsoft-com.akamaized.net
img-s-msn-com.akamaized.net
jac.yahoosandbox.com
jill.fc.yahoo.com
loadus.exelator.com
login.live.com
match.adsrvr.org
match.sharethrough.com
odr.mookie1.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-m-node-3113.ssp.advertising.com
px.ads.linkedin.com
px.powerlinks.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
service.idsync.analytics.yahoo.com
srtb.msn.com
static-entertainment-neu-s-msn-com.akamaized.net
static-global-s-msn-com.akamaized.net
static.adsafeprotected.com
sync-jp.im-apps.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.hgrtb.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tag.idsync.analytics.yahoo.com
tags.bluekai.com
tpc.googlesyndication.com
u.openx.net
visitor.omnitagjs.com
web.ssp.yahoo.com
web.vortex.data.msn.com
widgets.outbrain.com
www.bing.com
www.google.com
www.googletagservices.com
www.msn.com
x.bidswitch.net
bttrack.com
cs.emxdgt.com
ice.360yield.com
image8.pubmatic.com
loadus.exelator.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
px.ads.linkedin.com
px.powerlinks.com
s.ad.smaato.net
srtb.msn.com
sync-jp.im-apps.net
sync-tm.everesttech.net
sync.1rx.io
sync.hgrtb.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
u.openx.net
104.111.215.191
108.174.11.69
13.248.245.213
13.32.29.33
13.35.253.42
142.250.181.225
142.250.181.226
142.250.184.226
142.250.185.129
142.250.185.132
142.250.185.198
142.250.185.226
142.250.186.130
142.250.186.34
143.204.209.62
151.101.129.44
152.195.51.15
152.199.19.160
172.217.23.102
174.137.133.49
178.250.2.151
18.157.70.90
18.194.125.59
18.194.68.138
185.255.84.152
185.33.220.241
193.0.160.129
2.16.186.16
2.16.186.40
2.16.186.42
2.16.186.9
2.18.232.130
2.18.232.6
2.18.234.190
20.190.160.129
20.50.102.62
204.79.197.200
204.79.197.203
209.54.177.54
212.82.100.176
212.82.100.182
213.19.147.45
216.58.212.162
3.124.175.167
3.126.56.137
3.127.52.31
3.219.181.211
3.222.216.235
34.240.165.104
34.253.111.115
34.255.139.130
34.95.69.49
34.98.67.61
35.157.246.167
35.244.174.68
37.252.172.250
37.252.173.27
40.77.226.250
46.228.164.11
52.142.114.2
54.171.219.200
54.77.171.193
70.42.32.63
76.223.111.131
85.114.159.118
87.248.118.22
91.228.74.133
003a19eb77c46999fdff2521272d6d58548afb763fc4d036d633e3450adb933d
011ce01ec83a4a6713382f6c965db98c4705bcc1ed66670e665cc81949e2f0b5
029cbf0100b313219863e61a67f9a971a1297920bea93229f43f30b9aaeabc5d
061e50d90dcc586231718a9f6a9a52f645403789197ed0800136cfbc9282469e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0ce2ac0bc903633719a22cfa7a4c5060802366a355250ace0d43a850341ce791
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
107ebc2c18780f04dbd1e296986ac1296129bf83fd70bf2d0eb7ccef2c2b53b8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1809cfb0395372b1aced21ee46e5511e5461e4e2e00419afb4528b11e284f68d
1875c039ddd6caa3ea7108b74a0261e6c743657897d04f270383f25a29e5f3bf
1adff93fec49cd9bab765ec423c9504146696be62b0f634d2bb6df86a1e775a2
1dc87aaaf80e24bd34e27af185f08a5d050d98ea4becedd7b0ef07c5295b3d1c
1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b
1fe86d21df7f0e1c075b4b14adf691e6af8b468ed2f66fd8cca6e6f98a897299
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
24fa96eb064b3ae418ed8c9415fdab1256257b7c9d9664ed94c6c66b4e774af7
27b559fb21037e7972ffabb594b1cafcb9247f6fa94100b16a03cff3d250a8c8
28de0c92ffb9503cd9d102f6cb220cb5cd5958a7be84ea4cc784057d21ab0ff7
28fc3eb91dde3de99ffd7a31cd728888eb2dc330c0de927db232fb342fab1a03
298a0217c5310c6a78c96b0e033d31f594f1e80a9e75c74a7fa2ab1955cb2014
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2cf6191ca7e30fa5ee20b3bd4d3776b99e74ed76b7442bea001968ad1d8a39cc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
310a2544197b3ebea2143dabbb8f7516228c0246e7250aa338f8d350de50be98
311328df6b25b2aebd094c30999b651066917b6647924fbc3538709bfdf302cf
31a4693f2633f43adec2eb879a019505ce9176a35e7321ad2e3468fcba97548d
32f77ef08b0686186845b20a1edcf0975c1cedfdc851d978baf6f238d65caa2e
3609065881766d577528802df7baf1f6f255eb654757f33f83ceaf767d6b5d1c
3661f39d0ca88ef699dd5fc51c3cccb935caf234974524fe97bc22db3ed76d5b
372f8a1e4079c2b89761433932fc28dda4f266681b7676630752576c3f586328
385a8d6e4918a112654167d9c46fbbb50401598949be7715e6bb0974e32a942e
393cf048c5b518e266aa392aa2540de2a0d5538f0bae4f44b1b6a89f095a85f7
3aea6b1964270ddcef66c598d1df306e7f86267bb8c9de81f22077f35d2bdfbe
3b16459f5fe6cd858ea2f26c4eb246e9ab3ae6fdf5e4e326e083b41bfb8ae71b
3b6770482af6da488bd797ad2682c8d204ed536d0d173ee7bb6ce80d479a2ea7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d2982d8889bf478e37459abb936e4c731a787e31e1edee129d15e9ed0faf0be
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f71351ac7bf35709429df993478958e2307353dd59ef693d74c93f48e4418fa
4106481c694fd9bce409a309354d3edc9bc45f8b714b494f2a9de3b18b4db3e0
431e56243237c49670f54cbee69d68fa8b6dfe9c59283b339e17c86894b83f0e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451ff2a75f100b07dfee9b355fbbae3604fc4240f5c8811c39a3882efe9d8a98
45afb8907f66958d3c82770f0908c6f4b2e83cf7b84df70844e729e6143106c4
49eefa06fd8b2b228e6ee5f7d3af6f3ccfff82fd3762ebb3df322881d76e27b7
4b2c8888ac4c8b8514eabe2589b8ea482a6fae46d979185a637d693bb856281a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5007ee1edee42bc47d17ffe2c39fe385c7bd99d1a3dc7b3f7f1c021687345265
5036ad214c037de0815e3d8a8e6770ad6a12df3897c9ffcaac2b965de3162caa
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5386e2d36f0e037aa5174c444f63538df0f7c155f2d520426ab4121233160916
546599a5eba884c3cbf5a629916caa125f11ffb03e1683526cb2dda51b0b4345
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5610226e0bc7f1a0ae11254a35d7e058ae18ead411eb6d5b2331ccbcba8e9359
5647d6e4fe65dadc8621ea2af7af33e586f7badd85f252d6132903cd0da80889
58a5b43acbbb92f70e045fd526733f71e2d9328a325140a2e93489398ca1f302
5d2844262bf9d7cb8fb0c8437bdbb40dadd193fd31f16a66e978e9a3c190b110
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60f2da850d50df498352834b04499e50fc0230e2a4b75eea0aa9c81a34e090f6
6162d97c80b6c11d2968a84ddddd9656422834b75c07eb593676926ef9338e21
61b930269cdb4a8b00ce5ab1ae8caaaf304bf0067b19bb3b255322add3dff4f9
63478e930215112adb29425b1b1bb0f531381e85a159b4b5907629c11fc55991
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65927b0549fabe196dd950eafa8a37aebb7687cefae0ac80bbe79c652d3a8e50
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
682b3f8f83792d34bd956f14c546f54e2da4ae47d780d0cecc37525ba778ec84
685ce6ca08f079ccc7dc2b71decdfca139065fc67607bd8e6de94147bd235c07
6a9fb6aa16176039035125f232ec2cfb1184bcc53f265a0d4e0f13da368a0191
6ab09839dfd5e9e4193ae436fb64705cdcb063d12dd9d4962c40aa262b8f17f0
6ad7628be49bba147b10b9601c891c33863529bd2bf7aa46b8bc9480c140c625
6da9480df6ece4f34316172a927b4122f9c15d721e6e9595839be868e94ebbff
6f3153fe0256ad1cd6f80768f62dde22bb47edef2caa97006625fed1f4fe17ad
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
71e40db0dd0e5c6163e6056e1f493f69ffb422b3c6e5877506408b12b6a06c63
726faf95e5a25b36cf2c06b089bd1b401768b82964b6ac4f25c6de62c51e6890
72758433ff66a1d477f9d3a7175554f0c0e3506c9fe6f5a93e0d5db97a6b13d4
74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7
752e093cc5305e5235c9c91e2978d48bd3c79792360399a708ab784e2e3963b3
77c734452400cf78c4055d6e865f37142ef160d097a2cb19d2c5d6c68002c417
79af9a2bc1c8a43504bc96d1689beebd8af648d88d86b555b445f4c6d180bd08
7a25d66cfb50b6d2dc41dfeb35a73fbe84a80545be987b04441de70a181b5e0d
7ae96f2a9c53236af2780274b8e0c1459614a48db41d97a083bea8fe53a2e9ca
7c83ffcdb1004e6b8ebd23d39bd83dff1c131a8ddbe1583f897ff158c25b4afa
80ddd620de6d2982d76ac2e9a1a17a70041a23225990d1669f3c77534502e4d2
81ce89831c48dde3929e9a01c0a83912dbd388c97379d7508ab63669ecf76804
81f4773e993b23de27dbeb6551b81df92b78f0728312fe246329bfcb34d99327
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
86e2cec61725378e8debf1606ecaa4f89b8299ecebbc851cd4ecc9694356f041
87f8e73ea1c8f733b98d946567fbab93a829dfb3787c932453b8c2e84133d00f
897401ba37065cc38bda3fb63b606fffdd1baf4e4006c8770281c30f6d73037a
8af27e90b7feaca0281a29255241074894e0538785d388d11bb3d67de672eb97
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fbee0eebaa996bcd929ecf9461e6223348f9ed3b0e8a537917ec2b9097b3b3e
93a0d2cd7595584ed09363bbf9dcca489c5e45f3c93497476f04dd00e23365e7
956f048d8d55b980d51847459ba6953eb5c4ab9c87012d907bd6b80249d2a532
95980e999cb7c8e1d3ed8d1b392493b3720a4afca2a17a8ddaa14de12e8a4832
97b1ffaf0413f351625c6c565e25a1fd489bb38261e8d0141ae674861ceda2d2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
992564f1bcfe51937d23e7568089aa84e71aadb2e0944814a52ea887116ffb36
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ace6f06fc3bfa63efc7b063b411acb199bf49c049b4b70893edf85c59688456
9beca840b30066fbb5a4aa67e434ec99b749b784618a7ef01812dea52f215098
9c35c9853ea99d94357966d697ae8e434f52f06ebdec142f0482d57dcbbef91f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a183c867937b3c0166937e749f52f90512fd097922ecd602a768649182d2604d
a1a65616f060b4cf8c40dfd0b12bc8d1f3c4b1d20e820b6bd36c17167a351bbe
a2faaea004e76859dd623b2c67841594b89480b8a1b013877490d495767eec2b
a31e577a70ddc79d1e6945741d44ed45161216a792e2362b58cb5fbf6abd93ce
a40a2d129d1d6c6cca47c64752206d6ac5cf6a2801fc30c090489d5ca3122644
a4821ce434a205521d97f3183a539f1faf2f9f089f887bb4fcfedc1b9c8b345c
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a65b8799985dac9f53ed94f817a8be3e978c1cbe3a7f01ca2b8c688f29a83fed
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7aa37e5713cc71e45cdd0d1e9f6715d35d0890c0cdd01b9795a9bff6a86443a
abda4721f7c3decb74c8921e0638b06b48a387f4aa3fcdfee396231b45901916
ad6337c4c48d8db777b119261cbd3714d78e1a0f8c4e1aaae5fcbf308e378773
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b45ee7ed997986ac7c01faa63db5adae9573deb8c3fb3d880ad843c27c0eaa3a
b498455f613758434d457bb8b66234d0bb650c2c1a3951c6a54aa6acb73002bc
b7e6f4f25d43d1ca4a7100f215472e41a74defd1b48468195fdf3d75105a421f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbfcafec8560b0b938b8fe75aa70362f36ad61f09abef6ee1dfe18bb5176d4f0
bc507438a8174c454cc483ce128f1baa1fc0f6525ae63fbc828b294d4176bd81
bcfa10bad0541ff5904ded107c9d7238e758b9491dc968f2acc7d8929c4e7090
bdedb783ca58950069becc083e52b1c589a6db707e45c18f3fdd2a7bef13aac3
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be25f534381e3dbd8c9e0675de73ca692fc76c709319337a8b91ef6e43d63158
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c2b62853233ae257982c0d318217cea226194dc298773ebe871881f29b828f50
c31872e85b49834246a25c46c870fcddf837d55d0cd648d0061cba0d37272bfc
c49529a9a33f002f4e6de1ff638cb7aff7649894ae517a5a397122b5dabad2ae
c507a265656da6de48cfdd771392c9394a86947eb7372fdffd097582b6613767
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c7f0a19554ec6ea6e3c9bd09f3c662c78dc1bf501ebb47287ded74d82afd1f72
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16
caec3225fbf3f1735eaaa02c86341a026f38d090431e159f677ab9e416bf0cbf
cb6f941e69f93166dfbf402e34fd2e6c3ef21b6389656c23c1d779622e434b7b
cdcbf15d025b1f1d7c2a9dfb73a32b37cb3d515edd62f34c68309efd08190080
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d2b712627283b50d3786db72c77da81e7ea9ff5cd361eb0f49e5d2c3737e096f
d450cb09bfdfb2712a08158c7afd6863c616dadfb632023199c75b75782c23d6
d5c099f1d79e45728021be14c4bc8cff7910f26cd0ebeec08520521346271f44
d5d8cb795af65a37f045ce46ae2cede971dd52fbbf68440bfc7ab023f9a0a3eb
d62b79b737117ba2c79fa5c6deafa5f3d9eacf7ea18808e0d775d27c5d4cb1c1
d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335
d839d03def48b73d79c1f66bc02eabb4d90477b45238d788a6864a66d762cc6c
d8d9aff2f072d607c488ba24d5095f30049f4246977d7370ab4152f3f0f891c1
d9a150431e969e3b5ac8c9eb185ab77b9434620f9322c7d874c6d58aac234ab7
d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd972a8f26571531ed6cc456f7cd2da098a2eb36f00861de19f49a4fcbb2edfa
de61c1896c576a14492468fcdddf44277bdffce844665d22edcf6e9f37062b4f
dfef7b9eb24c8f437994c7f1d87fd88d22f787c3e6e4580fa680f399a0d4ff76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b32a411896c05c51f7efa237ad91af2744b781498bb9af7708af0e7f515037
e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74
e443d0139087244f62a3706af746e152c52e1b21eb59bd26ad611a9f7cf3f661
e5b333f480bbfcb3f0190c54b77670ff9d97a9af9c72aec3d21bd3b4cfb5885d
e6336a5d2ad8d9714605e0786c9b5d117f1d3c324daa667d1e7fbbd04edd3d34
e769b6557007cfe73eed4d7fee49308e023f69fcde083088e1fd7f22c653d504
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e84c5e333f7b5a9fc122c5272cadd7b746bfb1ee3555d6c1ea05f6bdb7b31f0b
ea9c481ed3f3b1d83e8f2b3562881cd84e805101f6a0b342f097a0379cdda04c
ec599383c300e93993aa2f651872be7b595d8568d501a9217f071084393d6f1c
eebdf79938702147857b839ad40eb72d15039198a7037047f2594861b34c4968
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0231b8d850a2a77e51c70bb379e636428c1c04bafb8921be4b2c47a3f7d25bd
f13f628307a1e10b9cfff1a13d31dfa97c6657ec8d29f8fd3c7fab55077b0195
f20a080cb6f3540c27ec0aa19010bf2351681a7a8d9e791603e8c9626591b9ff
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f2945e416ddd2a188d0e64d44332f349b56c49ac13036b0b4fc946a2ebf87d99
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f5bc7c3202018ea144f310a07efbc2d5576ed4caf1a144785dcc994975a4d795
f8d1a32ae6dca7e73f857fb22d087f69dc3ff06be3a825e031fc814ae07c8f84
fb0614cab71c48517a0813549c6dac39b608e5562fc91e55c680154d10716d1c
fbc5add338901895d26e1950be72646be9d472b41069911313b3350079d383af
fc05e687afa15c08f224e6e01ed6265ebe92b5fb267690ff013f42c053ce75a4
fc83a80e7a4405d365852d4f4b9fc4af2446c4c232778afda6612a9c5b40e0ff
fd61b384d2546db2cf5e2acbaea6633728ad41fa4dc3f32401000ce087809e1f
ff8affc919f1e588a5eeb487afc5d1ea6a279e486c46e614c308ec35ef70a6e7
fffa639837815732fa97c666bca1566dda758e4c6d62f184033397de707386c0