urlscan.io logo urlscan.io
SecurityTrails logo

www.msn.com Open in urlscan Pro
204.79.197.203  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD878027...
Submission Tags: falconsandbox
Submission: On July 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 21 domains to perform 132 HTTP transactions. The main IP is 204.79.197.203, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.msn.com. The Cisco Umbrella rank of the primary domain is 1144.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 22nd 2021. Valid for: a year.
This is the only time www.msn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 204.79.197.203 8068 (MICROSOFT...)
24 23.36.163.97 20940 (AKAMAI-ASN1)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 13 2620:1ec:c11:... 8068 (MICROSOFT...)
3 99.86.4.12 16509 (AMAZON-02)
15 20.49.104.7 8075 (MICROSOFT...)
4 104.208.16.90 8075 (MICROSOFT...)
4 20.190.160.17 8075 (MICROSOFT...)
11 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 142.250.181.226 15169 (GOOGLE)
23 18.66.112.50 16509 (AMAZON-02)
2 84.17.46.54 60068 (CDN77 ^_^)
1 65.9.66.40 16509 (AMAZON-02)
1 20.190.160.22 8075 (MICROSOFT...)
1 3.213.149.120 14618 (AMAZON-AES)
1 2a03:2880:f02... 32934 (FACEBOOK)
4 2620:1ec:46::45 8068 (MICROSOFT...)
1 18.66.112.46 16509 (AMAZON-02)
1 185.59.220.198 60068 (CDN77 ^_^)
6 104.43.200.36 8075 (MICROSOFT...)
2 34.226.46.250 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 89.187.169.3 60068 (CDN77 ^_^)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.168.112.67 8075 (MICROSOFT...)
132 28
4    204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net
www.msn.com
24    23.36.163.97 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-97.deploy.static.akamaitechnologies.com
assets.msn.com
2    20.234.93.27 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.msn.com
13    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
www.bing.com
3    99.86.4.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-12.fra6.r.cloudfront.net
sb.scorecardresearch.com
15    20.49.104.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.sootoday.com
4    104.208.16.90 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.msn.com
4    20.190.160.17 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com
11    2a02:26f0:3500:16::215:1486 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
23    18.66.112.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-50.fra56.r.cloudfront.net
www.vmcdn.ca
2    84.17.46.54 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-54.cdn77.com
l.getsitecontrol.com
1    65.9.66.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-40.fra56.r.cloudfront.net
cdn-gateflipp.flippback.com
1    20.190.160.22 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    3.213.149.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-149-120.compute-1.amazonaws.com
gateflipp.flippback.com
1    2a03:2880:f02d:e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
4    2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mem.gfx.ms
js.monitor.azure.com
1    18.66.112.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-46.fra56.r.cloudfront.net
p.flipp.com
1    185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-723.bunnyinfra.net
s2.getsitecontrol.com
6    104.43.200.36 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.microsoft.com
2    34.226.46.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-46-250.compute-1.amazonaws.com
events.getsitectrl.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    89.187.169.3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-3.cdn77.com
m2.getsitecontrol.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.168.112.67 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
browser.events.data.microsoft.com
Apex Domain
Subdomains		 Transfer
34 msn.com
www.msn.com — Cisco Umbrella Rank: 1144
assets.msn.com — Cisco Umbrella Rank: 143
c.msn.com — Cisco Umbrella Rank: 502
browser.events.data.msn.com — Cisco Umbrella Rank: 675
1 MB
23 vmcdn.ca
www.vmcdn.ca — Cisco Umbrella Rank: 167872
141 KB
15 sootoday.com
www.sootoday.com — Cisco Umbrella Rank: 559608
177 KB
13 bing.com
c.bing.com — Cisco Umbrella Rank: 235
www.bing.com — Cisco Umbrella Rank: 71 Failed
247 KB
11 akamaized.net
img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 318
10 KB
7 microsoft.com
web.vortex.data.microsoft.com — Cisco Umbrella Rank: 1556
browser.events.data.microsoft.com — Cisco Umbrella Rank: 256
3 KB
4 getsitecontrol.com
l.getsitecontrol.com — Cisco Umbrella Rank: 18392
s2.getsitecontrol.com — Cisco Umbrella Rank: 27577
m2.getsitecontrol.com — Cisco Umbrella Rank: 78980
350 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231
pubads.g.doubleclick.net — Cisco Umbrella Rank: 488
157 KB
4 microsoftonline.com
login.microsoftonline.com — Cisco Umbrella Rank: 23
118 KB
3 gfx.ms
mem.gfx.ms — Cisco Umbrella Rank: 3531
57 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 151
3 KB
2 getsitectrl.com
events.getsitectrl.com — Cisco Umbrella Rank: 20182
1 KB
2 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 24784
gateflipp.flippback.com — Cisco Umbrella Rank: 31276
11 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
1 KB
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 2800
29 KB
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 16886
1 facebook.com
graph.facebook.com — Cisco Umbrella Rank: 115
758 B
1 live.com
login.live.com — Cisco Umbrella Rank: 77
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
20 KB
1 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2262
36 KB
132 21
Domain Requested by
24 assets.msn.com www.msn.com
assets.msn.com
23 www.vmcdn.ca www.sootoday.com
15 www.sootoday.com assets.msn.com
www.sootoday.com
12 www.bing.com assets.msn.com
11 img-s-msn-com.akamaized.net
6 web.vortex.data.microsoft.com mem.gfx.ms
4 login.microsoftonline.com assets.msn.com
login.microsoftonline.com
4 browser.events.data.msn.com assets.msn.com
4 www.msn.com www.msn.com
assets.msn.com
login.microsoftonline.com
3 mem.gfx.ms assets.msn.com
mem.gfx.ms
3 sb.scorecardresearch.com www.sootoday.com
2 events.getsitectrl.com s2.getsitecontrol.com
2 pubads.g.doubleclick.net www.sootoday.com
2 l.getsitecontrol.com www.sootoday.com
l.getsitecontrol.com
2 securepubads.g.doubleclick.net www.sootoday.com
securepubads.g.doubleclick.net
2 c.msn.com 1 redirects
1 browser.events.data.microsoft.com js.monitor.azure.com
1 fonts.gstatic.com fonts.googleapis.com
1 m2.getsitecontrol.com www.sootoday.com
1 fonts.googleapis.com s2.getsitecontrol.com
1 js.monitor.azure.com mem.gfx.ms
1 s2.getsitecontrol.com l.getsitecontrol.com
1 p.flipp.com cdn-gateflipp.flippback.com
1 graph.facebook.com www.sootoday.com
1 gateflipp.flippback.com cdn-gateflipp.flippback.com
1 login.live.com login.microsoftonline.com
1 cdn-gateflipp.flippback.com www.sootoday.com
1 www.google-analytics.com www.sootoday.com
1 fundingchoicesmessages.google.com www.sootoday.com
1 c.bing.com 1 redirects
132 30

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com
Subject Issuer Validity Valid
*.msn.com
Microsoft RSA TLS CA 01		 2021-09-22 -
2022-09-22		 a year crt.sh
assets.msn.com
Microsoft RSA TLS CA 02		 2021-09-23 -
2022-09-23		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
www.sootoday.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-05 -
2022-09-05		 6 months crt.sh
*.events.data.microsoft.com
Microsoft Azure TLS Issuing CA 01		 2022-05-21 -
2023-05-16		 a year crt.sh
stamp2.login.microsoftonline.com
DigiCert SHA2 Secure Server CA		 2022-05-25 -
2023-05-25		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.vmcdn.ca
Amazon		 2021-09-16 -
2022-10-15		 a year crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2022-03-05 -
2023-04-06		 a year crt.sh
*.flippback.com
Amazon		 2022-07-01 -
2023-07-29		 a year crt.sh
graph.windows.net
DigiCert SHA2 Secure Server CA		 2022-06-01 -
2023-06-01		 a year crt.sh
flipp.com
Amazon		 2021-09-30 -
2022-10-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-22 -
2022-07-21		 3 months crt.sh
identitycdn.msauth.net
Microsoft Azure TLS Issuing CA 02		 2022-05-11 -
2023-05-06		 a year crt.sh
*.vortex.data.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2022-07-08 -
2023-07-03		 a year crt.sh
js.monitor.azure.com
Microsoft Azure TLS Issuing CA 06		 2022-06-26 -
2023-06-21		 a year crt.sh
*.getsitectrl.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Frame ID: 7F31A355542F9C0E118534CE4894B319
Requests: 74 HTTP requests in this frame

Frame: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Frame ID: AD71C4CF4444F0AD0D46C184CCDC5F2C
Requests: 60 HTTP requests in this frame

Frame: https://www.msn.com/staticsb/statics/latest/auth/auth-redirect-blank.html
Frame ID: A4B0A112EA5734A2D5CD364BC36AF6A7
Requests: 3 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: 7DAA1C89E04231F589EF55B9471C393B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Toronto Blue Jays redesign Fourth of July hats, remove stars

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

132
Requests

98 %
HTTPS

30 %
IPv6

21
Domains

30
Subdomains

28
IPs

4
Countries

2800 kB
Transfer

8826 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://c.msn.com/c.gif?rnd=1657744210387&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30&cvs=Browser&di=17930&st.dpt=other&st.sdpt=&subcvs=news&lng=en-ca&rid=9f9a19a0fa3e4701a5889a79ae4cdb5d&activityId=9f9a19a0fa3e4701a5889a79ae4cdb5d&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0 HTTP 302
  • https://c.bing.com/c.gif?rnd=1657744210387&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30&cvs=Browser&di=17930&st.dpt=other&st.sdpt=&subcvs=news&lng=en-ca&rid=9f9a19a0fa3e4701a5889a79ae4cdb5d&activityId=9f9a19a0fa3e4701a5889a79ae4cdb5d&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=CDA67927303648BF8C1ECE778A831E8E&RedC=c.msn.com&MXFR=341D58F307FC68340265491306976973 HTTP 302
  • https://c.msn.com/c.gif?rnd=1657744210387&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30&cvs=Browser&di=17930&st.dpt=other&st.sdpt=&subcvs=news&lng=en-ca&rid=9f9a19a0fa3e4701a5889a79ae4cdb5d&activityId=9f9a19a0fa3e4701a5889a79ae4cdb5d&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=CDA67927303648BF8C1ECE778A831E8E&MUID=341D58F307FC68340265491306976973

132 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wc-83FDD87802796D9B8A846CAEB03DD489
www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/ 		47 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e9b43003d0bae5bc6d2985f1ecb87b58bb76f34663c717e9efc18d282bd3fcd5
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss: 'report-sample';font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;report-to csp-endpoint;worker-src 'self' https: blob: 'report-sample';
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods
HEAD,GET,OPTIONS
cache-control
no-store, no-cache
content-security-policy
block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss: 'report-sample';font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;report-to csp-endpoint;worker-src 'self' https: blob: 'report-sample';
content-type
text/html; charset=utf-8
date
Wed, 13 Jul 2022 20:30:09 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
pragma
no-cache
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
strict-transport-security
max-age=1209600; includeSubDomains; preload
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-fabric-cluster
pmeprodneu
x-frame-options
SAMEORIGIN
x-msedge-ref
Ref A: 9F9A19A0FA3E4701A5889A79AE4CDB5D Ref B: FRAEDGE1408 Ref C: 2022-07-13T20:30:10Z
x-ua-compatible
IE=Edge;chrome=1
x-xss-protection
1
vendors.2957f4c137d9fd2f4173.js
assets.msn.com/bundles/v1/views/latest/ 		280 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/vendors.2957f4c137d9fd2f4173.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fd7360b2ca1195c36ae6b177199f5c372f9b8b90253256906e0c9178d9fa83f7

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
f4gK5qRKMaRigBACuP7kbQ==
server-timing
5
content-length
73121
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jul 2022 23:19:40 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA6393D4AB3E21
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
2d83df05-201e-002e-783a-963eb6000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843682
microsoft.198474fce4198956b255.js
assets.msn.com/bundles/v1/views/latest/ 		339 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/microsoft.198474fce4198956b255.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
38bd9c20c5b4bba79b98382cd8b718ea556d09d59c326fc9e550151e9e9067bb

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
ajE+eTHdzV9FOUC22cGDnw==
server-timing
5
content-length
77757
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jul 2022 23:19:25 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA6393CB7E5C03
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
1f415ba6-101e-00b1-683a-9650de000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843689
common.54bcaeb171c31ce2be0d.js
assets.msn.com/bundles/v1/views/latest/ 		838 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d7a8ec68a543580afa170bdf3a0feba255eacc8d6a8ba1502128791c23f7c333

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
7WU+WIrs9qN1IgrFITgzoQ==
server-timing
5
content-length
189041
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jul 2022 00:56:53 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA646A940B97D4
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
48ad748e-001e-00d0-4153-9639fe000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a84368d
experience.367f391574f5f2c4d4e0.js
assets.msn.com/bundles/v1/views/latest/ 		114 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
71ed2590babebacf60ad5ced9eb8ee9131b4caabf465af6d2a1a12e0eb914ac0

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
4dUZxqV79Q27S7Rt9rczdA==
server-timing
5
content-length
33184
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jul 2022 00:57:02 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA646A991D7915
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
19e83902-b01e-00bb-4053-965ecb000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843694
web-worker.2026a7aa505c253d9712.js
www.msn.com/bundles/v1/views/latest/ 		86 KB
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/bundles/v1/views/latest/web-worker.2026a7aa505c253d9712.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d543994895fadec786c42045fc92cdd39b09bbf5cc4d2c84fbff954dd5508a7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
zcufKsepgz1Wj6XrqG12Vw==
x-cache
TCP_HIT
server-timing
1
content-length
25783
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jul 2022 23:18:58 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref
Ref A: 3591C1D404644346B3CD9910433C52C8 Ref B: FRAEDGE1408 Ref C: 2022-07-13T20:30:10Z
etag
0x8DA6393BB79278B
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-ms-request-id
044cc8ed-f01e-00d7-757c-95e8f0000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
95.101.77.166
x-ms-version
2009-09-19
akamai-request-id
1a70326
x-cid
7
x-ccc
US
eb-garamond-v14-latin-regular.woff2
assets.msn.com/statics/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/eb-garamond-v14-latin-regular.woff2
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing
5
content-length
29088
last-modified
Thu, 01 Oct 2020 00:43:17 GMT
server
AkamaiNetStorage
etag
"6fbb1cf13dfeff58538dddd9e2ad485c:1601512997.736101"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
23.36.161.69
accept-ranges
bytes
timing-allow-origin
*
akamai-request-id
3a8438d5
access-control-allow-credentials
true
/
www.msn.com/resolver/api/resolve/v3/config/ 		192 KB
47 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/resolver/api/resolve/v3/config/?expType=AppConfig&expInstance=default&apptype=views&v=20220712.620&targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browserType%22:%22chrome%22,%22version%22:%22103%22,%22ismobile%22:%22false%22},%22deviceFormFactor%22:%22desktop%22,%22domain%22:%22www.msn.com%22,%22locale%22:{%22content%22:{%22language%22:%22en%22,%22market%22:%22ca%22},%22display%22:{%22language%22:%22en%22,%22market%22:%22ca%22}},%22ocid%22:%22entnewsntp%22,%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22webcontent%22,%22pageExperiments%22:[%22prg-1s-mtsn%22,%22prg-1sbgbanner%22,%22prg-1sw-aqlmtrt%22,%22prg-1sw-c-smexps%22,%22prg-1sw-ccglbcf1%22,%22prg-1sw-clarity%22,%22prg-1sw-clbdg%22,%22prg-1sw-clrot%22,%22prg-1sw-hdukr%22,%22prg-1sw-mbnodp%22,%22prg-1sw-p1wtrclm%22,%22prg-1sw-pllmtrt%22,%22prg-1sw-pr2tspos%22,%22prg-1sw-pr2tsposrc%22,%22prg-1sw-sbn-mm%22,%22prg-1sw-sdb7e%22,%22prg-1sw-splog%22,%22prg-1sw-swlmtrt%22,%22prg-1sw-wxbdg%22,%22prg-1sw-wxrus%22,%22prg-ads-onesz%22,%22prg-ads-t-onesz-r2%22,%22prg-adspeek%22,%22prg-apilogcon%22,%22prg-commonbell%22,%22prg-cookiesync%22,%22prg-ctr-pmosc%22,%22prg-da21rf2%22,%22prg-hprewflyout-t%22,%22prg-ias%22,%22prg-intapperr%22,%22prg-loc-header%22,%22prg-nt-vertical%22,%22prg-ntbell-expt%22,%22prg-pr2-3pine-c%22,%22prg-prong2-arg%22,%22prg-sf-argsinj%22,%22prg-sh-ctpd%22,%22prg-spr-egreco%22,%22prg-spr-emttof%22,%22prg-spr-st-gdiupgt%22,%22prg-spr-t-intl2%22,%22prg-tok21%22,%22prg-upsaip-r-t%22,%22prg-upsaip-w1-t%22,%22prg-videoimp0s%22,%22prg-wf-sky-re%22,%22prg-wpo-pnpc%22,%22prg-wtchad20%22,%22prg-wx-anmpr%22,%22prg-wx-sbn-vm%22]}
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
Kestrel /
Resource Hash
0f7f3c334baca177c9203128b5c34032e2be1f6a41cc6ad9a26f4bff6a6a5f1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
gzip
etag
"ctTHE9ZWBTkZqradcHWWqD5qOHA"
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache
TCP_HIT
content-length
48443
x-crs-env
Production
server
Kestrel
x-msedge-ref
Ref A: 509FF3C534244309A4FB90F6A58D6A5C Ref B: FRAEDGE1408 Ref C: 2022-07-13T20:30:10Z
x-crs-buildversion
20220609.4_master
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
public, max-age=604800, immutable
x-fabric-cluster
pmeprodneu
x-cid
7
x-ccc
US
article-page.c5ced5e29bc1279dde31.js
assets.msn.com/bundles/v1/views/latest/ 		373 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/article-page.c5ced5e29bc1279dde31.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9f9e7ac827c5af0d7541560bbc8bb291cc3adb302fba7d2e9ded0a90b0ef3929

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
D+s/r0dL5HpnZxBClbwYFA==
server-timing
5
content-length
84712
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jul 2022 00:56:56 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA646A959A5DA4
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
e14bbf9c-201e-00c2-7153-96dfd8000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a84398c
viewspage
assets.msn.com/service/news/feed/pages/ 		8 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/news/feed/pages/viewspage?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=9F9A19A0-FA3E-4701-A588-9A79AE4CDB5D&ocid=winp1&market=en-ca&user=m-341D58F307FC68340265491306976973&fdhead=msnallexpusers%2Cmuidflt14cf%2Cmuidflt17cf%2Cmuidflt58cf%2Cmuidflt59cf%2Cmuidflt300cf%2Cmmxandroid1cf%2Cplatagyedge3cf%2Caudexedge1cf%2Cplatagyhp2cf%2Cmoneyhp1cf%2Cmodcoglangc%2Cbingcollabhz1cf%2Cprg-ads-t-onesz-r2%2Cprg-ads-onesz%2Cgallery3cf%2Conetrustpoplive%2Cmsnapp4cf%2Cprg-da21rf2%2Cprg-tok21%2Cshophp2cf%2Cmsnsports3cf%2Cmsnsports4cf%2Cprg-ntbell-expt%2Cprg-commonbell%2Cprg-nt-vertical%2Cprg-1sw-sdb7e%2Cprg-1sw-clarity%2Cmsnsapphire1cf%2Cprg-adspeek%2Cbtrecrow1%2C1s-winauthservice%2Cprg-1sw-c-smexps%2Cprg-loc-header%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cmsnapp8cf%2Cprg-1sw-clbdg%2C1s-p2-brknb%2C1s-p2cl-bdg%2Cprg-1sbgbanner%2Cprg-1sw-wxbdg%2Cprg-1sw-clrot%2Cprg-1s-mtsn%2Cprg-1sw-wxrus%2Cprg-prong2-arg%2Cprg-sf-argsinj%2Cprg-ias%2Croutentpring2t%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-1sw-splog%2Cartglyrank2cf%2Cprg-1sw-ccglbcf1%2Cprg-wpo-pnpc%2Cprg-1sw-pr2tsposrc%2Cprg-1sw-pr2tspos%2Cprg-pr2-3pine-c%2C1s-4pinrecl%2Cprg-1sw-hdukr%2Cprg-upsaip-w1-t%2Cprg-intapperr%2Cprg-upsaip-r-t%2Cprg-wx-anmpr%2C1s-contentview-1%2Cprg-wtchad20%2Ca83d7349%2Cprg-wx-sbn-vm%2Cprg-videoimp0s%2Cprg-1sw-sbn-mm%2Cprg-ctr-pmosc%2C1s-rpssecautht%2Cads-dyndomc%2Cprg-apilogcon%2Cyuting2t%2Cprg-1sw-p1wtrclm%2Cprg-1sw-mbnodp%2Cprg-1sw-swlmtrt%2Cprg-spr-t-intl2%2Cprg-spr-egreco%2Cprg-spr-emttof%2Cprg-spr-st-gdiupgt%2Cprg-1sw-aqlmtrt%2Cprg-1sw-pllmtrt%2Cprg-sh-ctpd&contentId=83FDD87802796D9B8A846CAEB03DD489
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
993f267c85674502673e030c74e97158236b11d7df01952a6feb4049055c37a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt14cf,muidflt17cf,muidflt58cf,muidflt59cf,muidflt300cf,mmxandroid1cf,platagyedge3cf,audexedge1cf,platagyhp2cf,moneyhp1cf,modcoglangc,bingcollabhz1cf,prg-ads-t-onesz-r2,prg-ads-onesz,gallery3cf,msnapp4cf,prg-da21rf2,prg-tok21,shophp2cf,msnsports3cf,msnsports4cf,prg-1sw-sagenf26vc,prg-ntbell-expt,prg-commonbell,prg-nt-vertical,preprg-1sw-sacali2c,prg-1sw-sdb7e,prg-1sw-clarity,btrecenca,msnsapphire1cf,prg-adspeek,1s-winauthservice,prg-1sw-c-smexps,prg-loc-header,prg-hprewflyout-t,prg-wf-sky-re,msnapp8cf,prg-1sw-clbdg,1s-p2-brknb,1s-p2cl-bdg,prg-1sbgbanner,prg-1sw-wxbdg,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-prong2-arg,prg-sf-argsinj,prg-ias,routentpring2t,prg-1sw-nwrc,1s-fcrypt,prg-cookiesync,prg-1sw-splog,artglyrank2cf,prg-wpo-pnpc,prg-1sw-pr2tsposrc,prg-1sw-pr2tspos,prg-pr2-3pine-c,1s-4pinrecl,prg-1sw-hdukr,prg-upsaip-w1-t,prg-intapperr,prg-upsaip-r-t,prg-wx-anmpr,1s-contentview-1,prg-wtchad20,a83d7349,prg-wx-sbn-vm,prg-videoimp0s,prg-1sw-sbn-mm,prg-ctr-pmosc,1s-rpssecautht,ads-dyndomc,prg-apilogcon,yuting1t2,yuting2t,prg-1sw-p1wtrclm,gbj35620,prg-1sw-mbnodp,prg-1sw-swlmtrt,prg-spr-t-intl2,prg-spr-egreco,prg-spr-emttof,prg-spr-st-gdiupgt,prg-1sw-aqlmtrt,prg-1sw-pllmtrt,prg-1sw-entntnp3c,prg-sh-ctpd
ddd-storeentrytimeutc
7/13/2022 8:30:10 PM
x-msedge-ref
Ref A: 7EA5DD8ABFC84FE68D203443D74659FC Ref B: FRA31EDGE0106 Ref C: 2022-07-13T20:30:10Z
ddd-strategyexecutionlatency
00:00:00.0521025
server-timing
6
ddd-servername
4064824187B3
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
cache-control
private, max-age=0
x-msedge-responseinfo
52
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
onewebservicelatency
52
x-as-suppresssetcookie
1
expires
Wed, 13 Jul 2022 20:30:10 GMT
date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
News_PageFeedReadStrategy
ddd-usertype
AnonymousMuid
ddd-tmpl
RR:0;XFeed;PageViewCount0
ddd-debugid
1bb85cc7-0c6e-4e71-8769-20a819884b7b|7/13/2022 8:30:10 PM|fabric:/msn|NEU2|_News_32
content-length
3080
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt14=muidflt14cf,muidflt17=muidflt17cf,muidflt58=muidflt58cf,muidflt59=muidflt59cf,muidflt300=muidflt300cf,mmxandroid1=mmxandroid1cf,platagyedge3=platagyedge3cf,audexedge1=audexedge1cf,platagyhp2=platagyhp2cf,moneyhp1=moneyhp1cf,pnehz2=modcoglangc,bingcollabhz1=bingcollabhz1cf,article1=prg-ads-t-onesz-r2,gallery3=gallery3cf,msnapp4=msnapp4cf,anaheimmuidr5=prg-da21rf2,shophp2=shophp2cf,msnsports3=msnsports3cf,msnsports4=msnsports4cf,sagenlann=prg-1sw-sagenf26vc,sagenl1=prg-ntbell-expt,sagenl3=preprg-1sw-sacali2c,wfeedsmuid9=prg-1sw-sdb7e,wfeedsmuidshop2=prg-1sw-clarity,275b=btrecenca,msnsapphire1=msnsapphire1cf,2ml4=prg-adspeek,2tpu=1s-winauthservice,wfeedsmuid17=prg-1sw-c-smexps,wfeedsmuidheader1=prg-loc-header,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,msnapp8=msnapp8cf,prong2flyout2=prg-1sw-clbdg,prong2flyout3=prg-1sw-clrot,prong2flyout4=prg-prong2-arg,314c=prg-ias,3c76=routentpring2t,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k4p=prg-cookiesync,3l73=prg-1sw-splog,artglyrank2=artglyrank2cf,3m3s=prg-wpo-pnpc,prong2wpo2=prg-1sw-pr2tsposrc,prong2wpo3=prg-pr2-3pine-c,prong2wpo4=1s-4pinrecl,3mi0=prg-1sw-hdukr,3nhv=prg-upsaip-w1-t,3ouz=prg-intapperr,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3qu2=1s-contentview-1,muidflt22=prg-wtchad20,3sxl=a83d7349,3t7d=prg-wx-sbn-vm,3tdh=prg-videoimp0s,3txa=prg-1sw-sbn-mm,3vb9=prg-ctr-pmosc,3vhe=1s-rpssecautht,3w6q=ads-dyndomc,3w8x=prg-apilogcon,3wcj=yuting1t2,3wcn=yuting2t,3wjn=prg-1sw-p1wtrclm,3wqo=gbj35620,3wus=prg-1sw-mbnodp,3xfp=prg-1sw-swlmtrt,3xfz=prg-spr-t-intl2,3xpd=prg-1sw-aqlmtrt,3xpk=prg-1sw-pllmtrt,3yoo=prg-1sw-entntnp3c,3ytj=prg-sh-ctpd
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset
0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:wAAA;
ddd-activityid
1bb85cc7-0c6e-4e71-8769-20a819884b7b
ddd-storeexecutionlatency
00:00:00.0520718
ddd-datastore
News_PageFeedDataStore
access-control-allow-credentials
true
akamai-request-id
3a8439a2
common-header.dee93da3dc22a912cbbb.js
assets.msn.com/bundles/v1/views/latest/ 		250 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/common-header.dee93da3dc22a912cbbb.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0843101436c593c7a743e3fae1c7370f8e360866e2faad46d811f54e6452a377

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
RDn2J7kiPzvjYKFVCZmpFg==
server-timing
6
content-length
58078
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jul 2022 00:56:54 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA646A944BF21D
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
48ad82d9-001e-00d0-2f53-9639fe000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843a45
83FDD87802796D9B8A846CAEB03DD489
assets.msn.com/content/view/v2/Detail/en-ca/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/view/v2/Detail/en-ca/83FDD87802796D9B8A846CAEB03DD489
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4656c18f7bf231187983bfd73622273ee0c6f98aacfaf9c3a7f0f81eb7ad151b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
gzip
ddd-usertype
AnonymousMuid
akamai-request-id
3a843a51
ddd-debugid
fdf8be39-16ec-4414-ab43-14c16f28b346|7/13/2022 8:30:10 PM|fabric:/msn|NEU2|_News_34
server-timing
6
content-length
2286
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
ddd-authenticatedwithjwtflow
False
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
cache-control
public, max-age=60
akamai-server-ip
23.36.161.69
x-msedge-responseinfo
5
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
onewebservicelatency
5
x-as-suppresssetcookie
1
access-control-allow-credentials
true
c.gif
c.msn.com/
Redirect Chain
  • https://c.msn.com/c.gif?rnd=1657744210387&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-j...
  • https://c.bing.com/c.gif?rnd=1657744210387&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-...
  • https://c.msn.com/c.gif?rnd=1657744210387&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-j...
42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.msn.com/c.gif?rnd=1657744210387&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30&cvs=Browser&di=17930&st.dpt=other&st.sdpt=&subcvs=news&lng=en-ca&rid=9f9a19a0fa3e4701a5889a79ae4cdb5d&activityId=9f9a19a0fa3e4701a5889a79ae4cdb5d&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=CDA67927303648BF8C1ECE778A831E8E&MUID=341D58F307FC68340265491306976973
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 20:30:10 GMT
last-modified
Sat, 02 Jul 2022 00:08:47 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"8a177e6a78dd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 20:30:09 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 90ABBDB29F7F40498E9CD2E5D38C3123 Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:10Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.msn.com/c.gif?rnd=1657744210387&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30&cvs=Browser&di=17930&st.dpt=other&st.sdpt=&subcvs=news&lng=en-ca&rid=9f9a19a0fa3e4701a5889a79ae4cdb5d&activityId=9f9a19a0fa3e4701a5889a79ae4cdb5d&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=CDA67927303648BF8C1ECE778A831E8E&MUID=341D58F307FC68340265491306976973
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?rn=1657744210388&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30%26content%3D1%26mkt%3Den-ca&c8=Toronto+Blue+Jays+redesign+Fourth+of+July+hats%2C+remove+stars&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
oxHs8UFw5-_IFtKUSQTxzhsv_p_CqYc76SgaeexSJILZupSYRg5RhA==
x-cache
Miss from cloudfront
toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
www.sootoday.com/national-sports/ Frame AD71 		74 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.2957f4c137d9fd2f4173.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
78c093fca4c33752dcc49becf0b4c068690e599ea6840e28beebbcc4a0ddc859
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=65
content-encoding
gzip
content-length
20608
content-type
text/html; charset=utf-8
date
Wed, 13 Jul 2022 20:30:10 GMT
expires
Wed, 13 Jul 2022 20:31:16 GMT
last-modified
Wed, 13 Jul 2022 20:30:11 GMT
strict-transport-security
max-age=63072000;
vary
Accept-Encoding
SegoeUI-Roman-VF-subset_web.woff2
assets.msn.com/statics/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/SegoeUI-Roman-VF-subset_web.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing
5
content-length
41006
last-modified
Thu, 04 Jul 2019 01:04:35 GMT
server
AkamaiNetStorage
etag
"72d13803e728b0ef3dfb6da311001643:1562269510.048951"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
23.36.161.69
accept-ranges
bytes
timing-allow-origin
*
akamai-request-id
3a843c12
access-control-allow-credentials
true
msal-browser-2.18.0.min.js
assets.msn.com/staticsb/statics/latest/auth/ 		215 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/auth/msal-browser-2.18.0.min.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
80727dfc65d83379c73caa9a65b9146c17094a4cbae05b09eb97ae2bd74dd30e

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
1XKhfRFKDeBTPMjdzJ6/xA==
server-timing
5
content-length
49441
x-ms-lease-status
unlocked
last-modified
Thu, 07 Jul 2022 20:05:46 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA605414DCA536
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
43fbb5b0-001e-001c-683d-922290000000
cache-control
public, max-age=31536000
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843cd3
one-footer.3552ca64985fa16fb37f.js
assets.msn.com/bundles/v1/views/latest/ 		145 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/one-footer.3552ca64985fa16fb37f.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
93172dd8662ec1d8fdf517e0f3ad4eb8ce830d9a5f9d79a5f85cab4e4466bfde

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
zOIVNg1Y2Wrx609KE/eDog==
server-timing
5
content-length
33051
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jul 2022 23:19:27 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA6393CCA8CADF
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
3112417d-a01e-0026-093a-9666a7000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843cdc
libs_icons-wc_icons_CardActionFluentButton_svg-libs_config-schemas_dist_LocalizedStrings_js-l-e2c408.6064c8079937f0031eca.js
assets.msn.com/bundles/v1/views/latest/ 		301 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/libs_icons-wc_icons_CardActionFluentButton_svg-libs_config-schemas_dist_LocalizedStrings_js-l-e2c408.6064c8079937f0031eca.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4848432ab95726453d963f9bcc6ba5d7dffe4d502fb2e961dcd1127f95328384

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
OaXs1s+t8n+2dTzUM231wQ==
server-timing
5
content-length
65034
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jul 2022 00:57:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA646A98923EDE
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
24056948-501e-0059-4a53-961db8000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843ce0
libs_feed-layout_dist_card-templates_native-ad-card_NativeAdCardDataMapper_js-libs_feed-layou-e9c6ea.7730afb047475697b31c.js
assets.msn.com/bundles/v1/views/latest/ 		447 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/libs_feed-layout_dist_card-templates_native-ad-card_NativeAdCardDataMapper_js-libs_feed-layou-e9c6ea.7730afb047475697b31c.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
85914dccf60971e9d831f635da8e1e0980ab160ef2bb460222d0e99286628406

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
biv8Xr06qn/xREd9e8yY1Q==
server-timing
5
content-length
90021
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jul 2022 00:57:08 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA646A9C841051
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
e14be3d0-201e-00c2-6853-96dfd8000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843ce7
libs_feed-layout_dist_FeedLayoutCard_js-libs_feed-layout_dist_card-templates_index_js-libs_on-c3bb45.f0b3d2dc9b548f7a8b24.js
assets.msn.com/bundles/v1/views/latest/ 		771 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/libs_feed-layout_dist_FeedLayoutCard_js-libs_feed-layout_dist_card-templates_index_js-libs_on-c3bb45.f0b3d2dc9b548f7a8b24.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3c683c9f009143fe43bd7a098e4820b4836fd2e1f7be5997cc22d0e2d490ad26

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
YjgjheFsxDDIN5v2VxLoSQ==
server-timing
5
content-length
151455
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jul 2022 00:56:55 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA646A94CF8C5E
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
a97109f7-a01e-00e6-3a53-96e2e3000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843cef
desktop-feed-views.24bff0277e3ba6850f08.js
assets.msn.com/bundles/v1/views/latest/ 		873 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/desktop-feed-views.24bff0277e3ba6850f08.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bae8204f9300023bc81a46b7b3254643591e4a983fde59935bc193254782bb90

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
Ccwi0DajuEjc6kIR2+5hNg==
server-timing
5
content-length
108993
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jul 2022 00:57:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA646A9A02FA18
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
2eac923f-a01e-001a-2153-96b3af000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843cf4
ms-rewards-wc.d6b4940f81583494e21e.js
assets.msn.com/bundles/v1/views/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/ms-rewards-wc.d6b4940f81583494e21e.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
866da8cce9807dbb818ceac365535dc586dd5e96808610da46881259b459db30

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
dF4qLFW9fIAJnKBG5D4SMg==
server-timing
5
content-length
4804
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jul 2022 23:19:38 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA6393D347EDDE
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
0f7aeb90-a01e-004e-123a-967c94000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843cf9
notification-bell-wc.145ecb5b5041e3c4cbde.js
assets.msn.com/bundles/v1/views/latest/ 		148 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/notification-bell-wc.145ecb5b5041e3c4cbde.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9c6a7a3f598645c964d28b8fee9418d8531cae235dfb89ff45aa9a0b91c36e22

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
xtB8rt/eYtbIrJJkPQxHeg==
server-timing
5
content-length
35960
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jul 2022 00:57:03 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA646A99FBCF45
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
a97161eb-a01e-00e6-3153-96e2e3000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843cfc
rewards-data-connector.facdfacbc584e7853b70.js
assets.msn.com/bundles/v1/views/latest/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/rewards-data-connector.facdfacbc584e7853b70.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4bb317a3501718cba37478066dc4d9e91494bf137fae788ed952179f2cd71aee

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
nQfzmQwGeE6e8NtM+zhndg==
server-timing
5
content-length
5088
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jul 2022 23:19:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA6393BCDB187E
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
a2b6f9b1-f01e-007f-693a-967687000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a843d06
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1657744210540&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.208.16.90 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
3fc209a610f60d8611b659e15e5d4e5fb9f51752f2a58f75d91451dc074df97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Wed, 13 Jul 2022 20:30:10 GMT
time-delta-millis
449
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
instance
login.microsoftonline.com/common/discovery/ 		950 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://login.microsoftonline.com/common/oauth2/v2.0/authorize
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/auth/msal-browser-2.18.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f463580c98fd336d4e69e7dca36cf345a81a5e402f61d9f870eae9d8c4e59de9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Date
Wed, 13 Jul 2022 20:30:10 GMT
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin
*
x-ms-request-id
40af8285-7be6-4658-8ebe-688d5c322100
X-XSS-Protection
0
Cache-Control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.13156.10 - NEULR1 ProdSlices
Content-Type
application/json; charset=utf-8
Content-Length
950
X-Content-Type-Options
nosniff
count
www.bing.com/bnc/notifications/ 		0
0
count
www.bing.com/bnc/notifications/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/bnc/notifications/count?app=verticalWebcontent&ocid=entnewsntp&pageId=webcontent
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-personalbing-csrf,x-personalbing-flights,x-search-clientid,x-search-uilang
Access-Control-Request-Method
GET
Origin
https://www.msn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers
*
access-control-allow-origin
https://www.msn.com
access-control-max-age
7200
cache-control
private
content-encoding
br
content-length
1
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'nonce-C54Qdf97GsqjecIMWXp5aqlfQz1ccWPPHlhIqQCmK2w='; base-uri 'self';report-to csp-endpoint
content-type
text/html
date
Wed, 13 Jul 2022 20:30:09 GMT
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 004B8AAF742048D19A795DA230A137CF Ref B: FRAEDGE1214 Ref C: 2022-07-13T20:30:10Z
viewspage
assets.msn.com/service/news/feed/pages/ 		97 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/news/feed/pages/viewspage?market=en-ca&activityId=9F9A19A0-FA3E-4701-A588-9A79AE4CDB5D&timeOut=3000&ocid=winp1&fdhead=1s-4pinrecl,1s-contentview-1,1s-fcrypt,1s-p2-brknb,1s-p2cl-bdg,1s-rpssecautht,1s-winauthservice,prg-1sbgbanner,prg-1s-mtsn,prg-1sw-aqlmtrt,prg-1sw-ccglbcf1,prg-1sw-clarity,prg-1sw-clbdg,prg-1sw-clrot,prg-1sw-c-smexps,prg-1sw-hdukr,prg-1sw-mbnodp,prg-1sw-p1wtrclm,prg-1sw-pllmtrt,prg-1sw-pr2tspos,prg-1sw-pr2tsposrc,prg-1sw-sbn-mm,prg-1sw-sdb7e,prg-1sw-splog,prg-1sw-swlmtrt,prg-1sw-wxbdg,prg-1sw-wxrus,prg-ads-onesz,prg-adspeek,prg-ads-t-onesz-r2,prg-apilogcon,prg-commonbell,prg-cookiesync,prg-ctr-pmosc,prg-da21rf2,prg-hprewflyout-t,prg-ias,prg-intapperr,prg-loc-header,prg-ntbell-expt,prg-nt-vertical,prg-pr2-3pine-c,prg-prong2-arg,prg-sf-argsinj,prg-sh-ctpd,prg-spr-egreco,prg-spr-emttof,prg-spr-st-gdiupgt,prg-spr-t-intl2,prg-tok21,prg-upsaip-r-t,prg-upsaip-w1-t,prg-videoimp0s,prg-wf-sky-re,prg-wpo-pnpc,prg-wtchad20,prg-wx-anmpr,prg-wx-sbn-vm&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ContentId=83FDD87802796D9B8A846CAEB03DD489&User=m-341D58F307FC68340265491306976973&$skip=3
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e75a2eae473aac265d1b4c1f02192cc2ef59f858689d09acc714853e98a5761

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt14cf,muidflt17cf,muidflt58cf,muidflt59cf,muidflt300cf,mmxandroid1cf,platagyedge3cf,audexedge1cf,platagyhp2cf,moneyhp1cf,modcoglangc,bingcollabhz1cf,prg-ads-t-onesz-r2,prg-ads-onesz,gallery3cf,msnapp4cf,prg-da21rf2,prg-tok21,shophp2cf,msnsports3cf,msnsports4cf,prg-1sw-sagenf26vc,prg-ntbell-expt,prg-commonbell,prg-nt-vertical,preprg-1sw-sacali2c,prg-1sw-sdb7e,prg-1sw-clarity,btrecenca,msnsapphire1cf,prg-adspeek,1s-winauthservice,prg-1sw-c-smexps,prg-loc-header,prg-hprewflyout-t,prg-wf-sky-re,msnapp8cf,prg-1sw-clbdg,1s-p2-brknb,1s-p2cl-bdg,prg-1sbgbanner,prg-1sw-wxbdg,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-prong2-arg,prg-sf-argsinj,prg-ias,routentpring2t,prg-1sw-nwrc,1s-fcrypt,prg-cookiesync,prg-1sw-splog,artglyrank2cf,prg-wpo-pnpc,prg-1sw-pr2tsposrc,prg-1sw-pr2tspos,prg-pr2-3pine-c,1s-4pinrecl,prg-1sw-hdukr,prg-upsaip-w1-t,prg-intapperr,prg-upsaip-r-t,prg-wx-anmpr,1s-contentview-1,prg-wtchad20,a83d7349,prg-wx-sbn-vm,prg-videoimp0s,prg-1sw-sbn-mm,prg-ctr-pmosc,1s-rpssecautht,ads-dyndomc,prg-apilogcon,yuting1t2,yuting2t,prg-1sw-p1wtrclm,gbj35620,prg-1sw-mbnodp,prg-1sw-swlmtrt,prg-spr-t-intl2,prg-spr-egreco,prg-spr-emttof,prg-spr-st-gdiupgt,prg-1sw-aqlmtrt,prg-1sw-pllmtrt,prg-1sw-entntnp3c,prg-sh-ctpd
ddd-storeentrytimeutc
7/13/2022 8:30:10 PM
x-msedge-ref
Ref A: C1C0BDD81E534832B850544031395DF6 Ref B: FRA31EDGE0719 Ref C: 2022-07-13T20:30:10Z
ddd-strategyexecutionlatency
00:00:00.1666376
server-timing
6
ddd-servername
D840D97F0C75
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
cache-control
private, max-age=0
x-msedge-responseinfo
167
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
onewebservicelatency
167
x-as-suppresssetcookie
1
expires
Wed, 13 Jul 2022 20:30:11 GMT
date
Wed, 13 Jul 2022 20:30:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
News_PageFeedReadStrategy
ddd-usertype
AnonymousMuid
ddd-tmpl
IsRecoNewUser:1;SageUser:0;WasRecoNewUser:1;PageViewCount0;XFeed;ULatLon3.83:11.5;RR:0;TileID:s28j
ddd-debugid
a4e23a0c-3134-4d79-8619-81518770b395|7/13/2022 8:30:11 PM|fabric:/msn|NEU2|_News_11
content-length
26548
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt14=muidflt14cf,muidflt17=muidflt17cf,muidflt58=muidflt58cf,muidflt59=muidflt59cf,muidflt300=muidflt300cf,mmxandroid1=mmxandroid1cf,platagyedge3=platagyedge3cf,audexedge1=audexedge1cf,platagyhp2=platagyhp2cf,moneyhp1=moneyhp1cf,pnehz2=modcoglangc,bingcollabhz1=bingcollabhz1cf,article1=prg-ads-t-onesz-r2,gallery3=gallery3cf,msnapp4=msnapp4cf,anaheimmuidr5=prg-da21rf2,shophp2=shophp2cf,msnsports3=msnsports3cf,msnsports4=msnsports4cf,sagenlann=prg-1sw-sagenf26vc,sagenl1=prg-ntbell-expt,sagenl3=preprg-1sw-sacali2c,wfeedsmuid9=prg-1sw-sdb7e,wfeedsmuidshop2=prg-1sw-clarity,275b=btrecenca,msnsapphire1=msnsapphire1cf,2ml4=prg-adspeek,2tpu=1s-winauthservice,wfeedsmuid17=prg-1sw-c-smexps,wfeedsmuidheader1=prg-loc-header,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,msnapp8=msnapp8cf,prong2flyout2=prg-1sw-clbdg,prong2flyout3=prg-1sw-clrot,prong2flyout4=prg-prong2-arg,314c=prg-ias,3c76=routentpring2t,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k4p=prg-cookiesync,3l73=prg-1sw-splog,artglyrank2=artglyrank2cf,3m3s=prg-wpo-pnpc,prong2wpo2=prg-1sw-pr2tsposrc,prong2wpo3=prg-pr2-3pine-c,prong2wpo4=1s-4pinrecl,3mi0=prg-1sw-hdukr,3nhv=prg-upsaip-w1-t,3ouz=prg-intapperr,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3qu2=1s-contentview-1,muidflt22=prg-wtchad20,3sxl=a83d7349,3t7d=prg-wx-sbn-vm,3tdh=prg-videoimp0s,3txa=prg-1sw-sbn-mm,3vb9=prg-ctr-pmosc,3vhe=1s-rpssecautht,3w6q=ads-dyndomc,3w8x=prg-apilogcon,3wcj=yuting1t2,3wcn=yuting2t,3wjn=prg-1sw-p1wtrclm,3wqo=gbj35620,3wus=prg-1sw-mbnodp,3xfp=prg-1sw-swlmtrt,3xfz=prg-spr-t-intl2,3xpd=prg-1sw-aqlmtrt,3xpk=prg-1sw-pllmtrt,3yoo=prg-1sw-entntnp3c,3ytj=prg-sh-ctpd
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset
0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:wgAA;
ddd-activityid
a4e23a0c-3134-4d79-8619-81518770b395
ddd-storeexecutionlatency
00:00:00.1666050
ddd-datastore
News_PageFeedDataStore
access-control-allow-credentials
true
akamai-request-id
3a8441d5
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1657744210889&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.208.16.90 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
f2f05677b9b1a5441a77630cb0740c5cef47973eb4b75fe93df7d63663964810
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Wed, 13 Jul 2022 20:30:10 GMT
time-delta-millis
225
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
openid-configuration
login.microsoftonline.com/common/v2.0/.well-known/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/auth/msal-browser-2.18.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c45868384dfd77121a6d62ba32304628c211fdc6d471cb985348d731890b6e96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
strict-origin-when-cross-origin
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Date
Wed, 13 Jul 2022 20:30:10 GMT
Access-Control-Allow-Methods
GET, OPTIONS
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin
*
x-ms-request-id
b483dd46-d1ba-4f50-92ed-78962a775d00
X-XSS-Protection
0
Cache-Control
max-age=86400, private
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server
2.1.13156.10 - NEULR1 ProdSlices
Content-Type
application/json; charset=utf-8
Content-Length
1547
X-Content-Type-Options
nosniff
authorize
login.microsoftonline.com/common/oauth2/v2.0/ Frame A4B0 		151 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d7b530a4-7680-4c23-a8bf-c52c121d2e87&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fstaticsb%2Fstatics%2Flatest%2Fauth%2Fauth-redirect-blank.html&client-request-id=24f08f09-6630-499e-a38c-b62a00f134bb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=fpbRKiaKmg_aP_iyV18N3y-_666pRTM6NCdaDwh8n_M&code_challenge_method=S256&prompt=none&nonce=730f048c-5eae-4947-8f9b-33b5cd6133f6&state=eyJpZCI6IjJjZmMxNWM0LWJjODMtNDQwOC1hODZhLWVjZDc5MmNlNGUzZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/auth/msal-browser-2.18.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ffa10f2324be5e68d8e723eea4b693da7b97d85cc80570a24568cfe50e1fad27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
54865
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 20:30:10 GMT
Expires
-1
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,50168,0,,
x-ms-ests-server
2.1.13201.7 - NEULR2 ProdSlices
x-ms-request-id
4bc894e0-1bcc-45be-8072-9c48dc8b4600
social-bar-wc.18d1a56c8ee0b0a135f6.js
assets.msn.com/bundles/v1/views/latest/ 		170 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/social-bar-wc.18d1a56c8ee0b0a135f6.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3be1becae44315673d9994e0c9590302e4a900bbd2b4ddf4a0d30682b31deae7

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
cYR2G8FaAKas83+YVk2pgg==
server-timing
11
content-length
38896
x-ms-lease-status
unlocked
last-modified
Wed, 13 Jul 2022 00:56:52 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA646A93194790
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
48ad9202-001e-00d0-3853-9639fe000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a84453b
th
www.bing.com/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.88281c34dfb4d8aaf1228ed516f9a4fc&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d49b7de9ccc6697932ae7d8eeb2df135f7a981db9f6557d3977e3deca84624e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4040B83B09C0443C8545046639A011F0 Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
14438
BBYPv0u
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		675 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBYPv0u?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5da5d72996b6aecafd3cbfc439b75a40e12a3ab88b51cb3b7193a1d41f203990
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 20:30:11 GMT
last-modified
Sun, 19 Jun 2022 14:27:03 GMT
x-datacenter
westus
x-source-length
1515
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=281018
x-activityid
724a3b87-c393-439c-a1d8-b0735220828d
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBYPv0u?w=16&h=16&q=100&m=6&f=png&u=t
content-length
675
expires
Sun, 17 Jul 2022 02:33:49 GMT
th
www.bing.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.9f6ca4ae403906e9f896411099e64ee5&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9882ca1718e8052ac7a970888b9bd1bd26761c0d1172b5467dd8bf70b808f09b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F2973CB55047454295D97711D9CD9E59 Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
21239
BB10dZNR
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		257 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
388b63d310a0b20042b84dc31689e6f814da1524810e6a9d3b98c0b1ddd56c73
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB10dZNR
date
Wed, 13 Jul 2022 20:30:11 GMT
x-source-length
1138
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
53978ec3-477d-45c5-b971-6e44b1494abb
last-modified
Tue, 05 Jul 2022 10:52:39 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
257
x-resizerversion
1.0
x-datacenter
eastap
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=94932
timing-allow-origin
*
expires
Thu, 14 Jul 2022 22:52:23 GMT
th
www.bing.com/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.40e5b3f43f843f9027ff000f86aed6a4&pid=Wdp&w=468&h=304&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
91892fe0392ee8976654f095cfcae4831fa2be8df823e98f46d0f1f986bc90b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8C64D997728B4064890730798755A4E6 Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
25164
AAxlCmf
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		612 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAxlCmf?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ef6bda369e42eaadb3ec8d1b22a8b7510ce17dc1d7fa8d154e8b346637e63be5
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAxlCmf
date
Wed, 13 Jul 2022 20:30:11 GMT
x-source-length
18737
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAxlCmf?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
49d5723c-a589-497d-acd3-6eee711b6307
last-modified
Fri, 06 May 2022 22:24:29 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
612
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=121928
timing-allow-origin
*
expires
Fri, 15 Jul 2022 06:22:19 GMT
th
www.bing.com/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.13ba09e749447f6cf2678b6797338f55&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2349abaf63edbae2e120b7ccf4cc091073ee751787df33f3b525eac19f00ce3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4DD20989090C439F84332F0A656161F8 Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
22423
AA3HAHV
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		508 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA3HAHV?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
70640e96b501502d60d86a00de4d72b81d6a15e3128e9491126f7a1c14ec897b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 20:30:11 GMT
last-modified
Thu, 07 Jul 2022 15:55:23 GMT
x-datacenter
eastus
x-source-length
334
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=285936
x-activityid
a2b651b3-9993-4b10-8e90-312b4be7c0ab
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AA3HAHV?w=16&h=16&q=100&m=6&f=png&u=t
content-length
508
expires
Sun, 17 Jul 2022 03:55:47 GMT
th
www.bing.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.b2a4a913d809ec428c85c158d3351ee1&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
04b5844fb00e680d543986a6c5f54e2cbe14602c09a69af9329b8bf3d5cf3e65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 25CCA9EAB6BC4F48B85D86ED897954DC Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
15195
AAOwaIR
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		356 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAOwaIR?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d2a6ee4fdd6281def0b7718ca9db495013cda7e6921f8a83c82af8a5822741ac
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:11 GMT
last-modified
Sat, 09 Jul 2022 22:35:28 GMT
x-datacenter
eastap
x-source-length
334
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=93947
x-activityid
bc347b40-a64f-44e1-b701-97620e8bf914
content-location
https://img.s-msn.com/tenant/amp/entityid/AAOwaIR?w=16&h=16&q=100&m=6&f=png&u=t
x-resizerversion
1.0
timing-allow-origin
*
content-length
356
expires
Thu, 14 Jul 2022 22:35:58 GMT
th
www.bing.com/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.a5c50c2df4a376ed88553b0812879691&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
231de87e16f551d97cf6dbad2ba11bf2c486be93f57c1036a2fdd4f6aec78208

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 34D5A93885014FA3BAC2618D68B370D0 Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
22229
BBtOBsY
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		913 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBtOBsY?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
38907f19503682b6bcebb81b23afc022d8fdb23282cdd646d0b25b9f07b291a4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 20:30:11 GMT
last-modified
Thu, 07 Jul 2022 15:45:28 GMT
x-datacenter
eastus
x-source-length
19022
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=285312
x-activityid
186f01ef-7550-402f-8914-a5dfa2892917
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBtOBsY?w=16&h=16&q=100&m=6&f=png&u=t
content-length
913
expires
Sun, 17 Jul 2022 03:45:23 GMT
th
www.bing.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.95631c1d86332c0290d23bf1dd0fdfb5&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b20458102e55ca6be038aff7314b08ffd54dd8c525aa06c9187d06bce019a199

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 93B686B9EC094C5CB17D106C8B8C595C Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
20105
AAykw7c
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		571 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAykw7c?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3d108ffef6e8b8adf05fa7720e109ee115a1651075705c724aca770d2814b392
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 20:30:11 GMT
last-modified
Fri, 17 Jun 2022 07:25:13 GMT
x-datacenter
westus
x-source-length
18737
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=119123
x-activityid
40f5d4bb-de70-48f4-923d-ea73ea1260a9
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAykw7c?w=16&h=16&q=100&m=6&f=png&u=t
content-length
571
expires
Fri, 15 Jul 2022 05:35:34 GMT
th
www.bing.com/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.216caeeeab9533d694df2b03ffec49eb&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8c4468bc28998c482443d082c0228514ef9e541227862cdc76ef5d5187bbd090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C14056E1B481448E9E9819E0D3B63B11 Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
34267
AAQk7ql
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		406 B
739 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAQk7ql?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5848665b65e1e5be4d7463e0047c98eac656f92d9e6f20a5a823774794f99b03
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 20:30:11 GMT
last-modified
Fri, 24 Jun 2022 17:58:52 GMT
x-datacenter
eastap
x-source-length
2906
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=336518
x-activityid
c10bcd98-9c70-46c8-899c-57c0a19161ed
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAQk7ql?w=16&h=16&q=100&m=6&f=png&u=t
content-length
406
expires
Sun, 17 Jul 2022 17:58:49 GMT
th
www.bing.com/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.c9080c0c2fc4a20733a197973c531d09&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bd992709f16b55aa1d890217177338ae19daf480a9cbd7762b061d6a83fced3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 63E4A4ACDF29439994B2FCA35BB41529 Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
30204
AAgnIPB
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		711 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAgnIPB?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7c83ffcdb1004e6b8ebd23d39bd83dff1c131a8ddbe1583f897ff158c25b4afa
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 20:30:11 GMT
last-modified
Thu, 07 Jul 2022 10:10:20 GMT
x-datacenter
eastus
x-source-length
18952
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=265169
x-activityid
88a44372-3cb7-4ed8-8015-dfa0b906c62c
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/AAgnIPB?w=16&h=16&q=100&m=6&f=png&u=t
content-length
711
expires
Sat, 16 Jul 2022 22:09:40 GMT
th
www.bing.com/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.d1c379f3c328de9968802cef45d5fbef&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6f03db765e05e21d3e161829cc7e50e65e88970f0e1b7bef05411baecf7a4f20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EDB992C39FD74507BA60F98B1A15D38F Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
32090
AAADLcm
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAADLcm?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fb89235f38d52766f520afc6f30a5a081268f6bfadb149c47bcf6e797270b379
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAADLcm
date
Wed, 13 Jul 2022 20:30:11 GMT
x-source-length
2028
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAADLcm?w=16&h=16&q=100&m=6&f=png&u=t
x-activityid
588eca84-80c0-4c80-8cbb-aa488a748a68
last-modified
Sun, 22 May 2022 10:40:29 GMT
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-length
771
x-resizerversion
1.0
x-datacenter
eastus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=204486
timing-allow-origin
*
expires
Sat, 16 Jul 2022 05:18:17 GMT
th
www.bing.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=ORMS.4e99c05abe80ebfce3bfa3a50948568a&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e36ecd68c54eb49bb55394d801254f8c26771e0b6610515b4ce82f13beaf4b43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3719A99E7E4848AEB17C94423397EF5A Ref B: FRAEDGE1517 Ref C: 2022-07-13T20:30:11Z
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-cache
TCP_HIT
timing-allow-origin
*
access-control-allow-headers
*
content-length
12112
BBYTHJD
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		840 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBYTHJD?w=16&h=16&q=100&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:16::215:1486 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
406049269b07e0a3fee2334d10ff58373d27e2930e887f6783f9ebd027f097ee
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 20:30:11 GMT
last-modified
Mon, 11 Jul 2022 20:10:42 GMT
x-datacenter
westus
x-source-length
2921
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=258044
x-activityid
d6f7bb60-f01c-48aa-b7f8-33862e9e72c2
x-resizerversion
1.0
content-location
https://img.s-msn.com/tenant/amp/entityid/BBYTHJD?w=16&h=16&q=100&m=6&f=png&u=t
content-length
840
expires
Sat, 16 Jul 2022 20:10:55 GMT
reaction-breakdown-dialog.23527a977284937f1854.js
assets.msn.com/bundles/v1/views/latest/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/reaction-breakdown-dialog.23527a977284937f1854.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1ee3ef3db4113847c3ce1ef617901dca7cbfba9593f17c21560e262911e714c9

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
EvKCwXK7hefZTOCDtyhHGA==
server-timing
6
content-length
22633
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jul 2022 23:19:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA6393C6606D06
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
06d9fe5f-401e-0014-123a-9611b2000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a84489f
/
assets.msn.com/service/community/urls/ 		9 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/service/community/urls/?cmsid=AAZxyJy&market=en-ca&version=1.1&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt14cf%2Cmuidflt17cf%2Cmuidflt58cf%2Cmuidflt59cf%2Cmuidflt300cf%2Cmmxandroid1cf%2Cplatagyedge3cf%2Caudexedge1cf%2Cplatagyhp2cf%2Cmoneyhp1cf%2Cmodcoglangc%2Cbingcollabhz1cf%2Cprg-ads-t-onesz-r2%2Cprg-ads-onesz%2Cgallery3cf%2Conetrustpoplive%2Cmsnapp4cf%2Cprg-da21rf2%2Cprg-tok21%2Cshophp2cf%2Cmsnsports3cf%2Cmsnsports4cf%2Cprg-ntbell-expt%2Cprg-commonbell%2Cprg-nt-vertical%2Cprg-1sw-sdb7e%2Cprg-1sw-clarity%2Cmsnsapphire1cf%2Cprg-adspeek%2Cbtrecrow1%2C1s-winauthservice%2Cprg-1sw-c-smexps%2Cprg-loc-header%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cmsnapp8cf%2Cprg-1sw-clbdg%2C1s-p2-brknb%2C1s-p2cl-bdg%2Cprg-1sbgbanner%2Cprg-1sw-wxbdg%2Cprg-1sw-clrot%2Cprg-1s-mtsn%2Cprg-1sw-wxrus%2Cprg-prong2-arg%2Cprg-sf-argsinj%2Cprg-ias%2Croutentpring2t%2C1s-fcrypt%2Cprg-cookiesync%2Cprg-1sw-splog%2Cartglyrank2cf%2Cprg-1sw-ccglbcf1%2Cprg-wpo-pnpc%2Cprg-1sw-pr2tsposrc%2Cprg-1sw-pr2tspos%2Cprg-pr2-3pine-c%2C1s-4pinrecl%2Cprg-1sw-hdukr%2Cprg-upsaip-w1-t%2Cprg-intapperr%2Cprg-upsaip-r-t%2Cprg-wx-anmpr%2C1s-contentview-1%2Cprg-wtchad20%2Ca83d7349%2Cprg-wx-sbn-vm%2Cprg-videoimp0s%2Cprg-1sw-sbn-mm%2Cprg-ctr-pmosc%2C1s-rpssecautht%2Cads-dyndomc%2Cprg-apilogcon%2Cyuting2t%2Cprg-1sw-p1wtrclm%2Cprg-1sw-mbnodp%2Cprg-1sw-swlmtrt%2Cprg-spr-t-intl2%2Cprg-spr-egreco%2Cprg-spr-emttof%2Cprg-spr-st-gdiupgt%2Cprg-1sw-aqlmtrt%2Cprg-1sw-pllmtrt%2Cprg-sh-ctpd&ocid=entnewsntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-341D58F307FC68340265491306976973
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe69643d66a15c43d1a8ebdaf83a1db503314fc8fb7579d9db70265514cb7c02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding
gzip
x-fd-features
muidflt14cf,muidflt17cf,muidflt58cf,muidflt59cf,muidflt300cf,mmxandroid1cf,platagyedge3cf,audexedge1cf,platagyhp2cf,moneyhp1cf,modcoglangc,bingcollabhz1cf,prg-ads-t-onesz-r2,prg-ads-onesz,gallery3cf,msnapp4cf,prg-da21rf2,prg-tok21,shophp2cf,msnsports3cf,msnsports4cf,prg-1sw-sagenf26vc,prg-ntbell-expt,prg-commonbell,prg-nt-vertical,preprg-1sw-sacali2c,prg-1sw-sdb7e,prg-1sw-clarity,btrecenca,msnsapphire1cf,prg-adspeek,1s-winauthservice,prg-1sw-c-smexps,prg-loc-header,prg-hprewflyout-t,prg-wf-sky-re,msnapp8cf,prg-1sw-clbdg,1s-p2-brknb,1s-p2cl-bdg,prg-1sbgbanner,prg-1sw-wxbdg,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-prong2-arg,prg-sf-argsinj,prg-ias,routentpring2t,prg-1sw-nwrc,1s-fcrypt,prg-cookiesync,prg-1sw-splog,artglyrank2cf,prg-wpo-pnpc,prg-1sw-pr2tsposrc,prg-1sw-pr2tspos,prg-pr2-3pine-c,1s-4pinrecl,prg-1sw-hdukr,prg-upsaip-w1-t,prg-intapperr,prg-upsaip-r-t,prg-wx-anmpr,1s-contentview-1,prg-wtchad20,a83d7349,prg-wx-sbn-vm,prg-videoimp0s,prg-1sw-sbn-mm,prg-ctr-pmosc,1s-rpssecautht,ads-dyndomc,prg-apilogcon,yuting1t2,yuting2t,prg-1sw-p1wtrclm,gbj35620,prg-1sw-mbnodp,prg-1sw-swlmtrt,prg-spr-t-intl2,prg-spr-egreco,prg-spr-emttof,prg-spr-st-gdiupgt,prg-1sw-aqlmtrt,prg-1sw-pllmtrt,prg-1sw-entntnp3c,prg-sh-ctpd
ddd-storeentrytimeutc
7/13/2022 8:30:11 PM
x-msedge-ref
Ref A: 4365EF11A07B4B15A2CA9D77C4CA5C29 Ref B: VIEEDGE1117 Ref C: 2022-07-13T20:30:11Z
ddd-strategyexecutionlatency
00:00:00.0029643
server-timing
5
ddd-servername
45B8AF36ECF1
x-fd-detection-corpnet
0
vary
Origin
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
cache-control
public, max-age=60
x-msedge-responseinfo
3
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
onewebservicelatency
3
x-as-suppresssetcookie
1
date
Wed, 13 Jul 2022 20:30:11 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid
Community_SocialObjectStoreReadStrategy
ddd-usertype
AnonymousMuid
ddd-debugid
3c2e1b85-f86d-471a-9229-5c23edefc374|7/13/2022 8:30:11 PM|fabric:/community|NEU1|_Community_8
content-length
1701
akamai-server-ip
23.36.161.69
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight
muidflt14=muidflt14cf,muidflt17=muidflt17cf,muidflt58=muidflt58cf,muidflt59=muidflt59cf,muidflt300=muidflt300cf,mmxandroid1=mmxandroid1cf,platagyedge3=platagyedge3cf,audexedge1=audexedge1cf,platagyhp2=platagyhp2cf,moneyhp1=moneyhp1cf,pnehz2=modcoglangc,bingcollabhz1=bingcollabhz1cf,article1=prg-ads-t-onesz-r2,gallery3=gallery3cf,msnapp4=msnapp4cf,anaheimmuidr5=prg-da21rf2,shophp2=shophp2cf,msnsports3=msnsports3cf,msnsports4=msnsports4cf,sagenlann=prg-1sw-sagenf26vc,sagenl1=prg-ntbell-expt,sagenl3=preprg-1sw-sacali2c,wfeedsmuid9=prg-1sw-sdb7e,wfeedsmuidshop2=prg-1sw-clarity,275b=btrecenca,msnsapphire1=msnsapphire1cf,2ml4=prg-adspeek,2tpu=1s-winauthservice,wfeedsmuid17=prg-1sw-c-smexps,wfeedsmuidheader1=prg-loc-header,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,msnapp8=msnapp8cf,prong2flyout2=prg-1sw-clbdg,prong2flyout3=prg-1sw-clrot,prong2flyout4=prg-prong2-arg,314c=prg-ias,3c76=routentpring2t,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,3k4p=prg-cookiesync,3l73=prg-1sw-splog,artglyrank2=artglyrank2cf,3m3s=prg-wpo-pnpc,prong2wpo2=prg-1sw-pr2tsposrc,prong2wpo3=prg-pr2-3pine-c,prong2wpo4=1s-4pinrecl,3mi0=prg-1sw-hdukr,3nhv=prg-upsaip-w1-t,3ouz=prg-intapperr,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3qu2=1s-contentview-1,muidflt22=prg-wtchad20,3sxl=a83d7349,3t7d=prg-wx-sbn-vm,3tdh=prg-videoimp0s,3txa=prg-1sw-sbn-mm,3vb9=prg-ctr-pmosc,3vhe=1s-rpssecautht,3w6q=ads-dyndomc,3w8x=prg-apilogcon,3wcj=yuting1t2,3wcn=yuting2t,3wjn=prg-1sw-p1wtrclm,3wqo=gbj35620,3wus=prg-1sw-mbnodp,3xfp=prg-1sw-swlmtrt,3xfz=prg-spr-t-intl2,3xpd=prg-1sw-aqlmtrt,3xpk=prg-1sw-pllmtrt,3yoo=prg-1sw-entntnp3c,3ytj=prg-sh-ctpd
ddd-authenticatedwithjwtflow
False
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid
3c2e1b85-f86d-471a-9229-5c23edefc374
ddd-storeexecutionlatency
00:00:00.0029395
ddd-datastore
Community_SocialDataStore
access-control-allow-credentials
true
akamai-request-id
3a8449ab
truncated
/ 		42 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7f5282cabbf7963811f21d108990cb61c5ded048d010ab13c1263b328de94e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		387 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2

Request headers

Referer
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		235 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca7ee6d75a89f45f4573c35b27a39596e1f63a48fe74b21993ea8ec8e86ffdd0

Request headers

Referer
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		239 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9

Request headers

Referer
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
authorize
login.microsoftonline.com/common/oauth2/v2.0/ Frame A4B0 		159 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d7b530a4-7680-4c23-a8bf-c52c121d2e87&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fstaticsb%2Fstatics%2Flatest%2Fauth%2Fauth-redirect-blank.html&client-request-id=24f08f09-6630-499e-a38c-b62a00f134bb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=fpbRKiaKmg_aP_iyV18N3y-_666pRTM6NCdaDwh8n_M&code_challenge_method=S256&prompt=none&nonce=730f048c-5eae-4947-8f9b-33b5cd6133f6&state=eyJpZCI6IjJjZmMxNWM0LWJjODMtNDQwOC1hODZhLWVjZDc5MmNlNGUzZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d7b530a4-7680-4c23-a8bf-c52c121d2e87&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fstaticsb%2Fstatics%2Flatest%2Fauth%2Fauth-redirect-blank.html&client-request-id=24f08f09-6630-499e-a38c-b62a00f134bb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=fpbRKiaKmg_aP_iyV18N3y-_666pRTM6NCdaDwh8n_M&code_challenge_method=S256&prompt=none&nonce=730f048c-5eae-4947-8f9b-33b5cd6133f6&state=eyJpZCI6IjJjZmMxNWM0LWJjODMtNDQwOC1hODZhLWVjZDc5MmNlNGUzZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.17 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7f58fa6328c7ebf01bddff7e532258f3bad439d488af16c7bd4d74b133dbec2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d7b530a4-7680-4c23-a8bf-c52c121d2e87&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fstaticsb%2Fstatics%2Flatest%2Fauth%2Fauth-redirect-blank.html&client-request-id=24f08f09-6630-499e-a38c-b62a00f134bb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=fpbRKiaKmg_aP_iyV18N3y-_666pRTM6NCdaDwh8n_M&code_challenge_method=S256&prompt=none&nonce=730f048c-5eae-4947-8f9b-33b5cd6133f6&state=eyJpZCI6IjJjZmMxNWM0LWJjODMtNDQwOC1hODZhLWVjZDc5MmNlNGUzZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache
Content-Encoding
gzip
Content-Length
57868
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 20:30:10 GMT
Expires
-1
Link
<https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-DNS-Prefetch-Control
on
X-XSS-Protection
0
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem
1,0,0,,
x-ms-ests-server
2.1.13201.7 - WEULR1 ProdSlices
x-ms-request-id
bd652be7-850e-4756-bc78-6a1560740100
card-actions-wc.af93eb83d8929a7dd12f.js
assets.msn.com/bundles/v1/views/latest/ 		196 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/card-actions-wc.af93eb83d8929a7dd12f.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.367f391574f5f2c4d4e0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.97 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-97.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7309aeb881a765737ba054faa34071c5d1b5ee8ea1cd43779784d07fe24cf648

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5
cRphrCMWW1sI5shUnMFSEw==
server-timing
6
content-length
41988
x-ms-lease-status
unlocked
last-modified
Mon, 11 Jul 2022 23:19:41 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DA6393D51F4A9F
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
06d9fdf4-401e-0014-453a-9611b2000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
23.36.161.69
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
3a844a89
template
www.sootoday.com/cssb/ Frame AD71 		88 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
36654a146a1b4ac191760c6380b421673255e05dc086093937a622a84f232d89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 20:30:11 GMT
vary
User-Agent
content-type
text/css; charset=utf-8
cache-control
public
strict-transport-security
max-age=63072000;
content-length
25656
expires
Thu, 13 Jul 2023 20:30:11 GMT
head
www.sootoday.com/jsb/ Frame AD71 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/jsb/head?v=LcM8wEj7Rn1AYDjGF1pjSV_suFrl8pQqVJyJndJTH5A1
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
34e5b3f77b75f5401d202f455b255a1f974f83a2a8ef027e4afa6e08cb54c3b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 20:30:11 GMT
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
strict-transport-security
max-age=63072000;
content-length
1624
expires
Thu, 13 Jul 2023 20:30:11 GMT
pub-1245765873715146
fundingchoicesmessages.google.com/i/ Frame AD71 		104 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-1245765873715146?ers=1
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
91c0264b73285fa589a97f972b0ac781926a5ce1a9ff884b90e26fa5af12cb5a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kFO3FLcbHe3JVAlTaY62Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-kFO3FLcbHe3JVAlTaY62Ig' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorServingWebSwitchboardHttp"
x-frame-options
SAMEORIGIN
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-kFO3FLcbHe3JVAlTaY62Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-kFO3FLcbHe3JVAlTaY62Ig' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame AD71 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5054
date
Wed, 13 Jul 2022 19:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 13 Jul 2022 21:05:57 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame AD71 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
8e49cb66181f9cec88ae7ddd29afe8afd51b00d115c56a187c0038c8dc105104
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28040
x-xss-protection
0
server
sffe
etag
"1273 / 848 of 1000 / last-modified: 1657726946"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Jul 2022 20:30:11 GMT
sootoday_white.svg
www.vmcdn.ca/files/sootoday/layout/ Frame AD71 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/sootoday/layout/sootoday_white.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
785d653df2645599aae40b2bdb678026626afaa365b1fd2819d45d956fab8983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 01:50:13 GMT
content-encoding
gzip
server
CloudFront
age
1017597
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
cache-control
public
content-disposition
inline; filename=sootoday_white.svg
x-amz-cf-pop
FRA56-P5
access-control-allow-origin
*
x-amz-cf-id
8TmgCfkxruf7-0U2xgQpvBhGUWNBg-vtfYCTf8uADce8nGv_NaEg_g==
expires
Mon, 01 Aug 2022 01:50:13 GMT
20220625150648-5d48d98d6d8a56e293e955b901bf263140410303836473fb2a7a35a0a442e45b.jpg;w=960
www.vmcdn.ca/f/files/shared/feeds/cp/2022/06/ Frame AD71 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/shared/feeds/cp/2022/06/20220625150648-5d48d98d6d8a56e293e955b901bf263140410303836473fb2a7a35a0a442e45b.jpg;w=960
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
2221a53a73c00a72d0441a1be01d0972f15468ca29e6295d92287012ae94fdd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:15 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
content-length
66999
x-amz-cf-id
MH1pgZoDzajyivPNNSHPlJwNhN5LAbRch-WOmC53JRjt82rN7pHuKA==
expires
Thu, 13 Jul 2023 20:30:14 GMT
vr_phone_mockup.png;w=180;h=240
www.vmcdn.ca/f/files/villagereport/images/site/ Frame AD71 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/villagereport/images/site/vr_phone_mockup.png;w=180;h=240
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
a3b19ed468a54ebbf64023ccc2d6e3bd7bcf368b59d9181471f9dd26d81ab706

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 14:46:32 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
2267019
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public
x-amz-cf-pop
FRA56-P5
content-length
44280
x-amz-cf-id
HdXUztldPIkRue8oa1k0GjcC-HRZR3g18ve-0Zm7EFD-hwpYD2bcwg==
expires
Sat, 17 Jun 2023 14:16:05 GMT
blank.gif
www.sootoday.com/images/ Frame AD71 		42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sootoday.com/images/blank.gif
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
last-modified
Wed, 01 Jun 2022 19:36:19 GMT
etag
"e5e819deee75d81:0"
strict-transport-security
max-age=63072000;
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
42
template
www.sootoday.com/jsb/ Frame AD71 		159 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
446d2f19fc949fb92f7568d50a4f3727f8001f9df221af11ee7a7ed17a3e29f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 20:30:11 GMT
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
strict-transport-security
max-age=63072000;
content-length
69766
expires
Thu, 13 Jul 2023 20:30:11 GMT
content_standalone
www.sootoday.com/jsb/ Frame AD71 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/jsb/content_standalone?v=s2y4VRyMFbajmubrlw3QYX--Fkgc6nI1pbrQFUiY5cI1
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0a434f26bbfd6cf67b07c2f9339b8d26668792dbc7080fa029c9589a048fb86a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 20:30:11 GMT
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
strict-transport-security
max-age=63072000;
content-length
1790
expires
Thu, 13 Jul 2023 20:30:11 GMT
reactions
www.sootoday.com/jsb/ Frame AD71 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/jsb/reactions?v=Hd6efr5ldppIjJFLkLUIeOhKwUXpewU3to9LK0aoJ-Q1
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c3856672b5e1a4711d5254ffb7b5d593712061fae83cf9290c4a2655a84da5da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 20:30:11 GMT
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
strict-transport-security
max-age=63072000;
content-length
1722
expires
Thu, 13 Jul 2023 20:30:11 GMT
g4d3m137.js
l.getsitecontrol.com/ Frame AD71 		433 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/g4d3m137.js
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-54.cdn77.com
Software
BunnyCDN-AMS-883 /
Resource Hash
36ab0d4d9fe092d42d756dbc0afe941434f0561609a43ef22c0b3ed7fa060007

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
br
cdn-edgestorageid
879
x-amz-request-id
V028CE91GPBHQVP5
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
07/13/2022 16:19:47
cdn-pullzone
89704
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
kAvR8J/zNEVugSuStCzGtn2r8hL5FJ5Wge+RGFgh5/CKp578jH/M70rogVW+SiqXpHKJ2zCE7gI=
server
BunnyCDN-AMS-883
access-control-allow-origin
*
last-modified
Mon, 11 Jul 2022 19:56:10 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"0cfd91bb92b14499d2618a3c458b7dfd"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=86400
cdn-requestid
74fc03181e3f84bd781c68da7b3f9e7a
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ Frame AD71 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-40.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b00e2297992976c13a606ebd224f147b4971f60c04ade463b12c6eef66032d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:22:19 GMT
content-encoding
br
last-modified
Wed, 13 Jul 2022 07:40:28 GMT
server
AmazonS3
age
514
etag
W/"2dcec0ea14ffd2243dac1dae861c2235"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
QgsAxQ3jvmxoOnHcTCLeOrCFwbSYb1IHKPVz2w1wSqFRxBHW_fQDAw==
1.0
browser.events.data.msn.com/OneCollector/ 		153 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1657744211452&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.208.16.90 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
04faa5f9d657429a366f48b58803a2d37983990b39897a25821bc71bf6308234
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Wed, 13 Jul 2022 20:30:11 GMT
time-delta-millis
162
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
153
user-o-w.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		712 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/user-o-w.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
d4626a22c2af8c95f8143af91c42fac2242da36ef36139912f72c2d85d373482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:02:30 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
2485660
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=user-o-w.svg
x-amz-cf-pop
FRA56-P5
content-length
712
x-amz-cf-id
YNtslKbPCIrHOoKYJ0MZoneeIvqF5Ds4KDDki9RJ0YCu_XptfoqMxg==
expires
Fri, 15 Jul 2022 02:02:31 GMT
opensans-regular.woff2
www.sootoday.com/css/fonts/ Frame AD71 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/css/fonts/opensans-regular.woff2
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bb83e6c7cf4aa041bcc51c81777e0e24484164c096c675bc0c8728f507eb943f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Origin
https://www.sootoday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
last-modified
Wed, 01 Jun 2022 19:36:19 GMT
etag
"b58ffdeee75d81:0"
strict-transport-security
max-age=63072000;
content-type
application/font-woff2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19020
opensans-bold.woff2
www.sootoday.com/css/fonts/ Frame AD71 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/css/fonts/opensans-bold.woff2
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Referer
https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Origin
https://www.sootoday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:10 GMT
last-modified
Wed, 01 Jun 2022 19:36:19 GMT
etag
"1431edeee75d81:0"
strict-transport-security
max-age=63072000;
content-type
application/font-woff2
cache-control
max-age=2592000
accept-ranges
bytes
content-length
19724
truncated
/ Frame AD71 		204 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bbada45fd68ad952c7630330f2a543b374aa0dff02b612ed8637b09b6cef8ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
search.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		442 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/search.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 17:56:01 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
1996449
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=search.svg
x-amz-cf-pop
FRA56-P5
content-length
442
x-amz-cf-id
bwB-nZQ2X8Oj9e_g5Wu4yrDneSzW-hRvpYTh-kEWzRWWkDOnJcSUtw==
expires
Wed, 20 Jul 2022 17:56:02 GMT
facebook-w.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		253 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/facebook-w.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
254fd27c36e073f89ef5961a63316c877148fa78dbf20e612fb3fc1dbc3af906

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 01:08:46 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
2488884
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=facebook-w.svg
x-amz-cf-pop
FRA56-P5
content-length
253
x-amz-cf-id
w_suh4B_iQ7pPBRnPXnnUsuyN209BkHeE1BIMXkvLWgJcKhtArjbZw==
expires
Thu, 14 Jul 2022 23:52:35 GMT
twitter-w.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		506 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/twitter-w.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
dba6ea9ecb296ddd7d0c150a586fe6949b8f79fc8026db799723690ac9aa36bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 01:16:16 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
2488434
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=twitter-w.svg
x-amz-cf-pop
FRA56-P5
content-length
506
x-amz-cf-id
Dr7z3s4TWnhlW3Em0TtU5xyyRgHwQT-TfCEpUKIf8rIKZhXgDoRjwg==
expires
Fri, 15 Jul 2022 01:16:17 GMT
linkedin-w.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		453 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/linkedin-w.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
daa019d9a018e5a5412653b11d0bb8a4b40b344e37fbdca9291f40e84033053a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 00:35:17 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
2490893
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=linkedin-w.svg
x-amz-cf-pop
FRA56-P5
content-length
453
x-amz-cf-id
iYBN2j1U_-TsQWaiHsgfgoHAP-rDNTs9eRqVGhbgMJfefE5Iw1ol0w==
expires
Fri, 15 Jul 2022 00:35:18 GMT
envelope-o.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		703 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/envelope-o.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
3c76b41c05c39528b76473b26a8939e5daaf53de741945b2d62b2f18c4eb74e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 01:42:29 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
2486861
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=envelope-o.svg
x-amz-cf-pop
FRA56-P5
content-length
703
x-amz-cf-id
dHAFnZinhTemhXBGU3T4K0QT7XBrgZcPgg-RXvAdRM8TRRHCC-2BaQ==
expires
Fri, 15 Jul 2022 01:42:30 GMT
print-w.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		564 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/print-w.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
6a2b63314fe802f4c69831fa2cdc5207c6b4ebf6f795d0e2ed4efb57ca765645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 30 Jun 2022 03:37:43 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
1183947
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=print-w.svg
x-amz-cf-pop
FRA56-P5
content-length
564
x-amz-cf-id
HfrOkv0TkHQDEcL6-vH9ScDtjf-evhozeBYhxrvjPTGe_BdTByXxmg==
expires
Sat, 30 Jul 2022 03:37:44 GMT
play.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		126 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/play.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
c78816806df89838631119951f58d5fcd4d501cb284968c964b72f5a29f5b86d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 01:56:39 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
2140411
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=play.svg
x-amz-cf-pop
FRA56-P5
content-length
126
x-amz-cf-id
6S9dSjJZVmqLNJ7NpWm7TPePKedRjatKKeLzce5_meLKp8uwiYa4mw==
expires
Tue, 19 Jul 2022 01:56:40 GMT
happy.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		522 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/happy.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
ea9052b9746498f060de82c210985ee8d12f8e793984cd9ac9e6164f1b9f64fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 18:08:17 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
1563713
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=happy.svg
x-amz-cf-pop
FRA56-P5
content-length
522
x-amz-cf-id
yOBxBOREmiYdXA80O1A-HMvzfJx2iU07lR-2oh9HjjnN0FZksgPQ0A==
expires
Mon, 25 Jul 2022 18:08:17 GMT
amused.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		1 KB
978 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/amused.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
16f07b55e264a3be3c0d982d52581d7115ad01ec1ffc108d175c8474b694e1c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 09:07:42 GMT
content-encoding
gzip
server
CloudFront
age
1596148
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
cache-control
public
content-disposition
inline; filename=amused.svg
x-amz-cf-pop
FRA56-P5
access-control-allow-origin
*
x-amz-cf-id
SK659Ci78yyfUfvVatOoYMq8FHcz3kJJgbSTG-pHZ0ed1_EcqfRpwA==
expires
Mon, 25 Jul 2022 09:07:43 GMT
afraid.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/afraid.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
32a67c6a17ade0c65da81012f334f3e36914804e0aa84d2565cc2961a24bbb4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 05 Jul 2022 05:01:41 GMT
content-encoding
gzip
server
CloudFront
age
746909
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
cache-control
public
content-disposition
inline; filename=afraid.svg
x-amz-cf-pop
FRA56-P5
access-control-allow-origin
*
x-amz-cf-id
panVnLu9xiyfGX3HAzHXjxhn8XEN16LKjB6xVMG44Dc3ddMpGJxfag==
expires
Thu, 04 Aug 2022 05:01:42 GMT
apathetic.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		461 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/apathetic.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
0b6d8e8c7a51c12b33bf99ef7ceb7b60e3ea92aa456cc1fe9f6b4441073c25c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 03:01:28 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
926922
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=apathetic.svg
x-amz-cf-pop
FRA56-P5
content-length
461
x-amz-cf-id
3IeMOzSrkAQ0mVxBnTCESMBxfYSf21Wv4pvO58__eLmYHCsu5M7JWQ==
expires
Tue, 02 Aug 2022 03:01:28 GMT
sad.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		521 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/sad.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
e787b59c992de042598a3773b1e1e576bcf837606c2cca9185e9e27700214a32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 20:58:38 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
1467092
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=sad.svg
x-amz-cf-pop
FRA56-P5
content-length
521
x-amz-cf-id
R24i8-Qx9NML3n6lF2fcRst8yJ7zESB1fahTRRsModbXTNmHTUFbJA==
expires
Tue, 26 Jul 2022 20:58:39 GMT
frustrated.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		563 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/frustrated.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
89d15307cdbe1f676402baa783adbfdba688ec42cc165dc5861ff096d9550258

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 08:08:44 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
2031687
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=frustrated.svg
x-amz-cf-pop
FRA56-P5
content-length
563
x-amz-cf-id
b2seKGOHIdIuTyStw4qbEQfS5W_OyVmWQenjWzwH3GTRvWLf3iPWHQ==
expires
Wed, 20 Jul 2022 08:08:44 GMT
angry.svg
www.vmcdn.ca/files/ui/icons/ Frame AD71 		914 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/angry.svg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=cppixMI5zb96bSuoXttjVmykGGQ9cbFZ7GAYqBEwTK01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
188df729bbd2d1cec1dd45a1e119a8073526217268f8451640d230a94e5a1fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 02:03:19 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
1448812
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=angry.svg
x-amz-cf-pop
FRA56-P5
content-length
914
x-amz-cf-id
KyYqJFfuj6Ul0-lYpsJEcROBVLjMFB6zEpz4-q7-ccO0szQD4nakOQ==
expires
Wed, 27 Jul 2022 02:03:19 GMT
Me.htm
login.live.com/ Frame 7DAA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.live.com/Me.htm?v=3
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d7b530a4-7680-4c23-a8bf-c52c121d2e87&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fstaticsb%2Fstatics%2Flatest%2Fauth%2Fauth-redirect-blank.html&client-request-id=24f08f09-6630-499e-a38c-b62a00f134bb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=fpbRKiaKmg_aP_iyV18N3y-_666pRTM6NCdaDwh8n_M&code_challenge_method=S256&prompt=none&nonce=730f048c-5eae-4947-8f9b-33b5cd6133f6&state=eyJpZCI6IjJjZmMxNWM0LWJjODMtNDQwOC1hODZhLWVjZDc5MmNlNGUzZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.190.160.22 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=315360000
Content-Encoding
gzip
Content-Length
1132
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 20:30:11 GMT
Expires
Sat, 10 Jul 2032 20:30:11 GMT
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer
PPV: 30 H: BL02EPF000066DD V: 0
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-ms-request-id
9cf3793b-c156-4383-92a7-d17fe747cc69
x-ms-route-info
R3_BL2
beacon.js
sb.scorecardresearch.com/ Frame AD71 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:36:59 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Thu, 09 Jun 2022 14:24:43 GMT
server
AmazonS3
age
67992
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
gxaMq9MiptJZhUDIFyUWnnh-Fii__443sGPN7vv48sYVe7jiUurktQ==
pubads_impl_2022070701.js
securepubads.g.doubleclick.net/gpt/ Frame AD71 		374 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
31918f5f4ce49eaa63265c0b72b9a22886ed6eb95081772a3fbc1a0151a6e63c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1347
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130611
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 08:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Jul 2023 20:07:44 GMT
location
gateflipp.flippback.com/flyer-locator-service/ Frame AD71 		103 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gateflipp.flippback.com/flyer-locator-service/location?domain=www.sootoday.com
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.149.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-149-120.compute-1.amazonaws.com
Software
envoy /
Resource Hash
56b250578736b43e27aa9722a36d41d2bd9a99078c1b55a33a89278daa79fb25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-trace-id
cb7iml3dk5g2n16tffug
date
Wed, 13 Jul 2022 20:30:12 GMT
content-encoding
gzip
server
envoy
vary
Origin,Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-envoy-upstream-service-time
1
/
graph.facebook.com/ Frame AD71 		421 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?fields=og_object{engagement{count}}&ids=https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920&access_token=253883948067202|97ed53738428ce974f5f6696babe8b34&callback=jQuery111202616604140477623_1657744211683&_=1657744211684
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
28d18e1a533816f15892b002be3729984fa74cbdbe042da204a44e93dd3b6178
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
etag
"3dd7552f14d763d1312eecabeadacb303abc4308"
x-app-usage
{"call_count":147,"total_cputime":0,"total_time":39}
cross-origin-resource-policy
cross-origin
x-fb-rev
1005837015
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
215
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
vTeQRsGYYRU0iJsQWS8UjycHp9qD7LS6WHhFLgIQkPoeeShJuuyuCk3sg0OU0/FR2WwXamfYeXa+GXZxh3uqGQ==
x-fb-trace-id
F7DeXImyp8q
date
Wed, 13 Jul 2022 20:30:12 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
ATnv-Kn_eR_rvxjnXQWRcZ8
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v8.0
expires
Sat, 01 Jan 2000 00:00:00 GMT
weatherwidget
www.sootoday.com/external/ Frame AD71 		133 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/external/weatherwidget?weatherCode=ON%2Fs0000479_e
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3057b14efe74e345f7741f313b5ad09e816d18be7fcc9c9abc3632b376b82f07
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Accept
*/*
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 20:23:43 GMT
strict-transport-security
max-age=63072000;
content-type
application/json; charset=utf-8
cache-control
public, max-age=512
content-length
234
expires
Wed, 13 Jul 2022 20:38:43 GMT
poll
www.sootoday.com/jsb/ Frame AD71 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/jsb/poll?v=oG8YSB4dyGKTFHX_-m-MrcyI-ykYr-_Pv7CFGKVEzoI1
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
256df061c262c1f1daaafab04edf15993728da544e58bd6b57e82f29c1c74c99
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 20:30:11 GMT
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
strict-transport-security
max-age=63072000;
content-length
9393
expires
Thu, 13 Jul 2023 20:30:11 GMT
videoadsloader
www.sootoday.com/jsb/ Frame AD71 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/jsb/videoadsloader?v=0r02dfP0uuBz9go5Cy-3u5iSCc3p4JCCV8jxhXibGx41
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fe9feaaac98dcbb591632785fe3d7434bc14fac70a347120b9e30f956cc85d5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 20:30:11 GMT
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
strict-transport-security
max-age=63072000;
content-length
3403
expires
Thu, 13 Jul 2023 20:30:11 GMT
539217
www.sootoday.com/widgets/ Frame AD71 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/widgets/539217
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
134ec71f2d0fb506834cf70a97abc1b6e0c08ba64ab8c53b53fced51712cae38
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
gzip
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private
strict-transport-security
max-age=63072000;
content-length
1058
adobestock_513374307.jpeg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/spotlight-photos/mios/ Frame AD71 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/sootoday/spotlight-photos/mios/adobestock_513374307.jpeg;w=100;h=67;mode=crop
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
cb5b92a1d4274361ac35075c74f2749cecd06a579abcb2bd96ea27ce2689863e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 11:03:06 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
34024
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
x-amz-cf-pop
FRA56-P5
content-length
2905
x-amz-cf-id
clo_ZPxs8qKtmg3NN98O6dCjp2V67dFf56rqoKy4cTvHqyAYky-eCQ==
expires
Thu, 13 Jul 2023 11:02:41 GMT
adobestock_284812740.jpeg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/spotlight-photos/true-north-mortgages/ Frame AD71 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/sootoday/spotlight-photos/true-north-mortgages/adobestock_284812740.jpeg;w=100;h=67;mode=crop
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
b7969d6c37a28cc03263b017bea571ef480df8c26015f73d81892ecb3c0bb983

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 11:01:37 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
120513
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
x-amz-cf-pop
FRA56-P5
content-length
4293
x-amz-cf-id
PK37Ld6hG7CFQKamn0uLl2qZecOP5skmF06RA7jemCtz7YfE7vWQiA==
expires
Wed, 12 Jul 2023 11:01:20 GMT
tsnn-image-7-(1).jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/spotlight-photos/destination-northern-ontario/tourism-skillsnet-north/ Frame AD71 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/sootoday/spotlight-photos/destination-northern-ontario/tourism-skillsnet-north/tsnn-image-7-(1).jpg;w=100;h=67;mode=crop
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
df3878b55d8c637a6f128956dc63bf0e3f28cacfcf6c4cccffaf35fb93068e2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 11:02:06 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
206884
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
x-amz-cf-pop
FRA56-P5
content-length
3227
x-amz-cf-id
XDxfg7TPWuZAwHUgsWWNo2ggbCt2tDFCdheWK0-8oLjmBea8_X8BmA==
expires
Tue, 11 Jul 2023 11:01:32 GMT
cropped.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/spotlight-photos/healthgear-medical/ Frame AD71 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/f/files/sootoday/spotlight-photos/healthgear-medical/cropped.jpg;w=100;h=67;mode=crop
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
2d3d140342be01223f583c996026aec45dc6ac95ead5296281ff24dbe3351adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 07 Jul 2022 11:06:21 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
552229
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public
x-amz-cf-pop
FRA56-P5
content-length
2918
x-amz-cf-id
SCluuBGrDefPpDeE6-x0wfsMyLvydFPQncVGzj1J7M5Z__tNgU7RsA==
expires
Fri, 07 Jul 2023 11:01:54 GMT
b
sb.scorecardresearch.com/ Frame AD71 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=21059523&cs_it=b3&cv=3.8.0.210223&ns__t=1657744211752&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.sootoday.com%2Fnational-sports%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920&c8=Toronto%20Blue%20Jays%20redesign%20Fourth%20of%20July%20hats%2C%20remove%20stars%20-%20Sault%20Ste.%20Marie%20News&c9=https%3A%2F%2Fwww.msn.com%2F
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-12.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:11 GMT
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
a86NftGnKL2KyRODAJK8bMgi3kTpzsFA_LjB828v3b2r-VI7EdbEFQ==
x-cache
Miss from cloudfront
auth-redirect-blank.html
www.msn.com/staticsb/statics/latest/auth/ Frame A4B0 		102 B
374 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/staticsb/statics/latest/auth/auth-redirect-blank.html
Requested by
Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d7b530a4-7680-4c23-a8bf-c52c121d2e87&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fstaticsb%2Fstatics%2Flatest%2Fauth%2Fauth-redirect-blank.html&client-request-id=24f08f09-6630-499e-a38c-b62a00f134bb&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=fpbRKiaKmg_aP_iyV18N3y-_666pRTM6NCdaDwh8n_M&code_challenge_method=S256&prompt=none&nonce=730f048c-5eae-4947-8f9b-33b5cd6133f6&state=eyJpZCI6IjJjZmMxNWM0LWJjODMtNDQwOC1hODZhLWVjZDc5MmNlNGUzZiIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
c9bd52ecd38bf9093c7a257a069d08cf03dab816d8da5c1a4f0eced0d9b1ee79

Request headers

Referer
https://login.microsoftonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
akamai-request-id
1008547d
akamai-server-ip
95.101.77.113
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
98
content-md5
gjos0l3v/GDR/S2vt1pPkw==
content-type
text/html
date
Wed, 13 Jul 2022 20:30:11 GMT
etag
0x8DA609713559A0B
last-modified
Fri, 08 Jul 2022 04:05:20 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
server-timing
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
7c7a711d-c01e-003a-2dad-92ba00000000
x-ms-version
2009-09-19
x-msedge-ref
Ref A: A3065E765CFD4C67A85876E9B9003697 Ref B: FRAEDGE1408 Ref C: 2022-07-13T20:30:11Z
meversion
mem.gfx.ms/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/meversion?partner=msnews&market=en-ca
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common-header.dee93da3dc22a912cbbb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
97100f2bbc9e508061910e790adbd454c5b961f2db3c352263eeebd9d5c59403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
x-azure-ref-originshield
0bvnOYgAAAAAj2nrPENMpR5DYG8mHgsdpRlJBMjMxMDUwNDE4MDMzAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
date
Wed, 13 Jul 2022 20:30:11 GMT
x-azure-ref
0VCvPYgAAAADIrWKXz4mEQp42bHJi4svERlJBRURHRTEwMjEAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, no-transform, max-age=43200
x-ua-compatible
IE=edge
expires
Thu, 14 Jul 2022 03:26:31 GMT
beacons
p.flipp.com/ Frame AD71 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-46.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 13 Jul 2022 20:30:12 GMT
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.sootoday.com
access-control-allow-credentials
true
x-amz-cf-id
Oa-0iKjQFT4TSoY6RiDf74r9_nNYYv7rHWh3r-aFxmsoOqFdnmgIlg==
g4d3m137.json
l.getsitecontrol.com/ Frame AD71 		93 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.getsitecontrol.com/g4d3m137.json
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/g4d3m137.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-54.cdn77.com
Software
BunnyCDN-AMS-883 /
Resource Hash
dbd0f7db736ec8ac710f97ee72e2bb83f4cea4a796c5b9884368a52507c134b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:12 GMT
content-encoding
br
vary
Accept-Encoding
cdn-edgestorageid
883
x-amz-request-id
873DH27A61GGCA9B
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
07/11/2022 19:57:59
cdn-pullzone
89704
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
qibvIrrUtJRjBtqPgdD2vdPT8M1ySH8f8/qogi9IYbXq6tGUHPa2kpXyEDzYO6+sNYGqUlLdqYI=
server
BunnyCDN-AMS-883
access-control-allow-origin
*
last-modified
Mon, 11 Jul 2022 19:56:09 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"5df3bd7d814f2b4c9d99ec3dfc0a4d5b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=5
cdn-requestid
74dc51353d434c90e797de1704fc5b1d
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
01.gif
www.vmcdn.ca/files/ui/icons/weather/ Frame AD71 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vmcdn.ca/files/ui/icons/weather/01.gif
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-50.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
dfacc28b68125a3ebab167bc626adad84ab00dc28a1823550fdedcc03607941b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:18:42 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
CloudFront
age
2016689
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public
content-disposition
inline; filename=01.gif
x-amz-cf-pop
FRA56-P5
content-length
2227
x-amz-cf-id
WQ6JGTTv68fAOZHkW870X7dz-P-Ylg1rpw8DG2dg6DXkcKS7GQx2uA==
expires
Wed, 20 Jul 2022 12:18:42 GMT
videoads
www.sootoday.com/cssb/ Frame AD71 		1 KB
922 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/cssb/videoads?v=fv9Md4-e1WUgqY-3iYIxoPVG-1U8Kk5LgsxuWIwiu3k1
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ae79e2f790372eaaf6d350bfa37f6477d780ed02ffe0804c333b4ab705dbbaea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 20:30:11 GMT
vary
User-Agent
content-type
text/css; charset=utf-8
cache-control
public
strict-transport-security
max-age=63072000;
content-length
605
expires
Thu, 13 Jul 2023 20:30:11 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame AD71 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=/5198809/NET_Outstream&description_url=https%3a%2f%2fwww.sootoday.com%2fnational-sports%2ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920&tfcd=0&npa=0&sz=640x480&min_ad_duration=5000&max_ad_duration=60000&gdfp_req=1&output=vast&unviewed_position_start=1&cust_params=Site%3Dwww.sootoday.com%26site%3Dwww.sootoday.com%2Csootoday.com%26ContentCategory%3DNational%20Sports%26ContentCategories%3DNational%20Sports%26ContentType%3DSyndicated%26TemplateType%3DDetails%26ContentId%3D5518920%26WeatherCondition%3DMainly%20Sunny%26WeatherTemperature%3D22&env=vp&impl=s&correlator=1657744211&sdkv=h.3.468.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&url=https%3A%2F%2Fwww.sootoday.com%2Fnational-sports%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6e1ae2ef0086c274531587ba84cbb5a90ce603a03e12bd35699712deb0f05ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
621
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.sootoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runtime.05dd8d2.js
s2.getsitecontrol.com/widgets/es6/ Frame AD71 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.getsitecontrol.com/widgets/es6/runtime.05dd8d2.js
Requested by
Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/g4d3m137.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
edge-723.bunnyinfra.net
Software
BunnyCDN-DE-723 /
Resource Hash
7b4efbc54fb4fd7cd1bc2e396882284662607158730226b364b47b56a0d9655d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:12 GMT
content-encoding
br
cdn-edgestorageid
874
x-amz-request-id
CHGF71JMH2FA7JGZ
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
06/10/2022 12:18:14
cdn-pullzone
83560
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
GjOIVDilAqK+ZZ27mvmL4mLrFVNGP+B/tNo2acIKbt+e7ao04MA1ke9WCMJzt9uoCm6EVz6S1Ic=
server
BunnyCDN-DE-723
access-control-allow-origin
*
last-modified
Fri, 10 Jun 2022 12:14:43 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"3ace1431be95bf5f91a0c7a6aeb0ecc0"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
public, max-age=22809600
cdn-requestid
4eabb4d786ff690913c0662979fd0745
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
meBoot.min.js
mem.gfx.ms/scripts/me/MeControl/10.22108.2/en-US/ 		158 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.22108.2/en-US/meBoot.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=msnews&market=en-ca
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
afc4759aa1ead362c4c11504fa1e71f6fc81c5d3d1b4dd6416215d335d65ad74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Jun 2022 23:09:26 GMT
x-azure-ref-originshield
0QubOYgAAAAA38G3sJJqYTbMJvqURQXnnRlJBMjMxMDUwNDE4MDUxAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag
"1d87c90a30919be"
x-azure-ref
0VCvPYgAAAAAa0ArzHD88RbxX2bU+2ffARlJBRURHRTEwMjEAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Wed, 13 Jul 2022 20:30:11 GMT
x-ua-compatible
IE=edge
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-07-13T20%3A30%3A12.045Z%27&appId=%27JS%3AMeControl%27&cV=%27aauEttClRR1uqf7W.4%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=197&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27afce529f-a4e1-410e-c736-c386bbe05e93%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A199.80000019073486%2C%22perfDuration%22%3A196.89999961853027%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnews%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22108.2%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnews%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22cache%22%3Atrue%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3D**%26cvid%3D**%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.43.200.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 20:30:11 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
YaU4O1Ov1EW7/zSc0myyrw.0
Content-Type
image/gif
Content-Length
43
Expires
0
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-07-13T20%3A30%3A12.062Z%27&appId=%27JS%3AMeControl%27&cV=%27aauEttClRR1uqf7W.6%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=10&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22108.2%2Fen-US%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27afce529f-a4e1-410e-c736-c386bbe05e93%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A14.300000190734863%2C%22perfDuration%22%3A9.699999809265137%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnews%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22108.2%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnews%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22cache%22%3Atrue%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3D**%26cvid%3D**%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.43.200.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 20:30:11 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
yx9Tu25wP0anJHKXhI6cBA.0
Content-Type
image/gif
Content-Length
43
Expires
0
meCore.min.js
mem.gfx.ms/scripts/me/MeControl/10.22108.2/en-US/ 		100 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mem.gfx.ms/scripts/me/MeControl/10.22108.2/en-US/meCore.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=msnews&market=en-ca
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bd7c1c14906bd237be9dc60260be6ec2e2f3e93584dc67e62159cdd13bde5834
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 09 Jun 2022 23:09:34 GMT
x-azure-ref-originshield
0WfTOYgAAAADkBYID40EoT5a6I6YdBb7iRlJBMjMxMDUwNDE3MDIzAGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
etag
"1d87c90a7d1ad99"
x-azure-ref
0VCvPYgAAAAAIBW3+prYSR6+rrpmXSVPiRlJBRURHRTEwMjEAZWFjNWY0OWYtZTAyZC00ZjQxLWIwYTYtMmQ1MGY5ZmNmODRh
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
date
Wed, 13 Jul 2022 20:30:11 GMT
x-ua-compatible
IE=edge
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-07-13T20%3A30%3A12.067Z%27&appId=%27JS%3AMeControl%27&cV=%27aauEttClRR1uqf7W.8%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msnews%27&*controlVersion=%2710.22108.2%27&*market=%27en-US%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=21.199999809265137&*details=%27load%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.43.200.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 20:30:11 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
PqEMRZkBT0W9a723xy97Qw.0
Content-Type
image/gif
Content-Length
43
Expires
0
truncated
/ 		358 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
t.gif
web.vortex.data.microsoft.com/collect/v1/ 		43 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-07-13T20%3A30%3A12.084Z%27&appId=%27JS%3AMeControl%27&cV=%27aauEttClRR1uqf7W.9%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meCore.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=9&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22108.2%2Fen-US%2FmeCore.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27Initial%20Collapsed%27&*impressionGuid=%27afce529f-a4e1-410e-c736-c386bbe05e93%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A15.5%2C%22perfDuration%22%3A9.100000381469727%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnews%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22108.2%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnews%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22cache%22%3Atrue%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3D**%26cvid%3D**%22%2C%22accts%22%3A%220-0%22%7D%27
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.43.200.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 20:30:12 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
OLTQrJDaR0KvVwruUkpI4A.0
Content-Type
image/gif
Content-Length
43
Expires
0
ms.shared.analytics-3.1.11.gbl.min.js
js.monitor.azure.com/scripts/c/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/c/ms.shared.analytics-3.1.11.gbl.min.js
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=msnews&market=en-ca
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
532486f86eb4d4423c8bdbabb00c69c942800fbba90d456d8e71210cbac09d9a

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:11 GMT
content-encoding
br
x-ms-meta-jssdkver
3.1.11
last-modified
Wed, 02 Mar 2022 00:34:01 GMT
x-azure-ref-originshield
06+POYgAAAAAny5XhjSuwToLTS/EHq2ssRlJBMjMxMDUwNDE3MDMzAGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
content-md5
DIZ9SGzozvDW8TjfsqXTcw==
etag
0x8D9FBE45937B34A
x-azure-ref
0VCvPYgAAAADENPqeTtKoSotgVYTYXgX5RlJBRURHRTEwMDcAZjFjYTczZDQtODg4My00Y2FmLWFiZGMtZmUyZDU2N2FmYjk2
x-cache
TCP_HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e34c0e02-501e-0005-2ce0-923aae000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000, immutable, no-transform
x-ms-version
2009-09-19
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22108.2/en-US/meCore.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.43.200.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
ads
pubads.g.doubleclick.net/gampad/ Frame AD71 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=/5198809/NET_Outstream&sz=640x480&cust_params=Site%3Dwww.sootoday.com%26site%3Dwww.sootoday.com%2Csootoday.com%26ContentCategory%3DNational%20Sports%26ContentCategories%3DNational%20Sports%26ContentType%3DSyndicated%26TemplateType%3DDetails%26ContentId%3D5518920%26WeatherCondition%3DMainly%20Sunny%26WeatherTemperature%3D22&url=https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920&unviewed_position_start=1&impl=s&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast2&video_url_to_fetch=https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920&useragent=Mozilla/5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/103.0.5060.53+Safari/537.36,gzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1165544&pmnd=0&pmxd=65000&pmad=2&max_ad_duration=61000&correlator=1657744211&is_amp=0&npa=false&osd=2&vis=1&hl=en&frm=0&sdkv=h.3.468.0&sdr=1&kfa=0&tfcd=0
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
a7694405d22e2ce17d95152b5eca83fc18f2c119984d85438bf7e5d213e90df5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.sootoday.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
events.getsitectrl.com/api/v1/ Frame AD71 		609 B
857 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.getsitectrl.com/api/v1/events?source=https%3A%2F%2Fwww.msn.com%2F
Requested by
Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.05dd8d2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.46.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-46-250.compute-1.amazonaws.com
Software
Getsitecontrol /
Resource Hash
a53f5f90b65a3c885c23b03567d0f29c605a2a671cec30a885ffb6ad62a4fd08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:12 GMT
server
Getsitecontrol
access-control-allow-methods
GET,POST
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache
access-control-allow-credentials
false
access-control-allow-headers
Content-Type,X-Requested-With
content-length
609
v1
web.vortex.data.microsoft.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.microsoft.com/collect/v1
Requested by
Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22108.2/en-US/meCore.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.43.200.36 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
css
fonts.googleapis.com/ Frame AD71 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700,900&display=swap
Requested by
Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.05dd8d2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ad2c33946a64961fc97d9785d565098943cfc0b122e809fe6c7e2353ca11b01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 20:17:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Jul 2022 20:30:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Jul 2022 20:30:12 GMT
386cc717078799c48075bc41a0cb15cc_237066624.jpg
m2.getsitecontrol.com/images/81390/ Frame AD71 		290 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m2.getsitecontrol.com/images/81390/386cc717078799c48075bc41a0cb15cc_237066624.jpg
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-3.cdn77.com
Software
BunnyCDN-DE-752 /
Resource Hash
6cc0406d43897cabe86bff1dae5bb45bbd9dc6dba16663194ee73990e41abfe2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:12 GMT
cdn-edgestorageid
755
x-amz-request-id
AKCX3X591KK64JV5
cdn-cachedat
07/06/2022 16:52:40
cdn-pullzone
84985
content-length
297362
x-amz-id-2
ew774K2Um0gNpWmzk5PTeG4NjPv9a4RLEzu27GHKEVcBBZjEcgkLCX5HDIImBsR4uzdXZuMgHMM=
server
BunnyCDN-DE-752
last-modified
Wed, 06 Jul 2022 16:50:26 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
"7364be9080e50d744147a686db3d42cf"
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control
max-age=2592000
cdn-requestid
0bd910edab4aea6305edd14c1bad67bf
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
truncated
/ Frame AD71 		583 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4560bf82919e7f25eafccb9756ee3d46d4748573fcaed0fe3acb060308740c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame AD71 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sootoday.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 12:16:38 GMT
x-content-type-options
nosniff
age
202414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 12:16:38 GMT
events
events.getsitectrl.com/api/v1/ Frame AD71 		0
212 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.getsitectrl.com/api/v1/events?ts=1657744212726&sid=607e50507dab0f74&t=1657744212.8454aabe2fb707b5753d6a716b8569f7.109f9a9e835cba31767adc243f58c7f6&s=ab453d8b7eef17ad1df2021f5daac540
Requested by
Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.05dd8d2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.46.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-46-250.compute-1.amazonaws.com
Software
Getsitecontrol /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 13 Jul 2022 20:30:13 GMT
server
Getsitecontrol
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
private, no-cache
access-control-allow-credentials
false
access-control-allow-headers
Content-Type,X-Requested-With
content-length
0
/
browser.events.data.microsoft.com/OneCollector/1.0/ 		208 B
642 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888&upload-time=1657744214289&time-delta-to-apply-millis=use-collector-delta&w=0
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.shared.analytics-3.1.11.gbl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.112.67 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
d07c441eaefee59dcdf5e0f7bedd9a64966f2e213ec14c2d4798715341711b70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Wed, 13 Jul 2022 20:30:14 GMT
time-delta-millis
375
Access-Control-Allow-Methods
POST
Content-Type
application/json
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
time-delta-millis
Content-Length
208
1.0
browser.events.data.msn.com/OneCollector/ 		24 B
918 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1657744216108&ext.intweb.msfpc=GUID%3Db0749ac41c11448cb2f230c0ae96328d%26HASH%3Db074%26LV%3D202207%26V%3D4%26LU%3D1657744212607&w=0&anoncknm=anon
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.54bcaeb171c31ce2be0d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.208.16.90 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.msn.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000
Server
Microsoft-HTTPAPI/2.0
Date
Wed, 13 Jul 2022 20:30:15 GMT
time-delta-millis
53
Access-Control-Allow-Methods
POST
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Expose-Headers
time-delta-millis
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
P3P,Set-Cookie,time-delta-millis
Content-Length
24
me
www.sootoday.com/account/ Frame AD71 		369 B
909 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sootoday.com/account/me
Requested by
Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/head?v=LcM8wEj7Rn1AYDjGF1pjSV_suFrl8pQqVJyJndJTH5A1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3f2817cf349689712ad812a104f9f18d76dca5479d23dcb15efa1cd98468aa7f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 20:30:15 GMT
content-encoding
gzip
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
private
strict-transport-security
max-age=63072000;
content-length
406

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.bing.com
URL
https://www.bing.com/bnc/notifications/count?app=verticalWebcontent&ocid=entnewsntp&pageId=webcontent

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| getCookieConsentRequired string| _ssrServiceEntryUrl string| _webWorkerBundle string| _authCookieName object| authHeaderPromiseParts object| webWorker object| webpackChunk_msnews_msnews_experiences object| _pageTimings object| _secondaryPageTimings number| 2f1acc6c3a606b082e5eef5e54414ffb boolean| _isWebWorkerPresent function| telemetryEventsClear function| telemetryEventsFlush boolean| hasPreHydrateState function| _getAppPerfTrace object| Base64 object| AutoSuggest object| msal object| MSANTracker function| Gemini object| MSA object| MeControl function| MeControlDefine function| MeControlImport object| oneDS

26 Cookies

Domain/Path Name / Value
.msn.com/ Name: USRLOC
Value:
.msn.com/ Name: _EDGE_S
Value: F=1
.msn.com/ Name: _EDGE_V
Value: 1
.msn.com/ Name: MUID
Value: 341D58F307FC68340265491306976973
www.msn.com/ Name: MicrosoftApplicationsTelemetryDeviceId
Value: b1051b35-d438-4bcb-ac73-c40994844858
www.msn.com/ Name: ai_session
Value: JpCU3++ljdYXVsZ6+GA5xM|1657744210528|1657744210528
.bing.com/ Name: MUID
Value: 341D58F307FC68340265491306976973
.c.bing.com/ Name: SRM_B
Value: 341D58F307FC68340265491306976973
.c.bing.com/ Name: SRM_M
Value: 341D58F307FC68340265491306976973
.c.msn.com/ Name: SM
Value: C
.c.msn.com/ Name: ANONCHK
Value: 0
login.microsoftonline.com/ Name: x-ms-gateway-slice
Value: estsfd
login.microsoftonline.com/ Name: stsservicecookie
Value: estsfd
.www.sootoday.com/ Name: ARRAffinitySameSite
Value: d22aa2959528b999fb5100358c79e900cb5e5551b5396a9237cbaf622ac1828d
.login.microsoftonline.com/ Name: AADSSO
Value: NA|NoExtension
login.microsoftonline.com/ Name: SSOCOOKIEPULLED
Value: 1
login.microsoftonline.com/ Name: buid
Value: 0.ASAAMe_N-B6jSkuT5F9XHpElWqQwtdeAdiNMqL_FLBIdLocBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrYlblbC9CYzs3m6milZ-qSuS5ULXF5iwqRAWdVN5gY6p-gkjZUcdHJ1RbPDOHTLmhBJu5I_z4ZTzj8WMM2xFxr-GLZjidJvZwO0gAMCChdlsgAA
login.microsoftonline.com/ Name: fpc
Value: ApRMSmpGUuFBvDZfzhh9FpqSbVEHAQAAAFMiYdoOAAAA
.login.microsoftonline.com/ Name: esctx
Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrbC_SxDUr3QONrK8C3J6jFKFK8rCJkzNow-BeBMbAsxvb-ND2xi8cEx3rFEuMLCQr7gjcv9JxbFb_LUA0WMAv1PsNN-eQ9KyGZ2C2jp4DbC_bPxa5kos4lOCxWgy4-A4zvUyjvNdImbRYvK3pvPaIc8mIhY4Rwso3QZ4YlzUdejsgAA
.login.live.com/ Name: uaid
Value: 05de2a7400a44ac3aecfbcbde0bf23d7
.login.live.com/ Name: MSPRequ
Value: id=N&lt=1657744211&co=1
.www.sootoday.com/ Name: ARRAffinity
Value: d22aa2959528b999fb5100358c79e900cb5e5551b5396a9237cbaf622ac1828d
.p.flipp.com/ Name: gid
Value: "1lOOwwAIl1GtNofUDQw0wA=="
.microsoft.com/ Name: MC1
Value: GUID=b0749ac41c11448cb2f230c0ae96328d&HASH=b074&LV=202207&V=4&LU=1657744212607
.microsoft.com/ Name: MS0
Value: 6097df98c5354e42838f1dac01144307
www.msn.com/ Name: MSFPC
Value: GUID=b0749ac41c11448cb2f230c0ae96328d&HASH=b074&LV=202207&V=4&LU=1657744212607

3 Console Messages

Source Level URL
Text
rendering info URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Message:
Autofocus processing was blocked because a document already has a focused element.
javascript error URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Message:
Access to fetch at 'https://www.bing.com/bnc/notifications/count?app=verticalWebcontent&ocid=entnewsntp&pageId=webcontent' from origin 'https://www.msn.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://www.bing.com/bnc/notifications/count?app=verticalWebcontent&ocid=entnewsntp&pageId=webcontent
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss: 'report-sample';font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;report-to csp-endpoint;worker-src 'self' https: blob: 'report-sample';
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.msn.com
browser.events.data.microsoft.com
browser.events.data.msn.com
c.bing.com
c.msn.com
cdn-gateflipp.flippback.com
events.getsitectrl.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gateflipp.flippback.com
graph.facebook.com
img-s-msn-com.akamaized.net
js.monitor.azure.com
l.getsitecontrol.com
login.live.com
login.microsoftonline.com
m2.getsitecontrol.com
mem.gfx.ms
p.flipp.com
pubads.g.doubleclick.net
s2.getsitecontrol.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
web.vortex.data.microsoft.com
www.bing.com
www.google-analytics.com
www.msn.com
www.sootoday.com
www.vmcdn.ca
www.bing.com
104.208.16.90
104.43.200.36
142.250.181.226
18.66.112.46
18.66.112.50
185.59.220.198
20.190.160.17
20.190.160.22
20.234.93.27
20.49.104.7
204.79.197.203
23.36.163.97
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:810::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:831::200e
2a02:26f0:3500:16::215:1486
2a03:2880:f02d:e:face:b00c:0:2
3.213.149.120
34.226.46.250
52.168.112.67
65.9.66.40
84.17.46.54
89.187.169.3
99.86.4.12
04b5844fb00e680d543986a6c5f54e2cbe14602c09a69af9329b8bf3d5cf3e65
04faa5f9d657429a366f48b58803a2d37983990b39897a25821bc71bf6308234
0843101436c593c7a743e3fae1c7370f8e360866e2faad46d811f54e6452a377
0a434f26bbfd6cf67b07c2f9339b8d26668792dbc7080fa029c9589a048fb86a
0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9
0b6d8e8c7a51c12b33bf99ef7ceb7b60e3ea92aa456cc1fe9f6b4441073c25c7
0f7f3c334baca177c9203128b5c34032e2be1f6a41cc6ad9a26f4bff6a6a5f1b
134ec71f2d0fb506834cf70a97abc1b6e0c08ba64ab8c53b53fced51712cae38
16f07b55e264a3be3c0d982d52581d7115ad01ec1ffc108d175c8474b694e1c6
188df729bbd2d1cec1dd45a1e119a8073526217268f8451640d230a94e5a1fe6
1ee3ef3db4113847c3ce1ef617901dca7cbfba9593f17c21560e262911e714c9
2221a53a73c00a72d0441a1be01d0972f15468ca29e6295d92287012ae94fdd4
231de87e16f551d97cf6dbad2ba11bf2c486be93f57c1036a2fdd4f6aec78208
2349abaf63edbae2e120b7ccf4cc091073ee751787df33f3b525eac19f00ce3f
254fd27c36e073f89ef5961a63316c877148fa78dbf20e612fb3fc1dbc3af906
256df061c262c1f1daaafab04edf15993728da544e58bd6b57e82f29c1c74c99
28d18e1a533816f15892b002be3729984fa74cbdbe042da204a44e93dd3b6178
2d3d140342be01223f583c996026aec45dc6ac95ead5296281ff24dbe3351adb
2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3057b14efe74e345f7741f313b5ad09e816d18be7fcc9c9abc3632b376b82f07
31918f5f4ce49eaa63265c0b72b9a22886ed6eb95081772a3fbc1a0151a6e63c
32a67c6a17ade0c65da81012f334f3e36914804e0aa84d2565cc2961a24bbb4f
3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458
34e5b3f77b75f5401d202f455b255a1f974f83a2a8ef027e4afa6e08cb54c3b6
36654a146a1b4ac191760c6380b421673255e05dc086093937a622a84f232d89
36ab0d4d9fe092d42d756dbc0afe941434f0561609a43ef22c0b3ed7fa060007
388b63d310a0b20042b84dc31689e6f814da1524810e6a9d3b98c0b1ddd56c73
38907f19503682b6bcebb81b23afc022d8fdb23282cdd646d0b25b9f07b291a4
38bd9c20c5b4bba79b98382cd8b718ea556d09d59c326fc9e550151e9e9067bb
3be1becae44315673d9994e0c9590302e4a900bbd2b4ddf4a0d30682b31deae7
3c683c9f009143fe43bd7a098e4820b4836fd2e1f7be5997cc22d0e2d490ad26
3c76b41c05c39528b76473b26a8939e5daaf53de741945b2d62b2f18c4eb74e5
3d108ffef6e8b8adf05fa7720e109ee115a1651075705c724aca770d2814b392
3e75a2eae473aac265d1b4c1f02192cc2ef59f858689d09acc714853e98a5761
3f2817cf349689712ad812a104f9f18d76dca5479d23dcb15efa1cd98468aa7f
3fc209a610f60d8611b659e15e5d4e5fb9f51752f2a58f75d91451dc074df97b
406049269b07e0a3fee2334d10ff58373d27e2930e887f6783f9ebd027f097ee
446d2f19fc949fb92f7568d50a4f3727f8001f9df221af11ee7a7ed17a3e29f0
4656c18f7bf231187983bfd73622273ee0c6f98aacfaf9c3a7f0f81eb7ad151b
4848432ab95726453d963f9bcc6ba5d7dffe4d502fb2e961dcd1127f95328384
4ad2c33946a64961fc97d9785d565098943cfc0b122e809fe6c7e2353ca11b01
4bb317a3501718cba37478066dc4d9e91494bf137fae788ed952179f2cd71aee
4bbada45fd68ad952c7630330f2a543b374aa0dff02b612ed8637b09b6cef8ae
532486f86eb4d4423c8bdbabb00c69c942800fbba90d456d8e71210cbac09d9a
56b250578736b43e27aa9722a36d41d2bd9a99078c1b55a33a89278daa79fb25
5848665b65e1e5be4d7463e0047c98eac656f92d9e6f20a5a823774794f99b03
5da5d72996b6aecafd3cbfc439b75a40e12a3ab88b51cb3b7193a1d41f203990
6a2b63314fe802f4c69831fa2cdc5207c6b4ebf6f795d0e2ed4efb57ca765645
6cc0406d43897cabe86bff1dae5bb45bbd9dc6dba16663194ee73990e41abfe2
6e1ae2ef0086c274531587ba84cbb5a90ce603a03e12bd35699712deb0f05ae9
6f03db765e05e21d3e161829cc7e50e65e88970f0e1b7bef05411baecf7a4f20
70640e96b501502d60d86a00de4d72b81d6a15e3128e9491126f7a1c14ec897b
7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915
71ed2590babebacf60ad5ced9eb8ee9131b4caabf465af6d2a1a12e0eb914ac0
7309aeb881a765737ba054faa34071c5d1b5ee8ea1cd43779784d07fe24cf648
782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d
785d653df2645599aae40b2bdb678026626afaa365b1fd2819d45d956fab8983
78c093fca4c33752dcc49becf0b4c068690e599ea6840e28beebbcc4a0ddc859
7b4efbc54fb4fd7cd1bc2e396882284662607158730226b364b47b56a0d9655d
7c83ffcdb1004e6b8ebd23d39bd83dff1c131a8ddbe1583f897ff158c25b4afa
7f58fa6328c7ebf01bddff7e532258f3bad439d488af16c7bd4d74b133dbec2b
80727dfc65d83379c73caa9a65b9146c17094a4cbae05b09eb97ae2bd74dd30e
85914dccf60971e9d831f635da8e1e0980ab160ef2bb460222d0e99286628406
866da8cce9807dbb818ceac365535dc586dd5e96808610da46881259b459db30
89d15307cdbe1f676402baa783adbfdba688ec42cc165dc5861ff096d9550258
8c4468bc28998c482443d082c0228514ef9e541227862cdc76ef5d5187bbd090
8e49cb66181f9cec88ae7ddd29afe8afd51b00d115c56a187c0038c8dc105104
91892fe0392ee8976654f095cfcae4831fa2be8df823e98f46d0f1f986bc90b0
91c0264b73285fa589a97f972b0ac781926a5ce1a9ff884b90e26fa5af12cb5a
93172dd8662ec1d8fdf517e0f3ad4eb8ce830d9a5f9d79a5f85cab4e4466bfde
97100f2bbc9e508061910e790adbd454c5b961f2db3c352263eeebd9d5c59403
9882ca1718e8052ac7a970888b9bd1bd26761c0d1172b5467dd8bf70b808f09b
993f267c85674502673e030c74e97158236b11d7df01952a6feb4049055c37a9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c6a7a3f598645c964d28b8fee9418d8531cae235dfb89ff45aa9a0b91c36e22
9f9e7ac827c5af0d7541560bbc8bb291cc3adb302fba7d2e9ded0a90b0ef3929
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3b19ed468a54ebbf64023ccc2d6e3bd7bcf368b59d9181471f9dd26d81ab706
a53f5f90b65a3c885c23b03567d0f29c605a2a671cec30a885ffb6ad62a4fd08
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7694405d22e2ce17d95152b5eca83fc18f2c119984d85438bf7e5d213e90df5
a7f5282cabbf7963811f21d108990cb61c5ded048d010ab13c1263b328de94e1
a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779
ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d
ae79e2f790372eaaf6d350bfa37f6477d780ed02ffe0804c333b4ab705dbbaea
afc4759aa1ead362c4c11504fa1e71f6fc81c5d3d1b4dd6416215d335d65ad74
afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58
b00e2297992976c13a606ebd224f147b4971f60c04ade463b12c6eef66032d57
b20458102e55ca6be038aff7314b08ffd54dd8c525aa06c9187d06bce019a199
b7969d6c37a28cc03263b017bea571ef480df8c26015f73d81892ecb3c0bb983
b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2
bae8204f9300023bc81a46b7b3254643591e4a983fde59935bc193254782bb90
bb83e6c7cf4aa041bcc51c81777e0e24484164c096c675bc0c8728f507eb943f
bd7c1c14906bd237be9dc60260be6ec2e2f3e93584dc67e62159cdd13bde5834
bd992709f16b55aa1d890217177338ae19daf480a9cbd7762b061d6a83fced3d
c3856672b5e1a4711d5254ffb7b5d593712061fae83cf9290c4a2655a84da5da
c4560bf82919e7f25eafccb9756ee3d46d4748573fcaed0fe3acb060308740c7
c45868384dfd77121a6d62ba32304628c211fdc6d471cb985348d731890b6e96
c78816806df89838631119951f58d5fcd4d501cb284968c964b72f5a29f5b86d
c9bd52ecd38bf9093c7a257a069d08cf03dab816d8da5c1a4f0eced0d9b1ee79
ca7ee6d75a89f45f4573c35b27a39596e1f63a48fe74b21993ea8ec8e86ffdd0
cb5b92a1d4274361ac35075c74f2749cecd06a579abcb2bd96ea27ce2689863e
d07c441eaefee59dcdf5e0f7bedd9a64966f2e213ec14c2d4798715341711b70
d2a6ee4fdd6281def0b7718ca9db495013cda7e6921f8a83c82af8a5822741ac
d4626a22c2af8c95f8143af91c42fac2242da36ef36139912f72c2d85d373482
d49b7de9ccc6697932ae7d8eeb2df135f7a981db9f6557d3977e3deca84624e3
d543994895fadec786c42045fc92cdd39b09bbf5cc4d2c84fbff954dd5508a7a
d7a8ec68a543580afa170bdf3a0feba255eacc8d6a8ba1502128791c23f7c333
daa019d9a018e5a5412653b11d0bb8a4b40b344e37fbdca9291f40e84033053a
dba6ea9ecb296ddd7d0c150a586fe6949b8f79fc8026db799723690ac9aa36bf
dbd0f7db736ec8ac710f97ee72e2bb83f4cea4a796c5b9884368a52507c134b4
df3878b55d8c637a6f128956dc63bf0e3f28cacfcf6c4cccffaf35fb93068e2f
dfacc28b68125a3ebab167bc626adad84ab00dc28a1823550fdedcc03607941b
e36ecd68c54eb49bb55394d801254f8c26771e0b6610515b4ce82f13beaf4b43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e787b59c992de042598a3773b1e1e576bcf837606c2cca9185e9e27700214a32
e9b43003d0bae5bc6d2985f1ecb87b58bb76f34663c717e9efc18d282bd3fcd5
ea9052b9746498f060de82c210985ee8d12f8e793984cd9ac9e6164f1b9f64fe
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef6bda369e42eaadb3ec8d1b22a8b7510ce17dc1d7fa8d154e8b346637e63be5
f2f05677b9b1a5441a77630cb0740c5cef47973eb4b75fe93df7d63663964810
f463580c98fd336d4e69e7dca36cf345a81a5e402f61d9f870eae9d8c4e59de9
fb89235f38d52766f520afc6f30a5a081268f6bfadb149c47bcf6e797270b379
fd7360b2ca1195c36ae6b177199f5c372f9b8b90253256906e0c9178d9fa83f7
fe69643d66a15c43d1a8ebdaf83a1db503314fc8fb7579d9db70265514cb7c02
fe9feaaac98dcbb591632785fe3d7434bc14fac70a347120b9e30f956cc85d5e
ffa10f2324be5e68d8e723eea4b693da7b97d85cc80570a24568cfe50e1fad27