www.msn.com Open in urlscan Pro
131.253.33.203 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD878027...
Submission Tags: falconsandbox
Submission: On July 22 via api (July 22nd 2022, 2:38:18 pm UTC) from US — Scanned from DE

Summary HTTP 150 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 24 domains to perform 150 HTTP transactions. The main IP is 131.253.33.203, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.msn.com. The Cisco Umbrella rank of the primary domain is 1030.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 22nd 2021. Valid for: a year.

This is the only time www.msn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	131.253.33.203 131.253.33.203	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
23	23.36.163.109 23.36.163.109	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 12	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 4	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
6	20.189.173.11 20.189.173.11	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
15	20.49.104.7 20.49.104.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	40.126.32.138 40.126.32.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
7	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
23	18.66.112.122 18.66.112.122	16509 (AMAZON-02) (AMAZON-02)
2	84.17.46.54 84.17.46.54	60068 (CDN77 ^_^) (CDN77 ^_^)
1	108.157.4.79 108.157.4.79	16509 (AMAZON-02) (AMAZON-02)
1	40.126.32.136 40.126.32.136	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2a02:26f0:480... 2a02:26f0:480:3::210:ee90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.230.107.219 3.230.107.219	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	18.66.112.46 18.66.112.46	16509 (AMAZON-02) (AMAZON-02)
2	138.199.37.230 138.199.37.230	60068 (CDN77 ^_^) (CDN77 ^_^)
2	52.86.134.216 52.86.134.216	14618 (AMAZON-AES) (AMAZON-AES)
3	2620:1ec:40::45 2620:1ec:40::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
6	23.96.225.71 23.96.225.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:49::45 2620:1ec:49::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	20.42.65.89 20.42.65.89	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
150	34

4 131.253.33.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.dc-msedge.net

www.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 23.36.163.109 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-109.deploy.static.akamaitechnologies.com

assets.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 20.189.173.11 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.msn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 20.49.104.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.sootoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 40.126.32.138 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.microsoftonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 18.66.112.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-122.fra56.r.cloudfront.net

www.vmcdn.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.17.46.54 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-54.cdn77.com

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-79.dus51.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.126.32.136 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:480:3::210:ee90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img-s-msn-com.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.107.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-107-219.compute-1.amazonaws.com

gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

72b366b527e947c07365712e9fcdc3b3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-46.fra56.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.199.37.230 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-230.datapacket.com

s2.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m2.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.86.134.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-134-216.compute-1.amazonaws.com

events.getsitectrl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mem.gfx.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.96.225.71 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

web.vortex.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:49::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

js.monitor.azure.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.42.65.89 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

browser.events.data.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	msn.com 1 redirects www.msn.com — Cisco Umbrella Rank: 1030 assets.msn.com — Cisco Umbrella Rank: 124 c.msn.com — Cisco Umbrella Rank: 403 browser.events.data.msn.com — Cisco Umbrella Rank: 577	1 MB
23	vmcdn.ca www.vmcdn.ca — Cisco Umbrella Rank: 149083	141 KB
15	sootoday.com www.sootoday.com — Cisco Umbrella Rank: 528830	177 KB
12	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 192 www.bing.com — Cisco Umbrella Rank: 65 Failed	220 KB
11	googlesyndication.com 72b366b527e947c07365712e9fcdc3b3.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	56 KB
11	akamaized.net img-s-msn-com.akamaized.net — Cisco Umbrella Rank: 265	30 KB
7	microsoft.com web.vortex.data.microsoft.com — Cisco Umbrella Rank: 1343 browser.events.data.microsoft.com — Cisco Umbrella Rank: 198	4 KB
7	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 pubads.g.doubleclick.net — Cisco Umbrella Rank: 477	197 KB
4	getsitecontrol.com l.getsitecontrol.com — Cisco Umbrella Rank: 15984 s2.getsitecontrol.com — Cisco Umbrella Rank: 24071 m2.getsitecontrol.com — Cisco Umbrella Rank: 80430	350 KB
4	microsoftonline.com login.microsoftonline.com — Cisco Umbrella Rank: 23	118 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 141	3 KB
3	gfx.ms mem.gfx.ms — Cisco Umbrella Rank: 2840	57 KB
2	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 434 fonts.googleapis.com — Cisco Umbrella Rank: 72	126 KB
2	getsitectrl.com events.getsitectrl.com — Cisco Umbrella Rank: 17680	866 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
2	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 20912 gateflipp.flippback.com — Cisco Umbrella Rank: 26403	11 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	43 KB
1	azure.com js.monitor.azure.com — Cisco Umbrella Rank: 2216	29 KB
1	flipp.com p.flipp.com — Cisco Umbrella Rank: 16206
1	google.de adservice.google.de — Cisco Umbrella Rank: 8252	792 B
1	facebook.com graph.facebook.com — Cisco Umbrella Rank: 134	770 B
1	live.com login.live.com — Cisco Umbrella Rank: 71	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	20 KB
150	24

	Domain	Requested by
23	www.vmcdn.ca	www.sootoday.com
23	assets.msn.com	www.msn.com assets.msn.com
15	www.sootoday.com	assets.msn.com www.sootoday.com
11	img-s-msn-com.akamaized.net
11	www.bing.com	assets.msn.com
6	web.vortex.data.microsoft.com	mem.gfx.ms
6	browser.events.data.msn.com	assets.msn.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.sootoday.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.sootoday.com www.googletagservices.com
5	securepubads.g.doubleclick.net	www.sootoday.com securepubads.g.doubleclick.net www.msn.com www.googletagservices.com
4	login.microsoftonline.com	assets.msn.com login.microsoftonline.com
4	sb.scorecardresearch.com	1 redirects www.sootoday.com
4	www.msn.com	www.msn.com assets.msn.com login.microsoftonline.com
3	mem.gfx.ms	assets.msn.com mem.gfx.ms
2	events.getsitectrl.com	s2.getsitecontrol.com
2	pubads.g.doubleclick.net	www.sootoday.com
2	l.getsitecontrol.com	www.sootoday.com l.getsitecontrol.com
2	c.msn.com	1 redirects
1	browser.events.data.microsoft.com	js.monitor.azure.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	js.monitor.azure.com	mem.gfx.ms
1	m2.getsitecontrol.com
1	fonts.googleapis.com	s2.getsitecontrol.com
1	imasdk.googleapis.com	www.sootoday.com
1	s2.getsitecontrol.com	l.getsitecontrol.com
1	p.flipp.com	cdn-gateflipp.flippback.com
1	72b366b527e947c07365712e9fcdc3b3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	graph.facebook.com	www.sootoday.com
1	gateflipp.flippback.com	cdn-gateflipp.flippback.com
1	login.live.com	login.microsoftonline.com
1	cdn-gateflipp.flippback.com	www.sootoday.com
1	www.google-analytics.com	www.sootoday.com
1	c.bing.com	1 redirects
150	37

This site contains links to these domains. Also see Links.

Domain
go.microsoft.com

Subject Issuer	Validity	Valid
*.msn.com Microsoft RSA TLS CA 01	`2021-09-22` - `2022-09-22`	a year	crt.sh
assets.msn.com Microsoft RSA TLS CA 02	`2021-09-23` - `2022-09-23`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.events.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2022-05-21` - `2023-05-16`	a year	crt.sh
www.sootoday.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-05` - `2022-09-05`	6 months	crt.sh
stamp2.login.microsoftonline.com DigiCert SHA2 Secure Server CA	`2022-05-25` - `2023-05-25`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
www.vmcdn.ca Amazon	`2021-09-16` - `2022-10-15`	a year	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2022-03-05` - `2023-04-06`	a year	crt.sh
*.flippback.com Amazon	`2022-07-01` - `2023-07-29`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2022-06-01` - `2023-06-01`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
flipp.com Amazon	`2021-09-30` - `2022-10-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-30` - `2022-07-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.getsitectrl.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 02	`2022-05-11` - `2023-05-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.vortex.data.microsoft.com Microsoft Azure TLS Issuing CA 02	`2022-07-08` - `2023-07-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
js.monitor.azure.com Microsoft Azure TLS Issuing CA 06	`2022-06-26` - `2023-06-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Frame ID: E2F75C31A955A7B2C18E6083C82BA5AA
Requests: 74 HTTP requests in this frame

Frame: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Frame ID: 8CFB83D4520F670AC0763517B2008196
Requests: 73 HTTP requests in this frame

Frame: https://www.msn.com/staticsb/statics/latest/auth/auth-redirect-blank.html
Frame ID: 0A1DB240CACE77468BACD1106E0B5C1B
Requests: 3 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: 07C46072E0F22264310C78AE55E5B191
Requests: 1 HTTP requests in this frame

Frame: https://72b366b527e947c07365712e9fcdc3b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E3F892C98F34171E08136117B10E3B40
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2ED1504813CBECB9B8DA841DCE018BA2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 83257FB2C9D9D6C93EAB194A756D6C1F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Toronto Blue Jays redesign Fourth of July hats, remove stars

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

150
Requests

98 %
HTTPS

45 %
IPv6

24
Domains

37
Subdomains

34
IPs

4
Countries

3014 kB
Transfer

9606 kB
Size

27
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://go.microsoft.com/fwlink/?LinkId=521839
Title: Privacy & Cookies

Search URL Search Domain Scan URL

URL: http://go.microsoft.com/fwlink/?LinkID=246338
Title: Terms of use

Search URL Search Domain Scan URL

URL: http://go.microsoft.com/fwlink/?LinkID=2003950
Title: Advertise

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://c.msn.com/c.gif?rnd=1658500691922&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30&cvs=Browser&di=17930&st.dpt=other&st.sdpt=&subcvs=news&lng=en-ca&rid=34920c9afd1e4b9f99ea9859a8e7db0e&activityId=34920c9afd1e4b9f99ea9859a8e7db0e&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0 HTTP 302
https://c.bing.com/c.gif?rnd=1658500691922&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30&cvs=Browser&di=17930&st.dpt=other&st.sdpt=&subcvs=news&lng=en-ca&rid=34920c9afd1e4b9f99ea9859a8e7db0e&activityId=34920c9afd1e4b9f99ea9859a8e7db0e&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=56CC17C85AE94BEC9ED124C3EC084E85&RedC=c.msn.com&MXFR=2FACA347D06F6EB92872B2AED15C6F86 HTTP 302
https://c.msn.com/c.gif?rnd=1658500691922&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30&cvs=Browser&di=17930&st.dpt=other&st.sdpt=&subcvs=news&lng=en-ca&rid=34920c9afd1e4b9f99ea9859a8e7db0e&activityId=34920c9afd1e4b9f99ea9859a8e7db0e&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=56CC17C85AE94BEC9ED124C3EC084E85&MUID=2FACA347D06F6EB92872B2AED15C6F86

Request Chain 65

https://sb.scorecardresearch.com/cs/21059523/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

150 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wc-83FDD87802796D9B8A846CAEB03DD489 Show response
www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/ 48 KB
49 KB 126ms
56ms Document
text/html 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0003.dc-msedge.net

Software

Resource Hash

b9286d8583f436b9e0e0881b91f402cf837623702de969f0c20501ad2c31e164

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss: 'report-sample';font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;report-to csp-endpoint;worker-src 'self' https: blob: 'report-sample';
Strict-Transport-Security	max-age=1209600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods: HEAD,GET,OPTIONS
cache-control: no-store, no-cache
content-security-policy: block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss: 'report-sample';font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;report-to csp-endpoint;worker-src 'self' https: blob: 'report-sample';
content-type: text/html; charset=utf-8
date: Fri, 22 Jul 2022 14:38:12 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
pragma: no-cache
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
strict-transport-security: max-age=1209600; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
x-content-type-options: nosniff
x-fabric-cluster: pmeprodneu
x-frame-options: SAMEORIGIN
x-msedge-ref: Ref A: 34920C9AFD1E4B9F99EA9859A8E7DB0E Ref B: VIEEDGE2720 Ref C: 2022-07-22T14:38:13Z
x-ua-compatible: IE=Edge;chrome=1
x-xss-protection: 1

GET
H2 200 vendors.330ade30b5bcf21d02dc.js Show response
assets.msn.com/bundles/v1/views/latest/ 280 KB
72 KB 39ms
10ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/vendors.330ade30b5bcf21d02dc.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 50eda4cff9320031d5c76f5b1c3691a9f58c0dee769b660e87a798bb4f093646

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:13 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: Tczb4H8bXgdy9FvjpRV8Kw==
server-timing: 6
content-length: 73177
x-ms-lease-status: unlocked
last-modified: Thu, 14 Jul 2022 00:33:06 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA65306B818CB0
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 3de16d83-001e-0010-5019-97bdba000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe565d

GET
H2 200 microsoft.508fd926b14391e0e3a3.js Show response
assets.msn.com/bundles/v1/views/latest/ 339 KB
77 KB 45ms
16ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/microsoft.508fd926b14391e0e3a3.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 98504659bdc49478c45d9991089ccbb57502435268039db2063ae14cb739d4ce

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:13 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: wlyK6GXtDEbrLLltKOaRtA==
server-timing: 6
content-length: 77718
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 01:49:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6B84593DC87A
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 23580cf3-701e-0033-356d-9d518f000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe566c

GET
H2 200 common.068714f86167eaae8598.js Show response
assets.msn.com/bundles/v1/views/latest/ 840 KB
186 KB 50ms
21ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 388e26cda19e2f817b4e720449e65d67a24dce0a674afddae256ed7ee9a6667d

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:13 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: UB80V0KJf2HN7C8wbNkRgg==
server-timing: 6
content-length: 189735
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 01:49:10 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6B845F86AF0E
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ccf50258-501e-0075-2f6d-9d7892000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe5674

GET
H2 200 experience.c8fc95170672a69c10d2.js Show response
assets.msn.com/bundles/v1/views/latest/ 111 KB
33 KB 54ms
26ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 693651ac6c31b07b192c4393b778473c86ccc185c44b547813cf250841b31540

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:13 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: EBsHr0rNQV+E/BzncDy0dQ==
server-timing: 6
content-length: 32775
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 05:38:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6BA45E830954
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 67b2eae3-001e-00ec-628d-9decf6000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe5679

GET
H2 200 web-worker.771792bae2927f0633e0.js
www.msn.com/bundles/v1/views/latest/ 87 KB
23 KB 23ms
22ms Other
application/javascript 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msn.com/bundles/v1/views/latest/web-worker.771792bae2927f0633e0.js
Requested by: Host: www.msn.com
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.dc-msedge.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3104f60df1cafd1398f57b715067461849cc361e872f1b83a55146616a58a4c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:12 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: e6ZX39LGGCqjXlZLagAu1A==
x-cache: TCP_HIT
server-timing: 24
content-length: 23100
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 01:49:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-msedge-ref: Ref A: 89A1AF74CFFD47B79925FC83B00ACB73 Ref B: VIEEDGE2720 Ref C: 2022-07-22T14:38:13Z
etag: 0x8DA6B845A8DBEF4
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-ms-request-id: caee1e62-601e-00ea-7f6d-9d16fa000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 96.16.48.152
x-ms-version: 2009-09-19
akamai-request-id: 3f1b794
x-cid: 7
x-ccc: US

GET
H2 200 eb-garamond-v14-latin-regular.woff2
assets.msn.com/statics/fonts/ 28 KB
29 KB 7ms
7ms Font
font/woff2 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/statics/fonts/eb-garamond-v14-latin-regular.woff2
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing: 11
content-length: 29088
last-modified: Thu, 01 Oct 2020 00:43:17 GMT
server: AkamaiNetStorage
etag: "6fbb1cf13dfeff58538dddd9e2ad485c:1601512997.736101"
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: font/woff2
access-control-allow-origin: https://www.msn.com
cache-control: public, max-age=31536000
akamai-server-ip: 23.36.161.81
accept-ranges: bytes
timing-allow-origin: *
akamai-request-id: aafe58e8
access-control-allow-credentials: true

GET
H2 200 / Show response
www.msn.com/resolver/api/resolve/v3/config/ 193 KB
48 KB 23ms
22ms Fetch
application/json 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msn.com/resolver/api/resolve/v3/config/?expType=AppConfig&expInstance=default&apptype=views&v=20220722.106&targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browserType%22:%22chrome%22,%22version%22:%22103%22,%22ismobile%22:%22false%22},%22deviceFormFactor%22:%22desktop%22,%22domain%22:%22www.msn.com%22,%22locale%22:{%22content%22:{%22language%22:%22en%22,%22market%22:%22ca%22},%22display%22:{%22language%22:%22en%22,%22market%22:%22ca%22}},%22ocid%22:%22entnewsntp%22,%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22webcontent%22,%22pageExperiments%22:[%22prg-1s-mtsn%22,%22prg-1sbgbanner%22,%22prg-1sw-3rps6pm%22,%22prg-1sw-aqlmtrt%22,%22prg-1sw-bnrrksc3%22,%22prg-1sw-clbdg%22,%22prg-1sw-clrot%22,%22prg-1sw-cnewmb%22,%22prg-1sw-fiplog%22,%22prg-1sw-hdukr%22,%22prg-1sw-list%22,%22prg-1sw-mbnodp%22,%22prg-1sw-p1wtrclm%22,%22prg-1sw-pllmtrt%22,%22prg-1sw-pr2clarity%22,%22prg-1sw-sagetn%22,%22prg-1sw-sbn-mm%22,%22prg-1sw-shopfeed%22,%22prg-1sw-shopfeedtr6%22,%22prg-1sw-stul2%22,%22prg-1sw-thwnt1%22,%22prg-1sw-wxbdg%22,%22prg-1sw-wxcfwf%22,%22prg-1sw-wxhfctrl%22,%22prg-1sw-wxrus%22,%22prg-ad-sg-m%22,%22prg-ads-onesz%22,%22prg-ads-t-onesz-r2%22,%22prg-adspeek%22,%22prg-apilog%22,%22prg-commonbell%22,%22prg-ct-noembss%22,%22prg-cthidead%22,%22prg-ctr-pmosc%22,%22prg-da21rf2%22,%22prg-hhads-cf%22,%22prg-hprewflyout-t%22,%22prg-ias%22,%22prg-intapperr%22,%22prg-nt-vertical%22,%22prg-ntbell-expt%22,%22prg-otherprod%22,%22prg-pr2-3pine%22,%22prg-pr2-3pine35%22,%22prg-pr2-fuzafc%22,%22prg-spr-egreco%22,%22prg-spr-emttof%22,%22prg-spr-st-gmarketv2%22,%22prg-spr-t-intl%22,%22prg-sw-tlmt%22,%22prg-tok21%22,%22prg-upsaip-r-t%22,%22prg-upsaip-w1-t%22,%22prg-wf-sky-re%22,%22prg-winhp-sdb7l%22,%22prg-wpo-b7arbqc%22,%22prg-wpo-t%22,%22prg-wx-anmpr%22,%22prg-wx-rmtemp%22,%22prg-wx-sbn-vm%22]}
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.dc-msedge.net
Software: Kestrel /
Resource Hash: 916d21fcfc750f2b3d3dbfdf8914ec67bd28be0109a5a2a4a6a6ff28efee5300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:13 GMT
content-encoding: gzip
etag: "bLYD8C7mWjugyi4EtmT_WeQsI0Y"
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache: TCP_HIT
content-length: 48741
x-crs-env: Production
server: Kestrel
x-msedge-ref: Ref A: C857087D6FE0465D93AE221390B4E57F Ref B: VIEEDGE2720 Ref C: 2022-07-22T14:38:14Z
x-crs-buildversion: 20220609.4_master
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: public, max-age=604800, immutable
x-fabric-cluster: pmeprodneu
x-cid: 7
x-ccc: US

GET
H2 200 article-page.6b3a743a46e555580939.js Show response
assets.msn.com/bundles/v1/views/latest/ 377 KB
84 KB 7ms
7ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/article-page.6b3a743a46e555580939.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 68fdf300a2b1a6cf7f2eaa3c20df29cf24ad5b1e2ba5a6ca154f504c891b2327

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: hQl5IDOvxBsfqO1ph5H0Dw==
server-timing: 6
content-length: 85528
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 05:38:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6BA459A11FF8
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: edff714f-c01e-00e0-3b8d-9d18ef000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe59b3

GET
H2 200 viewspage Show response
assets.msn.com/service/news/feed/pages/ 9 KB
7 KB 115ms
114ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/news/feed/pages/viewspage?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=34920C9A-FD1E-4B9F-99EA-9859A8E7DB0E&ocid=winp1&market=en-ca&user=m-2FACA347D06F6EB92872B2AED15C6F86&fdhead=msnallexpusers%2Cmuidflt9cf%2Cprg-hhads-cf%2Cmuidflt19cf%2Cmuidflt57cf%2Cmuidflt259cf%2Cpneedge2cf%2Cbingcollabedge1cf%2Cplatagyhp3cf%2Caudexhp1cf%2Caudexhp2cf%2Cmodcoglangc%2Cprg-otherprod%2Caudexhz2cf%2Cprg-ads-t-onesz-r2%2Cprg-ads-onesz%2Cgallery5cf%2Conetrustpoplive%2Cmsnapp3cf%2Cprg-da21rf2%2Cprg-tok21%2Cprg-ntbell-expt%2Cprg-commonbell%2Cprg-nt-vertical%2Cprg-1sw-cnewmb%2Cprg-1sw-shopfeedtr6%2Cprg-1sw-shopfeed%2Cprg-1sw-fiplog%2Cprg-adspeek%2Cbtrecrow1%2C1s-winauthservice%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather9cf%2Cmsnapp8cf%2Cmsnapp9cf%2Cmsnapp10cf%2Cprg-1sw-clbdg%2C1s-p2-brknb%2C1s-p2cl-bdg%2Cprg-1sbgbanner%2Cprg-1sw-wxbdg%2Cprg-1sw-clrot%2Cprg-1s-mtsn%2Cprg-1sw-wxrus%2Cprg-ias%2Croutentpring2c%2C1s-fcrypt%2Cprg-wpo-t%2Cprg-wpo-b7arbqc%2Cprg-winhp-sdb7l%2Cprg-1sw-3rps6pm%2Cprg-1sw-pr2clarity%2Cprg-pr2-fuzafc%2Cprg-pr2-3pine35%2Cprg-pr2-3pine%2Cprg-1sw-hdukr%2Cprg-upsaip-w1-t%2Cprg-intapperr%2Cprg-upsaip-r-t%2Cprg-wx-anmpr%2C1s-contentview-1%2Cprg-sw-tlmt%2Cprg-wx-sbn-vm%2Cprg-1sw-sbn-mm%2Cprg-ctr-pmosc%2Cprg-1sw-list%2C1s-rpssecautht%2Cprg-1sw-wxhfctrl%2Cprg-apilog%2Cprg-1sw-p1wtrclm%2Cprg-1sw-mbnodp%2Cprg-spr-t-intl%2Cprg-spr-egreco%2Cprg-spr-emttof%2Cprg-spr-st-gmarketv2%2Cprg-1sw-aqlmtrt%2Cprg-1sw-wxcfwf%2Cprg-1sw-pllmtrt%2Cprg-wx-rmtemp%2Cprg-cthidead%2Cprg-ct-noembss%2Cads-xandrbiasc%2Cprg-1sw-thwnt1%2Cprg-1sw-sagetn%2Cprg-1sw-bnrrksc3%2Cprg-1sw-stul2%2Cprg-ad-sg-m&contentId=83FDD87802796D9B8A846CAEB03DD489
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3d97b9614abf040862324b5339dcef55b990e03f448345fafe55a50a3e800d62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,prg-hhads-cf,muidflt19cf,muidflt57cf,muidflt259cf,pneedge2cf,bingcollabedge1cf,platagyhp3cf,audexhp1cf,audexhp2cf,modcoglangc,prg-otherprod,audexhz2cf,prg-ads-t-onesz-r2,prg-ads-onesz,gallery5cf,msnapp3cf,prg-da21rf2,prg-tok21,prg-1sw-sacfincensinc,prg-ntbell-expt,prg-commonbell,prg-nt-vertical,prg-1sw-sal3vfec,prg-1sw-cnewmb,prg-1sw-shopfeedtr6,prg-1sw-shopfeed,prg-1sw-fiplog,btrecenca,prg-adspeek,1s-winauthservice,prg-hprewflyout-t,prg-wf-sky-re,weather9cf,msnapp8cf,msnapp9cf,msnapp10cf,prg-1sw-clbdg,1s-p2-brknb,1s-p2cl-bdg,prg-1sbgbanner,prg-1sw-wxbdg,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,routentpring2c,prg-1sw-nwrc,1s-fcrypt,prg-wpo-t,prg-wpo-b7arbqc,prg-winhp-sdb7l,prg-1sw-3rps6pm,prg-1sw-pr2clarity,prg-pr2-fuzafc,prg-pr2-3pine35,prg-pr2-3pine,prg-1sw-hdukr,prg-upsaip-w1-t,prg-intapperr,prg-upsaip-r-t,prg-wx-anmpr,1s-contentview-1,prg-sw-tlmt,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ctr-pmosc,prg-1sw-list,1s-rpssecautht,prg-1sw-wxhfctrl,prg-apilog,prg-1sw-p1wtrclm,gbj35620,prg-1sw-mbnodp,prg-1sw-sbnww,prg-spr-t-intl,prg-spr-egreco,prg-spr-emttof,prg-spr-st-gmarketv2,prg-1sw-aqlmtrt,prg-1sw-wxcfwf,prg-1sw-pllmtrt,prg-wx-rmtemp,prg-cthidead,prg-1sw-entntnp3c,prg-ct-noembss,ads-xandrbiasc,prg-1sw-bnrrksc3,prg-1sw-stul2,prg-ad-sg-m,prg-bts1-r-winhp,prg-1s-whpbtss,prg-1s-whp-shop
ddd-storeentrytimeutc: 7/22/2022 2:38:14 PM
x-msedge-ref: Ref A: C736E86700A7478483505F9E88D0ADE3 Ref B: FRA31EDGE0208 Ref C: 2022-07-22T14:38:14Z
ddd-strategyexecutionlatency: 00:00:00.0774617
server-timing: 5
ddd-servername: 8EBB8CD72EC5
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
cache-control: private, max-age=0
x-msedge-responseinfo: 78
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
onewebservicelatency: 78
x-as-suppresssetcookie: 1
expires: Fri, 22 Jul 2022 14:38:14 GMT
date: Fri, 22 Jul 2022 14:38:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: News_PageFeedReadStrategy
ddd-usertype: AnonymousMuid
ddd-tmpl: RR:0;XFeed;PageViewCount0
ddd-debugid: 6ea9afb7-5fd0-4f18-88d3-f5192d54f4ed|7/22/2022 2:38:14 PM|fabric:/msn|NEU1|_News1_5
content-length: 3416
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt17=prg-hhads-cf,muidflt19=muidflt19cf,muidflt57=muidflt57cf,muidflt259=muidflt259cf,pneedge2=pneedge2cf,bingcollabedge1=bingcollabedge1cf,platagyhp3=platagyhp3cf,audexhp1=audexhp1cf,audexhp2=audexhp2cf,pnehz2=modcoglangc,platagyhz2=prg-otherprod,audexhz2=audexhz2cf,article1=prg-ads-t-onesz-r2,gallery5=gallery5cf,msnapp3=msnapp3cf,anaheimmuidr5=prg-da21rf2,sagenlann=prg-1sw-sacfincensinc,sagenl1=prg-ntbell-expt,sagenl3=prg-1sw-sal3vfec,wfeedsmuid3=prg-1sw-cnewmb,wfeedsmuid4=prg-1sw-shopfeedtr6,wfeedsmuid8=prg-1sw-fiplog,275b=btrecenca,2ml4=prg-adspeek,2tpu=1s-winauthservice,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather9=weather9cf,msnapp8=msnapp8cf,msnapp9=msnapp9cf,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-clbdg,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3c76=routentpring2c,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,anaheimedgwpo4=prg-wpo-t,anaheimedgwpo5=prg-wpo-b7arbqc,wfeedsmuidwpo1=prg-winhp-sdb7l,wfeedsmuidwpo6=prg-1sw-3rps6pm,prong2wpo1=prg-1sw-pr2clarity,prong2wpo2=prg-pr2-fuzafc,prong2wpo3=prg-pr2-3pine35,3mi0=prg-1sw-hdukr,3nhv=prg-upsaip-w1-t,3ouz=prg-intapperr,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3qu2=1s-contentview-1,3sxl=prg-sw-tlmt,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3vb9=prg-ctr-pmosc,3viw=prg-1sw-list,3vhe=1s-rpssecautht,3vka=prg-1sw-wxhfctrl,3w8x=prg-apilog,3wjn=prg-1sw-p1wtrclm,3wqo=gbj35620,3wus=prg-1sw-mbnodp,3x2v=prg-1sw-sbnww,3xfz=prg-spr-t-intl,3xpd=prg-1sw-aqlmtrt,3xpi=prg-1sw-wxcfwf,3xpk=prg-1sw-pllmtrt,3xx8=prg-wx-rmtemp,3ybl=prg-cthidead,3yoo=prg-1sw-entntnp3c,3yy0=prg-ct-noembss,3yy3=ads-xandrbiasc,3z0t=prg-1sw-bnrrksc3,3z1m=prg-1sw-stul2,3z3w=prg-ad-sg-m,3z6m=prg-bts1-r-winhp
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset: 0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:wAAA;
ddd-activityid: 6ea9afb7-5fd0-4f18-88d3-f5192d54f4ed
ddd-storeexecutionlatency: 00:00:00.0774255
ddd-datastore: News_PageFeedDataStore
access-control-allow-credentials: true
akamai-request-id: aafe59bb

GET
H2 200 common-header.4d703395c848162db57c.js Show response
assets.msn.com/bundles/v1/views/latest/ 242 KB
56 KB 7ms
7ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/common-header.4d703395c848162db57c.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fee0a56410ea85436007d75ded6564ea2a516375de6ea6d718b7e548558677fe

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: 0UdyUlO1+qA9gpRR+GjUVg==
server-timing: 6
content-length: 56539
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 01:49:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6B8463755A3E
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ccf50ea4-501e-0075-4c6d-9d7892000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe5a70

GET
H2 200 83FDD87802796D9B8A846CAEB03DD489 Show response
assets.msn.com/content/view/v2/Detail/en-ca/ 5 KB
4 KB 13ms
13ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/content/view/v2/Detail/en-ca/83FDD87802796D9B8A846CAEB03DD489
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ae40df96e10d7d79baffb8553dbb54ebf6da9ae7f7b18da0568f064c9721de8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: gzip
ddd-usertype: AnonymousMuid
akamai-request-id: aafe5a72
ddd-debugid: c22fd70c-71b8-4305-b399-8a0dd209da15|7/22/2022 2:38:14 PM|fabric:/msn|NEU1|_News1_18
server-timing: 6
content-length: 2338
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
ddd-authenticatedwithjwtflow: False
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
cache-control: public, max-age=60
akamai-server-ip: 23.36.161.81
x-msedge-responseinfo: 5
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
onewebservicelatency: 5
x-as-suppresssetcookie: 1
access-control-allow-credentials: true

GET
H2

200

c.gif
c.msn.com/
Redirect Chain

https://c.msn.com/c.gif?rnd=1658500691922&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-j...
https://c.bing.com/c.gif?rnd=1658500691922&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-...
https://c.msn.com/c.gif?rnd=1658500691922&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-j...

42 B
255 B

29ms
28ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.msn.com/c.gif?rnd=1658500691922&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30&cvs=Browser&di=17930&st.dpt=other&st.sdpt=&subcvs=news&lng=en-ca&rid=34920c9afd1e4b9f99ea9859a8e7db0e&activityId=34920c9afd1e4b9f99ea9859a8e7db0e&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=56CC17C85AE94BEC9ED124C3EC084E85&MUID=2FACA347D06F6EB92872B2AED15C6F86
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 14:38:13 GMT
last-modified: Wed, 13 Jul 2022 17:48:59 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "96611cd5e096d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 22 Jul 2022 14:38:13 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EF74EA19C0FF4CDE9C8BD9ECA4FD76C8 Ref B: FRAEDGE1221 Ref C: 2022-07-22T14:38:14Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.msn.com/c.gif?rnd=1658500691922&udc=true&pg.n=webv1&pg.t=webcontent&pg.c=9&pg.p=prime&rf=&tp=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30&cvs=Browser&di=17930&st.dpt=other&st.sdpt=&subcvs=news&lng=en-ca&rid=34920c9afd1e4b9f99ea9859a8e7db0e&activityId=34920c9afd1e4b9f99ea9859a8e7db0e&d.imd=false&scr=1600x1200&anoncknm=anon&issso=false&aadState=0&CtsSyncId=56CC17C85AE94BEC9ED124C3EC084E85&MUID=2FACA347D06F6EB92872B2AED15C6F86
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 35ms
8ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?rn=1658500691922&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3Dentnewsntp%26cvid%3D28dec3a1f77746ff837d518020347d30%26content%3D1%26mkt%3Den-ca&c8=Toronto+Blue+Jays+redesign+Fourth+of+July+hats%2C+remove+stars&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: ZwHc5WDIaigRd3TM7T22rDERXdqgLNySujFbKOk0CYwtrn61kRYqaA==
x-cache: Miss from cloudfront

POST
H/1.1 200
OK 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
1 KB 698ms
157ms Fetch
application/json 20.189.173.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1658500691925&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=anon

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.11 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a9f48e1c7e7b876c2b3d90a86be4d49341ab51a37c9c6efd2f1dc23f8e43004e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 22 Jul 2022 14:38:14 GMT
time-delta-millis: 2808
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://www.msn.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Content-Type: application/json
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Content-Length: 153

GET
H2 200 toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920 Show response
www.sootoday.com/national-sports/ Frame 8CFB 76 KB
21 KB 660ms
165ms Document
text/html 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/vendors.330ade30b5bcf21d02dc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4d74c6ffc7b9d5f5194b9f65adf94b2f29354a59e643eddf61fb6e206e108096

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=65
content-encoding: gzip
content-length: 20871
content-type: text/html; charset=utf-8
date: Fri, 22 Jul 2022 14:38:14 GMT
expires: Fri, 22 Jul 2022 14:39:19 GMT
last-modified: Fri, 22 Jul 2022 14:38:14 GMT
strict-transport-security: max-age=63072000;
vary: Accept-Encoding

GET
H2 200 SegoeUI-Roman-VF-subset_web.woff2
assets.msn.com/statics/fonts/ 40 KB
41 KB 7ms
7ms Font
font/woff2 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/statics/fonts/SegoeUI-Roman-VF-subset_web.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
server-timing: 11
content-length: 41006
last-modified: Thu, 04 Jul 2019 01:04:35 GMT
server: AkamaiNetStorage
etag: "72d13803e728b0ef3dfb6da311001643:1562269510.048951"
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: font/woff2
access-control-allow-origin: https://www.msn.com
cache-control: public, max-age=31536000
akamai-server-ip: 23.36.161.81
accept-ranges: bytes
timing-allow-origin: *
akamai-request-id: aafe5c7a
access-control-allow-credentials: true

GET
H2 200 msal-browser-2.18.0.min.js Show response
assets.msn.com/staticsb/statics/latest/auth/ 215 KB
49 KB 8ms
8ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/staticsb/statics/latest/auth/msal-browser-2.18.0.min.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 80727dfc65d83379c73caa9a65b9146c17094a4cbae05b09eb97ae2bd74dd30e

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: 1XKhfRFKDeBTPMjdzJ6/xA==
server-timing: 8
content-length: 49441
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jul 2022 19:40:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6A87C250A289
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: be42aecb-601e-0049-537b-9c74bb000000
cache-control: public, max-age=31536000
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe5d58

GET
H2 200 one-footer.1d77355737d56553f4b4.js Show response
assets.msn.com/bundles/v1/views/latest/ 145 KB
33 KB 9ms
8ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/one-footer.1d77355737d56553f4b4.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8e3981bb97fb406d909107c2cd73d9bf46ed01fa1a200834f5d32d05ef334afb

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: kGbqfrtTocyDZaDf/OTfew==
server-timing: 8
content-length: 32952
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 01:49:02 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6B845AC938D3
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: ccf51168-501e-0075-3c6d-9d7892000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe5d5f

GET
H2 200 libs_icons-wc_icons_CardActionFluentButton_svg-libs_config-schemas_dist_LocalizedStrings_js-l-b6c502.3a266046cd2c6d793c16.js Show response
assets.msn.com/bundles/v1/views/latest/ 316 KB
68 KB 10ms
9ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/libs_icons-wc_icons_CardActionFluentButton_svg-libs_config-schemas_dist_LocalizedStrings_js-l-b6c502.3a266046cd2c6d793c16.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d8d3b0cdceac5e8910adc3bd2c1d62e53e051c1ed867148834abaa37d5a8c10d

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: 6ulPxgH8fSOy1CNtqp/UNg==
server-timing: 8
content-length: 68843
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 01:49:20 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6B846547B475
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: be8a05f0-901e-0079-6d6d-9d8c8b000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe5d64

GET
H2 200 libs_ad-service_dist_NativeAdService_js-libs_config-schemas_dist_ConfigRef_js-libs_feed-layou-3a864c.8d90ba32e914ea886834.js Show response
assets.msn.com/bundles/v1/views/latest/ 551 KB
107 KB 11ms
11ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/libs_ad-service_dist_NativeAdService_js-libs_config-schemas_dist_ConfigRef_js-libs_feed-layou-3a864c.8d90ba32e914ea886834.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e5ebe3a8a94417564e6d23c3f40b73a662bbe29932231dcf1757294cb337d95a

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: MsyAYMTakC8W2ONDi0IH4A==
server-timing: 8
content-length: 109070
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 01:49:05 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6B845C4ABF89
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 23581709-701e-0033-326d-9d518f000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe5d69

GET
H2 200 desktop-feed-views.38798eac1ce27705933f.js Show response
assets.msn.com/bundles/v1/views/latest/ 1 MB
224 KB 15ms
15ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/desktop-feed-views.38798eac1ce27705933f.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7d271f7dccc35e4159b33bdbce0f1b3acc0dfc33d4e4ea0132f109babe40048e

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: OTbYY8q6bT6oRibx8YxGWQ==
server-timing: 8
content-length: 228403
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 01:49:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6B846050E6F4
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 235817d9-701e-0033-556d-9d518f000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe5d6d

GET
H2 200 ms-rewards-wc.a09692e3212a55b11d24.js Show response
assets.msn.com/bundles/v1/views/latest/ 14 KB
5 KB 14ms
8ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/ms-rewards-wc.a09692e3212a55b11d24.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8204b9f8b68e51a0a5c28a8ce1451b66de7ff68307588e59a53a3b5ff3d5df2f

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: yoToIni35ErFiHu1FgCafg==
server-timing: 7
content-length: 4825
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 01:22:17 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6AB77340713E
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 44eb7dfc-601e-0042-20a1-9c888d000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe5d98

GET
H2 200 notification-bell-wc.58b4a6f4b58193d3916e.js Show response
assets.msn.com/bundles/v1/views/latest/ 148 KB
36 KB 14ms
9ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/notification-bell-wc.58b4a6f4b58193d3916e.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 6b9ea7bdb8fdb3c7eea8d5ece50ed03e99f4e4fe4db45c66450d6d172e5c045b

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: am8A18lL2pZKsmBA7cY5vw==
server-timing: 6
content-length: 36088
x-ms-lease-status: unlocked
last-modified: Thu, 21 Jul 2022 01:21:47 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6AB761BF2982
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 44ea91ca-601e-0042-5aa0-9c888d000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe5d9a

GET
H2 200 rewards-data-connector.5f91cbd16f501be49a43.js Show response
assets.msn.com/bundles/v1/views/latest/ 25 KB
6 KB 15ms
9ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/rewards-data-connector.5f91cbd16f501be49a43.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1621f5125b67179970e7ab6a21d7d60b04effea3c4d2ba5f1dcc20fa0e522ca7

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: Dj9JJty/WK4I01iMve7NAw==
server-timing: 6
content-length: 5574
x-ms-lease-status: unlocked
last-modified: Wed, 20 Jul 2022 00:07:44 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA69E3DEFE243F
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 14eacbb1-b01e-00ab-78cd-9beee9000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe5dae

POST
H/1.1 200
OK 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
1 KB 630ms
158ms Fetch
application/json 20.189.173.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.11 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

1c179937a03e2d7b532a49ab13597027985ecf393b0480807732cb89e9f472ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 22 Jul 2022 14:38:13 GMT
time-delta-millis: 2740
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://www.msn.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Content-Type: application/json
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Content-Length: 153

GET
H/1.1 200
OK instance Show response
login.microsoftonline.com/common/discovery/ 950 B
2 KB 142ms
32ms Fetch
application/json 40.126.32.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/discovery/instance?api-version=1.1&authorization_endpoint=https://login.microsoftonline.com/common/oauth2/v2.0/authorize

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/auth/msal-browser-2.18.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.138 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f463580c98fd336d4e69e7dca36cf345a81a5e402f61d9f870eae9d8c4e59de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Date: Fri, 22 Jul 2022 14:38:13 GMT
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin: *
x-ms-request-id: 226beddb-3e92-41c2-93ea-2c8a31b66400
X-XSS-Protection: 0
Cache-Control: max-age=86400, private
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.13201.7 - WEULR2 ProdSlices
Content-Type: application/json; charset=utf-8
Content-Length: 950
X-Content-Type-Options: nosniff

GET count
www.bing.com/bnc/notifications/ 0
0

OPTIONS
H2 200 count
www.bing.com/bnc/notifications/ Frame 0
0 86ms
44ms Preflight
text/html 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bing.com/bnc/notifications/count?app=verticalWebcontent&ocid=entnewsntp&pageId=webcontent
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-personalbing-csrf,x-personalbing-flights,x-search-clientid,x-search-uilang
Access-Control-Request-Method: GET
Origin: https://www.msn.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: *
access-control-allow-origin: https://www.msn.com
access-control-max-age: 7200
cache-control: private
content-encoding: br
content-length: 1
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-JVrlwOyicGKmrM6siglg/OdLKGJ2bWjBGQke/RACgZY='; base-uri 'self';report-to csp-endpoint
content-type: text/html
date: Fri, 22 Jul 2022 14:38:14 GMT
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 00221CD8C7C34DAD8349EEBA5511C2CB Ref B: FRAEDGE1308 Ref C: 2022-07-22T14:38:14Z

GET
H2 200 viewspage Show response
assets.msn.com/service/news/feed/pages/ 99 KB
30 KB 468ms
468ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/news/feed/pages/viewspage?market=en-ca&activityId=34920C9A-FD1E-4B9F-99EA-9859A8E7DB0E&timeOut=3000&ocid=winp1&fdhead=1s-contentview-1,1s-fcrypt,1s-p2-brknb,1s-p2cl-bdg,1s-rpssecautht,1s-winauthservice,prg-1sbgbanner,prg-1s-mtsn,prg-1sw-3rps6pm,prg-1sw-aqlmtrt,prg-1sw-bnrrksc3,prg-1sw-clbdg,prg-1sw-clrot,prg-1sw-cnewmb,prg-1sw-fiplog,prg-1sw-hdukr,prg-1sw-list,prg-1sw-mbnodp,prg-1sw-p1wtrclm,prg-1sw-pllmtrt,prg-1sw-pr2clarity,prg-1sw-sagetn,prg-1sw-sbn-mm,prg-1sw-shopfeed,prg-1sw-shopfeedtr6,prg-1sw-stul2,prg-1sw-thwnt1,prg-1sw-wxbdg,prg-1sw-wxcfwf,prg-1sw-wxhfctrl,prg-1sw-wxrus,prg-ad-sg-m,prg-ads-onesz,prg-adspeek,prg-ads-t-onesz-r2,prg-apilog,prg-commonbell,prg-cthidead,prg-ct-noembss,prg-ctr-pmosc,prg-da21rf2,prg-hhads-cf,prg-hprewflyout-t,prg-ias,prg-intapperr,prg-ntbell-expt,prg-nt-vertical,prg-otherprod,prg-pr2-3pine,prg-pr2-3pine35,prg-pr2-fuzafc,prg-spr-egreco,prg-spr-emttof,prg-spr-st-gmarketv2,prg-spr-t-intl,prg-sw-tlmt,prg-tok21,prg-upsaip-r-t,prg-upsaip-w1-t,prg-wf-sky-re,prg-winhp-sdb7l,prg-wpo-b7arbqc,prg-wpo-t,prg-wx-anmpr,prg-wx-rmtemp,prg-wx-sbn-vm&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&ContentId=83FDD87802796D9B8A846CAEB03DD489&User=m-2FACA347D06F6EB92872B2AED15C6F86&$skip=3
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fbe9dbce40ed3e6b81b110286829af4d008d7688181b54424503cd0375083172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,prg-hhads-cf,muidflt19cf,muidflt57cf,muidflt259cf,pneedge2cf,bingcollabedge1cf,platagyhp3cf,audexhp1cf,audexhp2cf,modcoglangc,prg-otherprod,audexhz2cf,prg-ads-t-onesz-r2,prg-ads-onesz,gallery5cf,msnapp3cf,prg-da21rf2,prg-tok21,prg-1sw-sacfincensinc,prg-ntbell-expt,prg-commonbell,prg-nt-vertical,prg-1sw-sal3vfec,prg-1sw-cnewmb,prg-1sw-shopfeedtr6,prg-1sw-shopfeed,prg-1sw-fiplog,btrecenca,prg-adspeek,1s-winauthservice,prg-hprewflyout-t,prg-wf-sky-re,weather9cf,msnapp8cf,msnapp9cf,msnapp10cf,prg-1sw-clbdg,1s-p2-brknb,1s-p2cl-bdg,prg-1sbgbanner,prg-1sw-wxbdg,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,routentpring2c,prg-1sw-nwrc,1s-fcrypt,prg-wpo-t,prg-wpo-b7arbqc,prg-winhp-sdb7l,prg-1sw-3rps6pm,prg-1sw-pr2clarity,prg-pr2-fuzafc,prg-pr2-3pine35,prg-pr2-3pine,prg-1sw-hdukr,prg-upsaip-w1-t,prg-intapperr,prg-upsaip-r-t,prg-wx-anmpr,1s-contentview-1,prg-sw-tlmt,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ctr-pmosc,prg-1sw-list,1s-rpssecautht,prg-1sw-wxhfctrl,prg-apilog,prg-1sw-p1wtrclm,gbj35620,prg-1sw-mbnodp,prg-1sw-sbnww,prg-spr-t-intl,prg-spr-egreco,prg-spr-emttof,prg-spr-st-gmarketv2,prg-1sw-aqlmtrt,prg-1sw-wxcfwf,prg-1sw-pllmtrt,prg-wx-rmtemp,prg-cthidead,prg-1sw-entntnp3c,prg-ct-noembss,ads-xandrbiasc,prg-1sw-bnrrksc3,prg-1sw-stul2,prg-ad-sg-m,prg-bts1-r-winhp,prg-1s-whpbtss,prg-1s-whp-shop
ddd-storeentrytimeutc: 7/22/2022 2:38:14 PM
x-msedge-ref: Ref A: 35E312DEE60C4EA6A16ECAE76B77F5B5 Ref B: FRA31EDGE0212 Ref C: 2022-07-22T14:38:14Z
ddd-strategyexecutionlatency: 00:00:00.3658567
server-timing: 8
ddd-servername: 49967383701B
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
cache-control: private, max-age=0
x-msedge-responseinfo: 367
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
onewebservicelatency: 367
x-as-suppresssetcookie: 1
expires: Fri, 22 Jul 2022 14:38:15 GMT
date: Fri, 22 Jul 2022 14:38:15 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: News_PageFeedReadStrategy
ddd-usertype: AnonymousMuid
ddd-tmpl: XFeed;SageUserStatus:0_0_0_5;RR:0;ULatLon49.38:10.18;IMArticleNegUser:0;ColdUserHist_5;HasClientIpUserProfile:1;NotTPUser;PageViewCount0;TileID:u0z0;UsingClientIpUserProfile:1;WasRecoNewUser:1
ddd-debugid: e713b8a3-64e3-4270-b691-98a1f3ba473a|7/22/2022 2:38:15 PM|fabric:/msn|EUS1|_News_2093
content-length: 26170
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt17=prg-hhads-cf,muidflt19=muidflt19cf,muidflt57=muidflt57cf,muidflt259=muidflt259cf,pneedge2=pneedge2cf,bingcollabedge1=bingcollabedge1cf,platagyhp3=platagyhp3cf,audexhp1=audexhp1cf,audexhp2=audexhp2cf,pnehz2=modcoglangc,platagyhz2=prg-otherprod,audexhz2=audexhz2cf,article1=prg-ads-t-onesz-r2,gallery5=gallery5cf,msnapp3=msnapp3cf,anaheimmuidr5=prg-da21rf2,sagenlann=prg-1sw-sacfincensinc,sagenl1=prg-ntbell-expt,sagenl3=prg-1sw-sal3vfec,wfeedsmuid3=prg-1sw-cnewmb,wfeedsmuid4=prg-1sw-shopfeedtr6,wfeedsmuid8=prg-1sw-fiplog,275b=btrecenca,2ml4=prg-adspeek,2tpu=1s-winauthservice,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather9=weather9cf,msnapp8=msnapp8cf,msnapp9=msnapp9cf,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-clbdg,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3c76=routentpring2c,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,anaheimedgwpo4=prg-wpo-t,anaheimedgwpo5=prg-wpo-b7arbqc,wfeedsmuidwpo1=prg-winhp-sdb7l,wfeedsmuidwpo6=prg-1sw-3rps6pm,prong2wpo1=prg-1sw-pr2clarity,prong2wpo2=prg-pr2-fuzafc,prong2wpo3=prg-pr2-3pine35,3mi0=prg-1sw-hdukr,3nhv=prg-upsaip-w1-t,3ouz=prg-intapperr,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3qu2=1s-contentview-1,3sxl=prg-sw-tlmt,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3vb9=prg-ctr-pmosc,3viw=prg-1sw-list,3vhe=1s-rpssecautht,3vka=prg-1sw-wxhfctrl,3w8x=prg-apilog,3wjn=prg-1sw-p1wtrclm,3wqo=gbj35620,3wus=prg-1sw-mbnodp,3x2v=prg-1sw-sbnww,3xfz=prg-spr-t-intl,3xpd=prg-1sw-aqlmtrt,3xpi=prg-1sw-wxcfwf,3xpk=prg-1sw-pllmtrt,3xx8=prg-wx-rmtemp,3ybl=prg-cthidead,3yoo=prg-1sw-entntnp3c,3yy0=prg-ct-noembss,3yy3=ads-xandrbiasc,3z0t=prg-1sw-bnrrksc3,3z1m=prg-1sw-stul2,3z3w=prg-ad-sg-m,3z6m=prg-bts1-r-winhp
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-featureset: 0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:wgAA;
ddd-activityid: e713b8a3-64e3-4270-b691-98a1f3ba473a
ddd-storeexecutionlatency: 00:00:00.3658129
ddd-datastore: News_PageFeedDataStore
access-control-allow-credentials: true
akamai-request-id: aafe63e3

POST
H/1.1 200
OK 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
1 KB 261ms
160ms Fetch
application/json 20.189.173.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.11 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

06e3e7b490f22cfd0dae8a8667cd2171682be7c0e27576d0ffda1b32ed3efd85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 22 Jul 2022 14:38:14 GMT
time-delta-millis: 2367
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://www.msn.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Content-Type: application/json
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Content-Length: 153

GET
H/1.1 200
OK openid-configuration Show response
login.microsoftonline.com/common/v2.0/.well-known/ 2 KB
3 KB 49ms
49ms Fetch
application/json 40.126.32.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/auth/msal-browser-2.18.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.138 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c45868384dfd77121a6d62ba32304628c211fdc6d471cb985348d731890b6e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
Date: Fri, 22 Jul 2022 14:38:14 GMT
Access-Control-Allow-Methods: GET, OPTIONS
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Access-Control-Allow-Origin: *
x-ms-request-id: 677bb8d2-1ac6-4b76-83da-5c3297a5b800
X-XSS-Protection: 0
Cache-Control: max-age=86400, private
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-ests-server: 2.1.13201.7 - NEULR1 ProdSlices
Content-Type: application/json; charset=utf-8
Content-Length: 1547
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK authorize Show response
login.microsoftonline.com/common/oauth2/v2.0/ Frame 0A1D 151 KB
55 KB 131ms
45ms Document
text/html 40.126.32.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d7b530a4-7680-4c23-a8bf-c52c121d2e87&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fstaticsb%2Fstatics%2Flatest%2Fauth%2Fauth-redirect-blank.html&client-request-id=298ca6e3-6af0-4938-83a7-5a6f14b7c7e4&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=tTYaTeIl8rUZXN-n_O26Luwd2ITYaHRML-MYyfv9y_Y&code_challenge_method=S256&prompt=none&nonce=bdd3bae4-c801-4659-b3c4-793fac5a5745&state=eyJpZCI6Ijk1ZjdjMjNjLTUzZmYtNDRjNy1hNTk3LTY2NjhmZGQ3OTgzNSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/auth/msal-browser-2.18.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.138 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6fa3c7cceb48d715c9f57e43dcb53eeadca3f82c47df20bec920e5612a8f3fb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.msn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 54900
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Jul 2022 14:38:14 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem: 1,50168,0,,
x-ms-ests-server: 2.1.13315.8 - WEULR1 ProdSlices
x-ms-request-id: 62c009de-622c-49e4-814e-a56eeefb5d00

GET
H2 200 template
www.sootoday.com/cssb/ Frame 8CFB 88 KB
25 KB 96ms
95ms Stylesheet
text/css 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

01844a80ee1cea97f19777121ecacbb6d1294dec2fd30e0c1890c8054ffbfa1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: gzip
last-modified: Fri, 22 Jul 2022 14:38:14 GMT
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000;
content-length: 25660
expires: Sat, 22 Jul 2023 14:38:14 GMT

GET
H2 200 head Show response
www.sootoday.com/jsb/ Frame 8CFB 3 KB
2 KB 94ms
94ms Script
text/javascript 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/jsb/head?v=LcM8wEj7Rn1AYDjGF1pjSV_suFrl8pQqVJyJndJTH5A1

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

34e5b3f77b75f5401d202f455b255a1f974f83a2a8ef027e4afa6e08cb54c3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: gzip
last-modified: Fri, 22 Jul 2022 14:38:14 GMT
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000;
content-length: 1624
expires: Sat, 22 Jul 2023 14:38:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 8CFB 49 KB
20 KB 148ms
36ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5775
date: Fri, 22 Jul 2022 13:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 22 Jul 2022 15:02:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8CFB 82 KB
28 KB 128ms
51ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

0d7e9c8ccf78dc7a6bce5401902f673f946a5ea6c55e4c2b09e90b05525e34f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28365
x-xss-protection: 0
server: sffe
etag: "1280 / 846 of 1000 / last-modified: 1658488007"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 22 Jul 2022 14:38:15 GMT

GET
H2 200 sootoday_white.svg
www.vmcdn.ca/files/sootoday/layout/ Frame 8CFB 5 KB
2 KB 50ms
9ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/sootoday/layout/sootoday_white.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 785d653df2645599aae40b2bdb678026626afaa365b1fd2819d45d956fab8983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 01:50:13 GMT
content-encoding: gzip
server: CloudFront
age: 1774081
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control: public
content-disposition: inline; filename=sootoday_white.svg
x-amz-cf-pop: FRA56-P5
access-control-allow-origin: *
x-amz-cf-id: JEe9sPmNS14FrUte6AThgMPHOQEJcg2tL5Zeq7AFWSwU50_eoLqADA==
expires: Mon, 01 Aug 2022 01:50:13 GMT

GET
H2 200 20220625150648-5d48d98d6d8a56e293e955b901bf263140410303836473fb2a7a35a0a442e45b.jpg;w=960
www.vmcdn.ca/f/files/shared/feeds/cp/2022/06/ Frame 8CFB 65 KB
66 KB 59ms
19ms Image
image/jpeg 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/shared/feeds/cp/2022/06/20220625150648-5d48d98d6d8a56e293e955b901bf263140410303836473fb2a7a35a0a442e45b.jpg;w=960
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2221a53a73c00a72d0441a1be01d0972f15468ca29e6295d92287012ae94fdd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 23:55:06 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 52988
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
x-amz-cf-pop: FRA56-P5
content-length: 66999
x-amz-cf-id: EGwojP_T0MlmSmT8vWwf3k5t9jdiY-9pyCEse1Mz3pc9S2WMG-lBqQ==
expires: Fri, 21 Jul 2023 23:55:07 GMT

GET
H2 200 vr_phone_mockup.png;w=180;h=240
www.vmcdn.ca/f/files/villagereport/images/site/ Frame 8CFB 43 KB
44 KB 51ms
11ms Image
image/png 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/villagereport/images/site/vr_phone_mockup.png;w=180;h=240
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: a3b19ed468a54ebbf64023ccc2d6e3bd7bcf368b59d9181471f9dd26d81ab706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 17 Jun 2022 14:46:32 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 3023503
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
x-amz-cf-pop: FRA56-P5
content-length: 44280
x-amz-cf-id: jI93mrU4l_u8m7kOFqL-_rvIJhUp8L_gZa1KEYDPgVIY4wEkEeKFfA==
expires: Sat, 17 Jun 2023 14:16:05 GMT

GET
H2 200 blank.gif
www.sootoday.com/images/ Frame 8CFB 42 B
439 B 94ms
93ms Image
image/gif 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sootoday.com/images/blank.gif

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
last-modified: Fri, 17 Jun 2022 01:03:51 GMT
etag: "1c81ef1be681d81:0"
strict-transport-security: max-age=63072000;
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 42

GET
H2 200 template Show response
www.sootoday.com/jsb/ Frame 8CFB 159 KB
69 KB 98ms
97ms Script
text/javascript 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

446d2f19fc949fb92f7568d50a4f3727f8001f9df221af11ee7a7ed17a3e29f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: gzip
last-modified: Fri, 22 Jul 2022 14:38:15 GMT
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000;
content-length: 69766
expires: Sat, 22 Jul 2023 14:38:15 GMT

GET
H2 200 content_standalone Show response
www.sootoday.com/jsb/ Frame 8CFB 4 KB
2 KB 95ms
95ms Script
text/javascript 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/jsb/content_standalone?v=s2y4VRyMFbajmubrlw3QYX--Fkgc6nI1pbrQFUiY5cI1

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0a434f26bbfd6cf67b07c2f9339b8d26668792dbc7080fa029c9589a048fb86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: gzip
last-modified: Fri, 22 Jul 2022 14:38:15 GMT
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000;
content-length: 1790
expires: Sat, 22 Jul 2023 14:38:15 GMT

GET
H2 200 reactions Show response
www.sootoday.com/jsb/ Frame 8CFB 3 KB
2 KB 98ms
96ms Script
text/javascript 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/jsb/reactions?v=Hd6efr5ldppIjJFLkLUIeOhKwUXpewU3to9LK0aoJ-Q1

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3856672b5e1a4711d5254ffb7b5d593712061fae83cf9290c4a2655a84da5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
content-encoding: gzip
last-modified: Fri, 22 Jul 2022 14:38:15 GMT
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000;
content-length: 1722
expires: Sat, 22 Jul 2023 14:38:15 GMT

GET
H2 200 g4d3m137.js Show response
l.getsitecontrol.com/ Frame 8CFB 433 B
1 KB 143ms
68ms Script
text/javascript 84.17.46.54
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/g4d3m137.js
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-54.cdn77.com
Software: BunnyCDN-AMS-883 /
Resource Hash: 36ab0d4d9fe092d42d756dbc0afe941434f0561609a43ef22c0b3ed7fa060007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: br
cdn-edgestorageid: 879
x-amz-request-id: 4Z4GXJDQXJ8BRS5X
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 07/19/2022 18:10:54
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: uKhKRROF+fSKVJRWK8WIcPAK5pqb6Dke0IOmN29J+3GDcflYkQxt6/qv+3ds7MvoriEKQPJYDE4=
server: BunnyCDN-AMS-883
access-control-allow-origin: *
last-modified: Mon, 18 Jul 2022 17:30:37 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"faa6f7f4997d3c828b72e8721d8f3b8b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=86400
cdn-requestid: 1a96d28ac2db14e21ad86e18e40e421c
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ Frame 8CFB 25 KB
11 KB 54ms
10ms Script
application/javascript 108.157.4.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-79.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57ee7617ff9d86b6a1fc9674a3ff3515ed0bd69ea1f6a0f477009e30ad38db9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:31:52 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 16:43:29 GMT
server: AmazonS3
age: 401
etag: W/"8a482fc4e4c957e0715aa56856c4f832"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: m3Jkn7ui-AfmBYdk_YlCuElZbgXVJO9Dy1esX58p6-9uUABL3_cc7g==

GET
H2 200 user-o-w.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 712 B
1 KB 48ms
10ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/user-o-w.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: d4626a22c2af8c95f8143af91c42fac2242da36ef36139912f72c2d85d373482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 02:05:46 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 649949
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=user-o-w.svg
x-amz-cf-pop: FRA56-P5
content-length: 712
x-amz-cf-id: -gZ_xsQgRdDR1Hsib84gIjF6otrF8V4EBofWl56noLfAwKz5Tc-pzw==
expires: Sun, 14 Aug 2022 02:05:46 GMT

GET
H2 200 opensans-regular.woff2
www.sootoday.com/css/fonts/ Frame 8CFB 19 KB
19 KB 95ms
94ms Font
application/font-woff2 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/css/fonts/opensans-regular.woff2

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bb83e6c7cf4aa041bcc51c81777e0e24484164c096c675bc0c8728f507eb943f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Origin: https://www.sootoday.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
last-modified: Fri, 17 Jun 2022 01:03:51 GMT
etag: "48c9dc1be681d81:0"
strict-transport-security: max-age=63072000;
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19020

GET
H2 200 opensans-bold.woff2
www.sootoday.com/css/fonts/ Frame 8CFB 19 KB
20 KB 181ms
181ms Font
application/font-woff2 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/css/fonts/opensans-bold.woff2

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Origin: https://www.sootoday.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
last-modified: Fri, 17 Jun 2022 01:03:51 GMT
etag: "a86adb1be681d81:0"
strict-transport-security: max-age=63072000;
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19724

GET
DATA 200
OK truncated
/ Frame 8CFB 204 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bbada45fd68ad952c7630330f2a543b374aa0dff02b612ed8637b09b6cef8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 search.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 442 B
793 B 25ms
17ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/search.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 17:56:07 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 160928
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=search.svg
x-amz-cf-pop: FRA56-P5
content-length: 442
x-amz-cf-id: lIWYFMYDkCzgWgKhF4HN7xynYeapLmMBgIEgixGo6gCshgLeKph9Bw==
expires: Fri, 19 Aug 2022 17:56:07 GMT

GET
H2 200 facebook-w.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 253 B
609 B 25ms
18ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/facebook-w.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 254fd27c36e073f89ef5961a63316c877148fa78dbf20e612fb3fc1dbc3af906

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 23:52:36 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 657938
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=facebook-w.svg
x-amz-cf-pop: FRA56-P5
content-length: 253
x-amz-cf-id: f8x7UXGRF6VEp3-rupFVwsZSIf_ZazLSMtJZfzBfWJN7TOiqDiSWMw==
expires: Sat, 13 Aug 2022 23:52:35 GMT

GET
H2 200 twitter-w.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 506 B
859 B 13ms
11ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/twitter-w.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: dba6ea9ecb296ddd7d0c150a586fe6949b8f79fc8026db799723690ac9aa36bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 01:16:23 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 652912
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=twitter-w.svg
x-amz-cf-pop: FRA56-P5
content-length: 506
x-amz-cf-id: waB43u-0QI1zGQeRIPebxulXItIe6XxmKlu6h_3pGvgRsUzZ8a3gVw==
expires: Sun, 14 Aug 2022 01:16:23 GMT

GET
H2 200 linkedin-w.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 453 B
807 B 13ms
12ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/linkedin-w.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: daa019d9a018e5a5412653b11d0bb8a4b40b344e37fbdca9291f40e84033053a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 00:35:29 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 655365
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=linkedin-w.svg
x-amz-cf-pop: FRA56-P5
content-length: 453
x-amz-cf-id: uLbO8gOFczz7ADzFi3NWC2vXE8enzgDzJKs410wz4K8d15WHmfWUQg==
expires: Sun, 14 Aug 2022 00:35:30 GMT

GET
H2 200 envelope-o.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 703 B
1 KB 14ms
13ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/envelope-o.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3c76b41c05c39528b76473b26a8939e5daaf53de741945b2d62b2f18c4eb74e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 01:00:17 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 653878
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=envelope-o.svg
x-amz-cf-pop: FRA56-P5
content-length: 703
x-amz-cf-id: aAIyjnI5qnPIUTNuXX2KBQei9a4I-NU9kqB_TJr0J86-OIkEKxJwMg==
expires: Sun, 14 Aug 2022 01:00:17 GMT

GET
H2 200 print-w.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 564 B
918 B 14ms
12ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/print-w.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6a2b63314fe802f4c69831fa2cdc5207c6b4ebf6f795d0e2ed4efb57ca765645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 03:37:43 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 1940431
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=print-w.svg
x-amz-cf-pop: FRA56-P5
content-length: 564
x-amz-cf-id: ZUaPnPK9ODcuP0OxPZq2U-jlDufYuKXAxUbl7x4oq4zpav-LgSfOBA==
expires: Sat, 30 Jul 2022 03:37:44 GMT

GET
H2 200 play.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 126 B
477 B 15ms
13ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/play.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: c78816806df89838631119951f58d5fcd4d501cb284968c964b72f5a29f5b86d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 23:40:18 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 485876
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=play.svg
x-amz-cf-pop: FRA56-P5
content-length: 126
x-amz-cf-id: GYXSOAUa3_k6_jC1qOovZeWTT4DPgJzlkf5rv6LRlAiV0zWFSX9ebQ==
expires: Mon, 15 Aug 2022 23:40:19 GMT

GET
H2 200 happy.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 522 B
872 B 16ms
14ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/happy.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: ea9052b9746498f060de82c210985ee8d12f8e793984cd9ac9e6164f1b9f64fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 18:08:17 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 2320197
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=happy.svg
x-amz-cf-pop: FRA56-P5
content-length: 522
x-amz-cf-id: EQPtdM33bqXvRsn-L0GHssC1F9JLBW6SoTszqvDilPR-R9zke9vYKg==
expires: Mon, 25 Jul 2022 18:08:17 GMT

GET
H2 200 amused.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 1 KB
977 B 16ms
15ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/amused.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 16f07b55e264a3be3c0d982d52581d7115ad01ec1ffc108d175c8474b694e1c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 09:07:42 GMT
content-encoding: gzip
server: CloudFront
age: 2352632
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control: public
content-disposition: inline; filename=amused.svg
x-amz-cf-pop: FRA56-P5
access-control-allow-origin: *
x-amz-cf-id: b0INJHKgPKOq2SCVd4g0TtuEHerij5hEsHP79bnRsQMi-FM32wA-qA==
expires: Mon, 25 Jul 2022 09:07:43 GMT

GET
H2 200 afraid.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 1 KB
1 KB 17ms
15ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/afraid.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 32a67c6a17ade0c65da81012f334f3e36914804e0aa84d2565cc2961a24bbb4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 05:01:41 GMT
content-encoding: gzip
server: CloudFront
age: 1503393
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control: public
content-disposition: inline; filename=afraid.svg
x-amz-cf-pop: FRA56-P5
access-control-allow-origin: *
x-amz-cf-id: N20rdJt_ot98J8DLEGnWPRsZ2e9XaK4-H1aC5hSU6F9DkuRmqPMCSQ==
expires: Thu, 04 Aug 2022 05:01:42 GMT

GET
H2 200 apathetic.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 461 B
815 B 17ms
16ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/apathetic.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0b6d8e8c7a51c12b33bf99ef7ceb7b60e3ea92aa456cc1fe9f6b4441073c25c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 03 Jul 2022 03:01:28 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 1683406
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=apathetic.svg
x-amz-cf-pop: FRA56-P5
content-length: 461
x-amz-cf-id: Gf8hMBpWGQ6qJmzNTkWXwOJsDIQYmoh8lzCHqrxOFNkaqGSKwAXuYQ==
expires: Tue, 02 Aug 2022 03:01:28 GMT

GET
H2 200 sad.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 521 B
869 B 18ms
16ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/sad.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e787b59c992de042598a3773b1e1e576bcf837606c2cca9185e9e27700214a32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 26 Jun 2022 20:58:38 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 2223576
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=sad.svg
x-amz-cf-pop: FRA56-P5
content-length: 521
x-amz-cf-id: tWJrd_A1O8toQtJFtYEKFpSaZNhnr1iug-kCN1jsw92EzJc8PBcQiw==
expires: Tue, 26 Jul 2022 20:58:39 GMT

GET
H2 200 frustrated.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 563 B
915 B 18ms
17ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/frustrated.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 89d15307cdbe1f676402baa783adbfdba688ec42cc165dc5861ff096d9550258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 08:28:59 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 194956
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=frustrated.svg
x-amz-cf-pop: FRA56-P5
content-length: 563
x-amz-cf-id: Sa9WtKjp04CM4_hs7t_a0vQRSPUUg1wVTY7hcy4ULSu88Gz4IoqTiQ==
expires: Fri, 19 Aug 2022 08:28:59 GMT

GET
H2 200 angry.svg
www.vmcdn.ca/files/ui/icons/ Frame 8CFB 914 B
1 KB 18ms
17ms Image
image/svg+xml 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/angry.svg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/cssb/template?v=4WEYh20w5r3ClJ__WxdA03a6iDepDiCMntlEWPZ6OQc1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 188df729bbd2d1cec1dd45a1e119a8073526217268f8451640d230a94e5a1fe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 02:03:19 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 2205296
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=angry.svg
x-amz-cf-pop: FRA56-P5
content-length: 914
x-amz-cf-id: cFyxweavNLKQrMuSTiWzxTyxyU7sm49jxlkTee8zKyE3uBi5DZJ6Gg==
expires: Wed, 27 Jul 2022 02:03:19 GMT

GET
H/1.1 200
OK authorize Show response
login.microsoftonline.com/common/oauth2/v2.0/ Frame 0A1D 159 KB
58 KB 111ms
111ms Document
text/html 40.126.32.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d7b530a4-7680-4c23-a8bf-c52c121d2e87&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fstaticsb%2Fstatics%2Flatest%2Fauth%2Fauth-redirect-blank.html&client-request-id=298ca6e3-6af0-4938-83a7-5a6f14b7c7e4&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=tTYaTeIl8rUZXN-n_O26Luwd2ITYaHRML-MYyfv9y_Y&code_challenge_method=S256&prompt=none&nonce=bdd3bae4-c801-4659-b3c4-793fac5a5745&state=eyJpZCI6Ijk1ZjdjMjNjLTUzZmYtNDRjNy1hNTk3LTY2NjhmZGQ3OTgzNSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.138 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

17a05825547972d12945fa28174979353ab80b4dc79ce6c352510fa9da71940c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d7b530a4-7680-4c23-a8bf-c52c121d2e87&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fstaticsb%2Fstatics%2Flatest%2Fauth%2Fauth-redirect-blank.html&client-request-id=298ca6e3-6af0-4938-83a7-5a6f14b7c7e4&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=tTYaTeIl8rUZXN-n_O26Luwd2ITYaHRML-MYyfv9y_Y&code_challenge_method=S256&prompt=none&nonce=bdd3bae4-c801-4659-b3c4-793fac5a5745&state=eyJpZCI6Ijk1ZjdjMjNjLTUzZmYtNDRjNy1hNTk3LTY2NjhmZGQ3OTgzNSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache
Content-Encoding: gzip
Content-Length: 57856
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Jul 2022 14:38:15 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin <https://aadcdn.msauth.net>; rel=dns-prefetch <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: on
X-XSS-Protection: 0
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams2"}]}
x-ms-clitelem: 1,0,0,,
x-ms-ests-server: 2.1.13201.7 - NEULR1 ProdSlices
x-ms-request-id: 5e668979-7dc4-45ef-8ccc-d3329b946a00

GET
H2 200 pubads_impl_2022071901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8CFB 376 KB
129 KB 30ms
29ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 11:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131527
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 08:34:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 19 Jul 2023 11:15:50 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/ Frame 8CFB
Redirect Chain

https://sb.scorecardresearch.com/cs/21059523/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

7ms
7ms

Script
application/javascript

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:08:17 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 1799
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: sKnIaEzwR1IaV6oHxPck3bBpZ9lt1pr_On-SkI9zlufvamrZkSvVKw==

Redirect headers

location: /internal-cs/default/beacon.js
date: Fri, 22 Jul 2022 14:38:15 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: YOfQ7TmJuzOZ4DCNVC7I0_2tYZun-8DhLjLcpyfmdcyCtrfQer9PPA==
x-cache: Miss from cloudfront

GET
H2 200 social-bar-wc.8778e552bcdf18549d58.js Show response
assets.msn.com/bundles/v1/views/latest/ 170 KB
39 KB 7ms
7ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/social-bar-wc.8778e552bcdf18549d58.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b3b55c7cfb22c4e7bbe39665bfeddc75b9e6ef90f483486e349e0ef042b448d6

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: MMt7EM7gShKokTQVRfcAYA==
server-timing: 11
content-length: 38977
x-ms-lease-status: unlocked
last-modified: Fri, 15 Jul 2022 00:49:03 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA65FBD0BCFD13
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: df579382-001e-0044-60e4-977281000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe6c1e

GET
H/1.1 200
OK Me.htm Show response
login.live.com/ Frame 07C4 2 KB
2 KB 309ms
113ms Document
text/html 40.126.32.136
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/Me.htm?v=3

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.32.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.microsoftonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=315360000
Content-Encoding: gzip
Content-Length: 1132
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Jul 2022 14:38:15 GMT
Expires: Mon, 19 Jul 2032 14:38:15 GMT
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
PPServer: PPV: 30 H: BL02EPF000066F1 V: 0
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
x-ms-request-id: a9ba22f1-15d5-4e3c-989f-c88b407b10e1
x-ms-route-info: R3_BL2

GET
H2 200 th
www.bing.com/ 16 KB
17 KB 20ms
16ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.1bc264ab943913cd07fd359b39491d00&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 84557be6bb3e730ec5cadf39ea55a6220f374884444dca2037b21fed8739dab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5382455D0B7E4C2D9407109AEACFFD6C Ref B: FRAEDGE1221 Ref C: 2022-07-22T14:38:15Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 16807

GET
H2 200 BBYPskC
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 529 B
861 B 86ms
13ms Image
image/png 2a02:26f0:480:3::210:ee90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBYPskC?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:480:3::210:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

08304edc90b3665ac92f1123d902972518b9451cd53e1088a711383f48ac4a17

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
last-modified: Fri, 15 Jul 2022 22:38:03 GMT
x-datacenter: eastus
x-source-length: 1829
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=245281
x-activityid: 38f0f9f5-373e-478d-a759-060806009247
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/BBYPskC?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 529
expires: Mon, 25 Jul 2022 10:46:16 GMT

GET
H2 200 th
www.bing.com/ 18 KB
18 KB 20ms
16ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.e233179edcdffd8f444efbd4383f1e0b&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f2a3646aa3443053f614db99a4ab17333fc2a5db016f8106e916df7a7236eb5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4D038FDE847B4CAAA1EE95D4DE739630 Ref B: FRAEDGE1221 Ref C: 2022-07-22T14:38:15Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 18361

GET
H2 200 AAykw7c
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 571 B
904 B 83ms
10ms Image
image/png 2a02:26f0:480:3::210:ee90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAykw7c?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:480:3::210:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3d108ffef6e8b8adf05fa7720e109ee115a1651075705c724aca770d2814b392

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
last-modified: Tue, 12 Jul 2022 20:14:42 GMT
x-datacenter: eastus
x-source-length: 18737
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=365931
x-activityid: d131d772-82e4-4a41-b869-2883d7d4d291
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAykw7c?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 571
expires: Tue, 26 Jul 2022 20:17:06 GMT

GET
H2 200 th
www.bing.com/ 36 KB
36 KB 20ms
17ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.3ef1febc246ed81f4e7a387e75878a4b&pid=Wdp&w=468&h=304&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9d33d5277ae159be8363ae8316dbaee0673ef1ab2684b7612c98ecb113e0294b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DA6B85B886154D1B9840CF86EC18B4A5 Ref B: FRAEDGE1221 Ref C: 2022-07-22T14:38:15Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 36382

GET
H2 200 AA9tqjr
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 679 B
1011 B 84ms
11ms Image
image/png 2a02:26f0:480:3::210:ee90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA9tqjr?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:480:3::210:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5610226e0bc7f1a0ae11254a35d7e058ae18ead411eb6d5b2331ccbcba8e9359

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
last-modified: Wed, 20 Jul 2022 22:49:23 GMT
x-datacenter: eastus
x-source-length: 1664
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=288686
x-activityid: d3fc12c1-e6e8-4ef5-94e7-3f7926557f69
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AA9tqjr?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 679
expires: Mon, 25 Jul 2022 22:49:41 GMT

GET
H2 200 AAZRt1C.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 20 KB
20 KB 82ms
9ms Image
image/jpeg 2a02:26f0:480:3::210:ee90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAZRt1C.img?w=300&h=225&q=90&m=6&f=jpg&x=826&y=603&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:480:3::210:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a36e3b5c7e78a4118802a6574d3d41b455681950334b24dc2067fbf2ec886c94

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
last-modified: Fri, 22 Jul 2022 13:18:29 GMT
x-datacenter: eastus
x-source-length: 2296495
x-frame-options: DENY
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=427270
x-activityid: de76fb18-351b-47f2-ad74-a04914e72134
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAZRt1C?w=300&h=225&q=90&m=6&f=jpg&x=826&y=603&u=t
content-length: 20333
expires: Wed, 27 Jul 2022 13:19:25 GMT

GET
H2 200 AADetNw
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 773 B
1 KB 84ms
12ms Image
image/png 2a02:26f0:480:3::210:ee90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AADetNw?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:480:3::210:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1292a3eead7170f1d080337cc6e89e06244baa7ad853f37058ef3962669bd74c

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
last-modified: Wed, 20 Jul 2022 22:23:21 GMT
x-datacenter: eastap
x-source-length: 3926
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=287121
x-activityid: 7b62ff9c-42fc-4677-980a-c2899f73e67b
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AADetNw?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 773
expires: Mon, 25 Jul 2022 22:23:36 GMT

GET
H2 200 th
www.bing.com/ 22 KB
22 KB 25ms
22ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.8e3a3405719966f4d440b4e33901e273&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 922ecd7519e4537a6517defbd1428b5de3760fe52dfda7d558d66bec33e1b2e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8BD70DDAC96D403A91C848F9ED3DB557 Ref B: FRAEDGE1221 Ref C: 2022-07-22T14:38:15Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 22386

GET
H2 200 AAXL7Uv
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 721 B
1 KB 84ms
12ms Image
image/png 2a02:26f0:480:3::210:ee90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAXL7Uv?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:480:3::210:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7e6d03cc3d9a0c0fdfb4fe0146cdaa530b75eaa57e89f938b5f6829b548cec50

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
last-modified: Wed, 20 Jul 2022 21:51:37 GMT
x-datacenter: westus
x-source-length: 5765
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=285212
x-activityid: d54274d4-c467-4754-b8a5-d0e282122388
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAXL7Uv?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 721
expires: Mon, 25 Jul 2022 21:51:47 GMT

GET
H2 200 th
www.bing.com/ 29 KB
29 KB 26ms
23ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.c9ac5ce505495c043f7d39df504523e1&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0b44936cf74da9825fcc0286da709c1dedea36ba80f5c0e70bd0b95499e16bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E2B2C60AB94045968C40E2DDA0F5E7B4 Ref B: FRAEDGE1221 Ref C: 2022-07-22T14:38:15Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 29769

GET
H2 200 AARGOjM
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 875 B
1 KB 13ms
11ms Image
image/png 2a02:26f0:480:3::210:ee90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AARGOjM?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:480:3::210:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d09942fe08fc2bee9b563f04706f3dbd4276e2b10106b34864d49daa0124d81b

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
last-modified: Wed, 20 Jul 2022 23:14:56 GMT
x-datacenter: northeu
x-source-length: 7857
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=290233
x-activityid: 383ed2c7-f10a-42ad-ad1a-129a17d515a9
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AARGOjM?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 875
expires: Mon, 25 Jul 2022 23:15:28 GMT

GET
H2 200 th
www.bing.com/ 25 KB
25 KB 30ms
28ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.4fdc5048cfac5f7877a2b2ff2959fd47&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ff78992842fe38cd0f8a8e7a685796c972f43c6f30453df5caf1686a8f9c15ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2CF166A56E0345E7BC83CF06402A47FC Ref B: FRAEDGE1221 Ref C: 2022-07-22T14:38:15Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 25659

GET
H2 200 AAm2UN1
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 365 B
696 B 8ms
7ms Image
image/png 2a02:26f0:480:3::210:ee90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAm2UN1?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:480:3::210:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7a886d66247bc3fe0ef3f5ace6d6c84496c7792d78c1e6a8120be0bc76cb971a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
last-modified: Wed, 20 Jul 2022 22:06:54 GMT
x-datacenter: eastap
x-source-length: 313
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=286057
x-activityid: e9e41f7c-fbdd-4308-8357-bff7cd93d6ac
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAm2UN1?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 365
expires: Mon, 25 Jul 2022 22:05:52 GMT

GET
H2 200 th
www.bing.com/ 17 KB
18 KB 12ms
10ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.68809b8a454e9c75e04f94b63a8dd5a4&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 38f619de6d4337e8b64bc7a0f4e3b8442a5ba4139afe7fbc46077737d3e0f860

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2D2F91B91EBA4B73A9C2D341EFCD7D82 Ref B: FRAEDGE1221 Ref C: 2022-07-22T14:38:15Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 17804

GET
H2 200 th
www.bing.com/ 18 KB
18 KB 30ms
29ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.89e7115e0db90bd42484c1e28cd1c8a1&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 57b7587c1e8a8c732e3b7ff4914c828cc00fdf1521f7bde94e90051cefc200e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A04C7CC82E5B47C8A8C2C7011D6EECE5 Ref B: FRAEDGE1221 Ref C: 2022-07-22T14:38:15Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 18112

GET
H2 200 BBYPv0u
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 675 B
1006 B 13ms
12ms Image
image/png 2a02:26f0:480:3::210:ee90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBYPv0u?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:480:3::210:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5da5d72996b6aecafd3cbfc439b75a40e12a3ab88b51cb3b7193a1d41f203990

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
last-modified: Wed, 29 Jun 2022 18:09:01 GMT
x-datacenter: eastus
x-source-length: 1515
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=402096
x-activityid: 38187326-5a5f-4710-9701-586c99e9a5c4
content-location: https://img.s-msn.com/tenant/amp/entityid/BBYPv0u?w=16&h=16&q=100&m=6&f=png&u=t
x-resizerversion: 1.0
timing-allow-origin: *
content-length: 675
expires: Wed, 27 Jul 2022 06:19:51 GMT

GET
H2 200 th
www.bing.com/ 20 KB
21 KB 25ms
23ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.b1d18968ac438aa72529e2c9e4461f50&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d25cb34ff9dfb4fac931d5eac079362b57c28ff6bc56260e7eef1c431691db42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BB19004064554C4E9C3B7C160E87738F Ref B: FRAEDGE1221 Ref C: 2022-07-22T14:38:15Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 20891

GET
H2 200 AAEyR6E
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 759 B
1 KB 10ms
9ms Image
image/png 2a02:26f0:480:3::210:ee90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAEyR6E?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:480:3::210:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f771e9815a2ff4435818ea19cb399cf599b4c68b7d6c5440809ae4e6fc947266

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
last-modified: Wed, 20 Jul 2022 22:01:28 GMT
x-datacenter: westus
x-source-length: 673
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=285735
x-activityid: c3c4b191-d800-4b2d-94db-f32baa4af984
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AAEyR6E?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 759
expires: Mon, 25 Jul 2022 22:00:30 GMT

GET
H2 200 th
www.bing.com/ 16 KB
16 KB 31ms
29ms Image
image/jpeg 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=ORMS.fb8e30ebd8d1341b0d7fc9fce01b361d&pid=Wdp&w=300&h=225&qlt=90&c=1&rs=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5fd2898712f0305ac843548aedeb3883081a5cbaf4c4332a874bc18d578e69bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:14 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C0E35FC5D184030B1F9E0629BA492F2 Ref B: FRAEDGE1221 Ref C: 2022-07-22T14:38:15Z
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-cache: TCP_HIT
timing-allow-origin: *
access-control-allow-headers: *
content-length: 16137

GET
H2 200 AALbue7
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 941 B
1 KB 11ms
10ms Image
image/png 2a02:26f0:480:3::210:ee90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AALbue7?w=16&h=16&q=100&m=6&f=png&u=t

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:26f0:480:3::210:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3716d783db4ce9e90de0fda7b5e4a81679a2590c633378b64590066ee6d6eaec

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
last-modified: Wed, 20 Jul 2022 22:10:19 GMT
x-datacenter: westus
x-source-length: 1423
x-frame-options: DENY
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=286298
x-activityid: 6750c420-d078-43fe-a4d8-deb42dd738f0
x-resizerversion: 1.0
content-location: https://img.s-msn.com/tenant/amp/entityid/AALbue7?w=16&h=16&q=100&m=6&f=png&u=t
content-length: 941
expires: Mon, 25 Jul 2022 22:09:53 GMT

GET
H2 200 g4d3m137.json Show response
l.getsitecontrol.com/ Frame 8CFB 94 KB
8 KB 185ms
129ms XHR
application/json 84.17.46.54
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/g4d3m137.json
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/g4d3m137.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-54.cdn77.com
Software: BunnyCDN-AMS-883 /
Resource Hash: 19ba9986bbcf00aeb9fdeb256102386e0f779ad9e21c7412120a587390c10f33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 883
x-amz-request-id: R3YPWKSXTJXZB3DQ
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 07/18/2022 17:39:59
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: hjmMtR+fqZXd/7/KTs3v0V9UmMSPGngVq0fDJveiI4J/XGrBohiiKADLvfz/YuU29ds8NbLNhGE=
server: BunnyCDN-AMS-883
access-control-allow-origin: *
last-modified: Mon, 18 Jul 2022 17:30:36 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"0c501ef3117755e37ac886cbcf9f9dad"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: 3de9c4e4b9ad9f63e4e0cf95e80568f3
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 location Show response
gateflipp.flippback.com/flyer-locator-service/ Frame 8CFB 103 B
311 B 379ms
98ms Fetch
application/json 3.230.107.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://gateflipp.flippback.com/flyer-locator-service/location?domain=www.sootoday.com
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.107.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-107-219.compute-1.amazonaws.com
Software: envoy /
Resource Hash: 1a627b8d6c0efe226854550d06c2e143efdc0d2c60f0258510fd091b2b1c6665

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-trace-id: cbdbclufifg2nn8i7gag
date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: gzip
server: envoy
vary: Origin,Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-envoy-upstream-service-time: 2

GET
H2 200 / Show response
graph.facebook.com/ Frame 8CFB 421 B
770 B 118ms
73ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?fields=og_object{engagement{count}}&ids=https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920&access_token=253883948067202|97ed53738428ce974f5f6696babe8b34&callback=jQuery111204397091896891743_1658500692976&_=1658500692977

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6800c389b5182aacd1b5bc1e0ed769d535b443f3c6a4b07b472d992b778e0ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
etag: "3f34bfc8ac80062cea92df230e819d9827aaa7a2"
x-app-usage: {"call_count":78,"total_cputime":0,"total_time":17}
cross-origin-resource-policy: cross-origin
x-fb-rev: 1005894519
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 215
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: DmbclGnXHN5FYpJ+OR/Vz7RchRyPqrep9Ab08Y8WTP1PoVNuMhkhajSC252CFMuVwFrPOj4fDWVty7AB3YqehQ==
x-fb-trace-id: AHzQ5U+7Z7M
date: Fri, 22 Jul 2022 14:38:15 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A_0bHZPdsfgGRvQo8RjdXcI
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v8.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 weatherwidget Show response
www.sootoday.com/external/ Frame 8CFB 133 B
691 B 94ms
93ms XHR
application/json 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/external/weatherwidget?weatherCode=ON%2Fs0000479_e

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d7650208e2a5e4d5fea9b849e836d6f7fd4641504f2a9318bae68964400c8dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Accept: */*
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: gzip
last-modified: Fri, 22 Jul 2022 14:23:43 GMT
strict-transport-security: max-age=63072000;
content-type: application/json; charset=utf-8
cache-control: public, max-age=28
content-length: 234
expires: Fri, 22 Jul 2022 14:38:43 GMT

GET
H2 200 poll Show response
www.sootoday.com/jsb/ Frame 8CFB 20 KB
10 KB 96ms
95ms XHR
text/javascript 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/jsb/poll?v=oG8YSB4dyGKTFHX_-m-MrcyI-ykYr-_Pv7CFGKVEzoI1

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

256df061c262c1f1daaafab04edf15993728da544e58bd6b57e82f29c1c74c99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: gzip
last-modified: Fri, 22 Jul 2022 14:38:15 GMT
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000;
content-length: 9393
expires: Sat, 22 Jul 2023 14:38:15 GMT

GET
H2 200 videoadsloader Show response
www.sootoday.com/jsb/ Frame 8CFB 9 KB
4 KB 95ms
94ms XHR
text/javascript 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/jsb/videoadsloader?v=0r02dfP0uuBz9go5Cy-3u5iSCc3p4JCCV8jxhXibGx41

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fe9feaaac98dcbb591632785fe3d7434bc14fac70a347120b9e30f956cc85d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: gzip
last-modified: Fri, 22 Jul 2022 14:38:15 GMT
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000;
content-length: 3403
expires: Sat, 22 Jul 2023 14:38:15 GMT

GET
H2 200 539217 Show response
www.sootoday.com/widgets/ Frame 8CFB 3 KB
2 KB 102ms
102ms XHR
text/html 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/widgets/539217

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

68a4f36943a3902d7495b50ee172d842634f328cf86c11564707a167a5050ad9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: private
strict-transport-security: max-age=63072000;
content-length: 1141

GET
H2 200 adobestock_354252384.jpeg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/spotlight-photos/share-lawyers/ Frame 8CFB 3 KB
4 KB 9ms
8ms Image
image/jpeg 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/sootoday/spotlight-photos/share-lawyers/adobestock_354252384.jpeg;w=100;h=67;mode=crop
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 97406dc49eefe5a732ed1072eeb2da91710e00ddd705f5a2d34ac16da1f6c5c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 11:03:21 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 99294
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
x-amz-cf-pop: FRA56-P5
content-length: 3314
x-amz-cf-id: o2_X6XMTez1h_HcoBEGydxrTQH03jNsFDa4jXIT_yASd9uSIVUXhzg==
expires: Fri, 21 Jul 2023 11:01:04 GMT

GET
H2 200 beaver-out-the-doorstep-c-karen-greaves.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/spotlight-photos/canadian-bushplane-heritage-museum/ Frame 8CFB 3 KB
3 KB 9ms
9ms Image
image/jpeg 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/sootoday/spotlight-photos/canadian-bushplane-heritage-museum/beaver-out-the-doorstep-c-karen-greaves.jpg;w=100;h=67;mode=crop
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: d39141ffdb7ac369d4543841aa9c6b58acaba1dbc987fc75421847b54ac5d20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 11:04:43 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 272011
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
x-amz-cf-pop: FRA56-P5
content-length: 3180
x-amz-cf-id: km-CUnJR4onstDv5p6ph8No1WjiRXXsHZLru3xiAMwmdaWaI5fKJIg==
expires: Wed, 19 Jul 2023 11:01:07 GMT

GET
H2 200 image001-(3).jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/spotlight-photos/northern-policy-institute/ Frame 8CFB 2 KB
2 KB 10ms
9ms Image
image/jpeg 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/sootoday/spotlight-photos/northern-policy-institute/image001-(3).jpg;w=100;h=67;mode=crop
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 7a813fdf935479399d992e06ea5f99c8e29a52e17cb1781c5a27835ce41c4f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 17:13:29 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 595486
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
x-amz-cf-pop: FRA56-P5
content-length: 1938
x-amz-cf-id: PVXgWq56Hu-Fq-Dj03BDuJN56gyDW-GTU97WcnXq18isyQ2VDNtjjA==
expires: Sat, 15 Jul 2023 17:13:24 GMT

GET
H2 200 287993186_557337209215323_393737634099518452_n.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/sootoday/spotlight-photos/the-ranch-15d/ Frame 8CFB 4 KB
4 KB 10ms
10ms Image
image/jpeg 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/sootoday/spotlight-photos/the-ranch-15d/287993186_557337209215323_393737634099518452_n.jpg;w=100;h=67;mode=crop
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1461ca0257b0db4bc024345e2c52299e843e3a09953f8b46198fd855b15f200e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 11:04:28 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 704026
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
x-amz-cf-pop: FRA56-P5
content-length: 4242
x-amz-cf-id: C35V3eem4QkOmEV_yQHThUf1YCZaKguWz2ICITrFPRu8R3_kNBwvYQ==
expires: Fri, 14 Jul 2023 11:01:44 GMT

POST
H/1.1 200
OK 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
1 KB 159ms
159ms Fetch
application/json 20.189.173.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.11 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

fbffe5b8e4fc94a46d59eef975940d3f9b9e11c7b913fe6fcd75f25855dcf8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 22 Jul 2022 14:38:14 GMT
time-delta-millis: 2276
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://www.msn.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Content-Type: application/json
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Content-Length: 153

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8CFB 107 B
792 B 216ms
48ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sootoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8CFB 107 B
549 B 214ms
50ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sootoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8CFB 244 KB
32 KB 747ms
747ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2462427126000773&correlator=785607733426512&eid=31064226%2C42531606%2C31064018&output=ldjh&gdfp_req=1&vrg=2022071901&ptt=17&impl=fifs&iu_parts=5198809%2CNET_Respbillboard%2CNET_Background%2CNET_Alert%2CNet_Mobile_Footer%2CNET_TopBlock%2CNET_Rotator%2CNET_BottomBlock&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=300x120%7C320x50%7C320x100%7C728x90%7C728x200%7C970x200%7C970x250%2C1920x800%7C1920x1200%2C320x50%2C320x100%7C320x50%2C300x600%7C300x300%7C300x250%2C300x120%2C300x120%2C300x600%7C300x300%7C300x250&fluid=0%2C0%2Cheight%2C0%2C0%2C0%2C0%2C0&ifi=1&adks=2223898604%2C3160540576%2C144140361%2C2954536008%2C4095612832%2C720596874%2C971510462%2C3275349605&sfv=1-0-38&ecs=20220722&fsapi=false&prev_scp=not_poll%3Dtrue%7C%7C%7C%7C%7C%7Cnot_poll%3Dtrue%7C&eri=1&cust_params=site%3Dwww.sootoday.com%252Csootoday.com%26ContentCategory%3DNational%2520Sports%26ContentCategories%3DNational%2520Sports%26ContentType%3DSyndicated%26TemplateType%3DDetails%26ContentId%3D5518920&sc=1&cdm=www.sootoday.com&abxe=1&dt=1658500693296&lmt=1658500694&dlt=1658500692663&idt=563&adxs=-12245933%2C-400%2C0%2C-12245933%2C740%2C740%2C740%2C740&adys=-12245933%2C109%2C0%2C-12245933%2C164%2C434%2C574%2C1161&biw=-12245933&bih=-12245933&isw=1120&ish=941&scr_x=-12245933&scr_y=-12245933&ucis=b1mxsz149xvz%7C4nd7oqc44dho%7Cwyhxhzs8hmbn%7Cc5gqemgex3ci%7C8lwhn7wrd0uu%7C71a6csuy329f%7C2pe2sy6iz0lt%7Cy1ksxx30i3ul&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fwww.sootoday.com%2Fnational-sports%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920&ref=https%3A%2F%2Fwww.msn.com%2F&top=https%3A%2F%2Fwww.msn.com%2F&frm=24&vis=1&psz=300x90%7C1920x1200%7C1120x-1%7C320x0%7C300x0%7C300x0%7C300x0%7C300x0&msz=0x0%7C0x0%7C0x-1%7C0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=388%2C260%2C772%2C388%2C260%2C260%2C260%2C260&ohw=1120%2C1120%2C1120%2C1120%2C1120%2C1120%2C1120%2C1120&ga_vid=1288795854.1658500693&ga_sid=1658500693&ga_hid=30074189&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

349aa0c6c5693488138201bf51d554c8ef885d65346fe130361b4fd354dc4055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33201
x-xss-protection: 0
google-lineitem-id: 5893165410,5897470786,5526292015,-1,5897470786,5968145241,5771858283,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383797942,138386740784,138396812561,-1,138386740781,138387484120,138361012825,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sootoday.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
72b366b527e947c07365712e9fcdc3b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E3F8 6 KB
4 KB 178ms
48ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://72b366b527e947c07365712e9fcdc3b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 14:38:15 GMT
expires: Sat, 22 Jul 2023 14:38:15 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 beacons
p.flipp.com/ Frame 8CFB 0
0 310ms
193ms Fetch 18.66.112.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-46.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.sootoday.com
access-control-allow-credentials: true
x-amz-cf-id: zMts0YeWwwnIkIdajDz1K4ZnIS1u8OSB1vYPyH60Kw0O2idMre7RYg==

GET
H2 200 reaction-breakdown-dialog.23527a977284937f1854.js Show response
assets.msn.com/bundles/v1/views/latest/ 87 KB
23 KB 7ms
7ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/reaction-breakdown-dialog.23527a977284937f1854.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1ee3ef3db4113847c3ce1ef617901dca7cbfba9593f17c21560e262911e714c9

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: EvKCwXK7hefZTOCDtyhHGA==
server-timing: 6
content-length: 22633
x-ms-lease-status: unlocked
last-modified: Mon, 11 Jul 2022 23:19:16 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6393C6606D06
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 06d9fe5f-401e-0014-123a-9611b2000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe70f0

GET
H2 200 / Show response
assets.msn.com/service/community/urls/ 9 KB
5 KB 91ms
91ms Fetch
application/json 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/service/community/urls/?cmsid=AAZPOpU&market=en-ca&version=1.1&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt9cf%2Cprg-hhads-cf%2Cmuidflt19cf%2Cmuidflt57cf%2Cmuidflt259cf%2Cpneedge2cf%2Cbingcollabedge1cf%2Cplatagyhp3cf%2Caudexhp1cf%2Caudexhp2cf%2Cmodcoglangc%2Cprg-otherprod%2Caudexhz2cf%2Cprg-ads-t-onesz-r2%2Cprg-ads-onesz%2Cgallery5cf%2Conetrustpoplive%2Cmsnapp3cf%2Cprg-da21rf2%2Cprg-tok21%2Cprg-ntbell-expt%2Cprg-commonbell%2Cprg-nt-vertical%2Cprg-1sw-cnewmb%2Cprg-1sw-shopfeedtr6%2Cprg-1sw-shopfeed%2Cprg-1sw-fiplog%2Cprg-adspeek%2Cbtrecrow1%2C1s-winauthservice%2Cprg-hprewflyout-t%2Cprg-wf-sky-re%2Cweather9cf%2Cmsnapp8cf%2Cmsnapp9cf%2Cmsnapp10cf%2Cprg-1sw-clbdg%2C1s-p2-brknb%2C1s-p2cl-bdg%2Cprg-1sbgbanner%2Cprg-1sw-wxbdg%2Cprg-1sw-clrot%2Cprg-1s-mtsn%2Cprg-1sw-wxrus%2Cprg-ias%2Croutentpring2c%2C1s-fcrypt%2Cprg-wpo-t%2Cprg-wpo-b7arbqc%2Cprg-winhp-sdb7l%2Cprg-1sw-3rps6pm%2Cprg-1sw-pr2clarity%2Cprg-pr2-fuzafc%2Cprg-pr2-3pine35%2Cprg-pr2-3pine%2Cprg-1sw-hdukr%2Cprg-upsaip-w1-t%2Cprg-intapperr%2Cprg-upsaip-r-t%2Cprg-wx-anmpr%2C1s-contentview-1%2Cprg-sw-tlmt%2Cprg-wx-sbn-vm%2Cprg-1sw-sbn-mm%2Cprg-ctr-pmosc%2Cprg-1sw-list%2C1s-rpssecautht%2Cprg-1sw-wxhfctrl%2Cprg-apilog%2Cprg-1sw-p1wtrclm%2Cprg-1sw-mbnodp%2Cprg-spr-t-intl%2Cprg-spr-egreco%2Cprg-spr-emttof%2Cprg-spr-st-gmarketv2%2Cprg-1sw-aqlmtrt%2Cprg-1sw-wxcfwf%2Cprg-1sw-pllmtrt%2Cprg-wx-rmtemp%2Cprg-cthidead%2Cprg-ct-noembss%2Cads-xandrbiasc%2Cprg-1sw-thwnt1%2Cprg-1sw-sagetn%2Cprg-1sw-bnrrksc3%2Cprg-1sw-stul2%2Cprg-ad-sg-m&ocid=entnewsntp&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&user=m-2FACA347D06F6EB92872B2AED15C6F86
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c987d72c0e72f1654a7a25f8eff868704cfd2bf7bb0105165d55fced38e86906

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-encoding: gzip
x-fd-features: muidflt9cf,prg-hhads-cf,muidflt19cf,muidflt57cf,muidflt259cf,pneedge2cf,bingcollabedge1cf,platagyhp3cf,audexhp1cf,audexhp2cf,modcoglangc,prg-otherprod,audexhz2cf,prg-ads-t-onesz-r2,prg-ads-onesz,gallery5cf,msnapp3cf,prg-da21rf2,prg-tok21,prg-1sw-sacfincensinc,prg-ntbell-expt,prg-commonbell,prg-nt-vertical,prg-1sw-sal3vfec,prg-1sw-cnewmb,prg-1sw-shopfeedtr6,prg-1sw-shopfeed,prg-1sw-fiplog,btrecenca,prg-adspeek,1s-winauthservice,prg-hprewflyout-t,prg-wf-sky-re,weather9cf,msnapp8cf,msnapp9cf,msnapp10cf,prg-1sw-clbdg,1s-p2-brknb,1s-p2cl-bdg,prg-1sbgbanner,prg-1sw-wxbdg,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,routentpring2c,prg-1sw-nwrc,1s-fcrypt,prg-wpo-t,prg-wpo-b7arbqc,prg-winhp-sdb7l,prg-1sw-3rps6pm,prg-1sw-pr2clarity,prg-pr2-fuzafc,prg-pr2-3pine35,prg-pr2-3pine,prg-1sw-hdukr,prg-upsaip-w1-t,prg-intapperr,prg-upsaip-r-t,prg-wx-anmpr,1s-contentview-1,prg-sw-tlmt,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ctr-pmosc,prg-1sw-list,1s-rpssecautht,prg-1sw-wxhfctrl,prg-apilog,prg-1sw-p1wtrclm,gbj35620,prg-1sw-mbnodp,prg-1sw-sbnww,prg-spr-t-intl,prg-spr-egreco,prg-spr-emttof,prg-spr-st-gmarketv2,prg-1sw-aqlmtrt,prg-1sw-wxcfwf,prg-1sw-pllmtrt,prg-wx-rmtemp,prg-cthidead,prg-1sw-entntnp3c,prg-ct-noembss,ads-xandrbiasc,prg-1sw-bnrrksc3,prg-1sw-stul2,prg-ad-sg-m,prg-bts1-r-winhp,prg-1s-whpbtss,prg-1s-whp-shop
ddd-storeentrytimeutc: 7/22/2022 2:38:15 PM
x-msedge-ref: Ref A: DFB0282190F44E48BC147CA5073C6578 Ref B: VIEEDGE3010 Ref C: 2022-07-22T14:38:15Z
ddd-strategyexecutionlatency: 00:00:00.0041761
server-timing: 5
ddd-servername: C151C71405DC
x-fd-detection-corpnet: 0
vary: Origin
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.msn.com
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
cache-control: public, max-age=60
x-msedge-responseinfo: 4
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token
onewebservicelatency: 4
x-as-suppresssetcookie: 1
date: Fri, 22 Jul 2022 14:38:15 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
ddd-strategyid: Community_SocialObjectStoreReadStrategy
ddd-usertype: AnonymousMuid
ddd-debugid: 4568d7ac-adf4-41b6-a97d-5a4455bf210a|7/22/2022 2:38:15 PM|fabric:/community|NEU2|_Community_159
content-length: 1586
akamai-server-ip: 23.36.161.81
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-fd-flight: muidflt9=muidflt9cf,muidflt17=prg-hhads-cf,muidflt19=muidflt19cf,muidflt57=muidflt57cf,muidflt259=muidflt259cf,pneedge2=pneedge2cf,bingcollabedge1=bingcollabedge1cf,platagyhp3=platagyhp3cf,audexhp1=audexhp1cf,audexhp2=audexhp2cf,pnehz2=modcoglangc,platagyhz2=prg-otherprod,audexhz2=audexhz2cf,article1=prg-ads-t-onesz-r2,gallery5=gallery5cf,msnapp3=msnapp3cf,anaheimmuidr5=prg-da21rf2,sagenlann=prg-1sw-sacfincensinc,sagenl1=prg-ntbell-expt,sagenl3=prg-1sw-sal3vfec,wfeedsmuid3=prg-1sw-cnewmb,wfeedsmuid4=prg-1sw-shopfeedtr6,wfeedsmuid8=prg-1sw-fiplog,275b=btrecenca,2ml4=prg-adspeek,2tpu=1s-winauthservice,wfeedsmuidheader2=prg-hprewflyout-t,weather6=prg-wf-sky-re,weather9=weather9cf,msnapp8=msnapp8cf,msnapp9=msnapp9cf,msnapp10=msnapp10cf,prong2flyout2=prg-1sw-clbdg,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3c76=routentpring2c,3fnb=prg-1sw-nwrc,3gk6=1s-fcrypt,anaheimedgwpo4=prg-wpo-t,anaheimedgwpo5=prg-wpo-b7arbqc,wfeedsmuidwpo1=prg-winhp-sdb7l,wfeedsmuidwpo6=prg-1sw-3rps6pm,prong2wpo1=prg-1sw-pr2clarity,prong2wpo2=prg-pr2-fuzafc,prong2wpo3=prg-pr2-3pine35,3mi0=prg-1sw-hdukr,3nhv=prg-upsaip-w1-t,3ouz=prg-intapperr,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3qu2=1s-contentview-1,3sxl=prg-sw-tlmt,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3vb9=prg-ctr-pmosc,3viw=prg-1sw-list,3vhe=1s-rpssecautht,3vka=prg-1sw-wxhfctrl,3w8x=prg-apilog,3wjn=prg-1sw-p1wtrclm,3wqo=gbj35620,3wus=prg-1sw-mbnodp,3x2v=prg-1sw-sbnww,3xfz=prg-spr-t-intl,3xpd=prg-1sw-aqlmtrt,3xpi=prg-1sw-wxcfwf,3xpk=prg-1sw-pllmtrt,3xx8=prg-wx-rmtemp,3ybl=prg-cthidead,3yoo=prg-1sw-entntnp3c,3yy0=prg-ct-noembss,3yy3=ads-xandrbiasc,3z0t=prg-1sw-bnrrksc3,3z1m=prg-1sw-stul2,3z3w=prg-ad-sg-m,3z6m=prg-bts1-r-winhp
ddd-authenticatedwithjwtflow: False
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
ddd-activityid: 4568d7ac-adf4-41b6-a97d-5a4455bf210a
ddd-storeexecutionlatency: 00:00:00.0041231
ddd-datastore: Community_SocialDataStore
access-control-allow-credentials: true
akamai-request-id: aafe71a6

GET
DATA 200
OK truncated
/ 42 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7f5282cabbf7963811f21d108990cb61c5ded048d010ab13c1263b328de94e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 387 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2

Request headers

Referer
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 235 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca7ee6d75a89f45f4573c35b27a39596e1f63a48fe74b21993ea8ec8e86ffdd0

Request headers

Referer
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 239 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9

Request headers

Referer
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 runtime.05dd8d2.js Show response
s2.getsitecontrol.com/widgets/es6/ Frame 8CFB 145 KB
50 KB 71ms
9ms Script
text/javascript 138.199.37.230
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.getsitecontrol.com/widgets/es6/runtime.05dd8d2.js
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/g4d3m137.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-230.datapacket.com
Software: BunnyCDN-DE-864 /
Resource Hash: 7b4efbc54fb4fd7cd1bc2e396882284662607158730226b364b47b56a0d9655d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: br
cdn-edgestorageid: 874
x-amz-request-id: CHGF71JMH2FA7JGZ
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 06/10/2022 12:18:14
cdn-pullzone: 83560
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: GjOIVDilAqK+ZZ27mvmL4mLrFVNGP+B/tNo2acIKbt+e7ao04MA1ke9WCMJzt9uoCm6EVz6S1Ic=
server: BunnyCDN-DE-864
access-control-allow-origin: *
last-modified: Fri, 10 Jun 2022 12:14:43 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"3ace1431be95bf5f91a0c7a6aeb0ecc0"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=22809600
cdn-requestid: 78100684e71c5ef5feaf56820c11c87e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 01.gif
www.vmcdn.ca/files/ui/icons/weather/ Frame 8CFB 2 KB
3 KB 8ms
7ms Image
image/gif 18.66.112.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/weather/01.gif
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-122.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: dfacc28b68125a3ebab167bc626adad84ab00dc28a1823550fdedcc03607941b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 12:21:26 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server: CloudFront
age: 181008
x-cache: Hit from cloudfront
content-type: image/gif
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=01.gif
x-amz-cf-pop: FRA56-P5
content-length: 2227
x-amz-cf-id: cv5oSGtmpM-JTKq5Z3TasE1WDEvChFH_cM1kLx-o1WOnoLNp1P0pKw==
expires: Fri, 19 Aug 2022 12:21:27 GMT

GET
H2 200 videoads
www.sootoday.com/cssb/ Frame 8CFB 1 KB
922 B 94ms
94ms Stylesheet
text/css 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/cssb/videoads?v=fv9Md4-e1WUgqY-3iYIxoPVG-1U8Kk5LgsxuWIwiu3k1

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ae79e2f790372eaaf6d350bfa37f6477d780ed02ffe0804c333b4ab705dbbaea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: gzip
last-modified: Fri, 22 Jul 2022 14:38:15 GMT
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
strict-transport-security: max-age=63072000;
content-length: 605
expires: Sat, 22 Jul 2023 14:38:15 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8CFB 1 KB
1 KB 160ms
82ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/5198809/NET_Outstream&description_url=https%3a%2f%2fwww.sootoday.com%2fnational-sports%2ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920&tfcd=0&npa=0&sz=640x480&min_ad_duration=5000&max_ad_duration=60000&gdfp_req=1&output=vast&unviewed_position_start=1&cust_params=site%3Dwww.sootoday.com%2Csootoday.com%26ContentCategory%3DNational%20Sports%26ContentCategories%3DNational%20Sports%26ContentType%3DSyndicated%26TemplateType%3DDetails%26ContentId%3D5518920%26WeatherCondition%3DMainly%20Sunny%26WeatherTemperature%3D21&env=vp&impl=s&correlator=1658500693&sdkv=h.3.468.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&url=https%3A%2F%2Fwww.sootoday.com%2Fnational-sports%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

55dc9ce0a11440a75dc85edc158628ea21aed501992b0f9bd744f1a4d31a2a3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.sootoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 8CFB 0
191 B 8ms
7ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=21059523&cs_it=b2&cv=3.8.0.210223&ns__t=1658500693467&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.sootoday.com%2Fnational-sports%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920&c8=Toronto%20Blue%20Jays%20redesign%20Fourth%20of%20July%20hats%2C%20remove%20stars%20-%20Sault%20Ste.%20Marie%20News&c9=https%3A%2F%2Fwww.msn.com%2F
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: PF2V0sOk-NDJPyCOFeQuRM4Em6UkLH5C2a3jbO73ZJ_xbjCoGFXWOg==
x-cache: Miss from cloudfront

GET
H2 200 card-actions-wc.26a728f91445b064d9b3.js Show response
assets.msn.com/bundles/v1/views/latest/ 196 KB
42 KB 21ms
18ms Script
application/javascript 23.36.163.109
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.msn.com/bundles/v1/views/latest/card-actions-wc.26a728f91445b064d9b3.js
Requested by: Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.c8fc95170672a69c10d2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.109 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-109.deploy.static.akamaitechnologies.com
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 27843622978e789dbb467ff033166d5cad40e3f8c6a12b5a1404d235b832309a

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: br
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
content-md5: xycBUHLCnsIAaUz9AqmUxg==
server-timing: 6
content-length: 42019
x-ms-lease-status: unlocked
last-modified: Fri, 22 Jul 2022 01:49:05 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DA6B845C2ADFFF
vary: Origin
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type: application/javascript
access-control-allow-origin: https://www.msn.com
x-ms-request-id: 2358209e-701e-0033-166d-9d518f000000
cache-control: public, no-transform, max-age=31535892
akamai-server-ip: 23.36.161.81
x-ms-version: 2009-09-19
access-control-allow-credentials: true
timing-allow-origin: *
akamai-request-id: aafe7303

GET
H2 200 auth-redirect-blank.html Show response
www.msn.com/staticsb/statics/latest/auth/ Frame 0A1D 102 B
378 B 47ms
46ms Document
text/html 131.253.33.203
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.msn.com/staticsb/statics/latest/auth/auth-redirect-blank.html
Requested by: Host: login.microsoftonline.com
URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=d7b530a4-7680-4c23-a8bf-c52c121d2e87&scope=openid%20profile%20offline_access&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fstaticsb%2Fstatics%2Flatest%2Fauth%2Fauth-redirect-blank.html&client-request-id=298ca6e3-6af0-4938-83a7-5a6f14b7c7e4&response_mode=fragment&response_type=code&x-client-SKU=msal.js.browser&x-client-VER=2.18.0&x-client-OS=&x-client-CPU=&client_info=1&code_challenge=tTYaTeIl8rUZXN-n_O26Luwd2ITYaHRML-MYyfv9y_Y&code_challenge_method=S256&prompt=none&nonce=bdd3bae4-c801-4659-b3c4-793fac5a5745&state=eyJpZCI6Ijk1ZjdjMjNjLTUzZmYtNDRjNy1hNTk3LTY2NjhmZGQ3OTgzNSIsIm1ldGEiOnsiaW50ZXJhY3Rpb25UeXBlIjoic2lsZW50In19&sso_reload=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0003.dc-msedge.net
Software: /
Resource Hash: c9bd52ecd38bf9093c7a257a069d08cf03dab816d8da5c1a4f0eced0d9b1ee79

Request headers

Referer: https://login.microsoftonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
akamai-request-id: 11332f83
akamai-server-ip: 84.53.185.157
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 98
content-md5: gjos0l3v/GDR/S2vt1pPkw==
content-type: text/html
date: Fri, 22 Jul 2022 14:38:14 GMT
etag: 0x8DA6789FC640A75
last-modified: Sun, 17 Jul 2022 00:19:16 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
server-timing: 17
vary: Origin
x-cache: CONFIG_NOCACHE
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 898f0317-701e-008a-23fa-99833c000000
x-ms-version: 2009-09-19
x-msedge-ref: Ref A: F1C4551994114F0A9A7870DA6C64EC8F Ref B: VIEEDGE2720 Ref C: 2022-07-22T14:38:15Z

GET
H2 200 events Show response
events.getsitectrl.com/api/v1/ Frame 8CFB 406 B
654 B 397ms
149ms Fetch
text/plain 52.86.134.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.getsitectrl.com/api/v1/events?source=https%3A%2F%2Fwww.msn.com%2F
Requested by: Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.05dd8d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.134.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-134-216.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: ed351bd5d6c5a1bac019d6de01bfb226a841fb6068b5a1efa84d3f33bd86b891

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:16 GMT
server: Getsitecontrol
access-control-allow-methods: GET,POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,X-Requested-With
content-length: 406

GET
H2 200 meversion Show response
mem.gfx.ms/ 29 KB
10 KB 301ms
10ms Script
application/javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/meversion?partner=msnews&market=en-ca

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common-header.4d703395c848162db57c.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

97100f2bbc9e508061910e790adbd454c5b961f2db3c352263eeebd9d5c59403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 22 Jul 2022 14:38:15 GMT
x-azure-ref: 0WLbaYgAAAAAWhIwlFv5MQYTHq02lClJ2RlJBMjMxMDUwNDE3MDE5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, no-transform, max-age=43200
x-ua-compatible: IE=edge
expires: Fri, 22 Jul 2022 19:16:52 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8CFB 26 KB
7 KB 313ms
247ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=/5198809/NET_Outstream&sz=640x480&cust_params=site%3Dwww.sootoday.com%2Csootoday.com%26ContentCategory%3DNational%20Sports%26ContentCategories%3DNational%20Sports%26ContentType%3DSyndicated%26TemplateType%3DDetails%26ContentId%3D5518920%26WeatherCondition%3DMainly%20Sunny%26WeatherTemperature%3D21&url=https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920&unviewed_position_start=1&impl=s&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast2&video_url_to_fetch=https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920&useragent=Mozilla/5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/103.0.5060.134+Safari/537.36,gzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1165544&pmnd=0&pmxd=65000&pmad=2&max_ad_duration=61000&correlator=1658500693&is_amp=0&npa=false&osd=2&vis=1&hl=en&frm=0&sdkv=h.3.468.0&sdr=1&kfa=0&tfcd=0

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e495b1b79d0ed332a3267aef04f5e7d1ddcbf9dd4c5792a0b33890228f66a6e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/xml, text/xml, */*; q=0.01
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6728
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://www.sootoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 me Show response
www.sootoday.com/account/ Frame 8CFB 369 B
878 B 94ms
94ms XHR
application/json 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sootoday.com/account/me

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/head?v=LcM8wEj7Rn1AYDjGF1pjSV_suFrl8pQqVJyJndJTH5A1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ec1579214a31e060cfd8f1a7c761fa0f66abb87cb4446e28d874af623b4b3711

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
strict-transport-security: max-age=63072000;
content-length: 405

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8CFB 14 KB
11 KB 212ms
64ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a7f36937f5092d31762e184714852d2cc1d950193fedc70a86552f01bf0f2fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10797
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8CFB 17 KB
7 KB 146ms
63ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 14:38:16 GMT

GET
H2 200 meBoot.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.22108.2/en-US/ 158 KB
31 KB 10ms
9ms Script
application/javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.22108.2/en-US/meBoot.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=msnews&market=en-ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

afc4759aa1ead362c4c11504fa1e71f6fc81c5d3d1b4dd6416215d335d65ad74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 23:09:26 GMT
etag: "1d87c90a30919be"
x-azure-ref: 0WLbaYgAAAABol6yPz6xlSqwTr9MYKK83RlJBMjMxMDUwNDE3MDE5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
x-ua-compatible: IE=edge

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 476ms
108ms Image
image/gif 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-07-22T14%3A38%3A13.956Z%27&appId=%27JS%3AMeControl%27&cV=%27Lt1mvGyL0cI5wnuq.4%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meversion%27&-dependencyOperationName=%27LoadResource%27&-dependencyName=%27MeControl%27&-latencyMs=302&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fmeversion%3Fpartner%3D**%26market%3D**%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27c4adc800-3e2c-44d8-3fde-835ef52b8a4c%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A311.8999938964844%2C%22perfDuration%22%3A301.8000030517578%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnews%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22108.2%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnews%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22cache%22%3Atrue%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3D**%26cvid%3D**%22%2C%22accts%22%3A%220-0%22%7D%27

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 14:38:16 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: R6HoUyQiY0i4rYn1ae6oyA.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8CFB 373 KB
125 KB 56ms
22ms Script
text/javascript 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.sootoday.com
URL: https://www.sootoday.com/jsb/template?v=2BdE8O-bF39TTR65Wh8RJtOgK1nVIJGf1gKWU8v35LM1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a407bad2c5c1c6331c406392e74465bca0603fb1040b476e6592fe6fd4a56faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127179
x-xss-protection: 0
expires: Fri, 22 Jul 2022 14:38:16 GMT

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 458ms
113ms Image
image/gif 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-07-22T14%3A38%3A13.983Z%27&appId=%27JS%3AMeControl%27&cV=%27Lt1mvGyL0cI5wnuq.6%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meBoot.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=12&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22108.2%2Fen-US%2FmeBoot.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27None%27&*impressionGuid=%27c4adc800-3e2c-44d8-3fde-835ef52b8a4c%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A23.699996948242188%2C%22perfDuration%22%3A11.5%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnews%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22108.2%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnews%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22cache%22%3Atrue%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3D**%26cvid%3D**%22%2C%22accts%22%3A%220-0%22%7D%27

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 14:38:16 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: CzqKVgKFD0uf3dFfSdjYOA.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 meCore.min.js Show response
mem.gfx.ms/scripts/me/MeControl/10.22108.2/en-US/ 100 KB
16 KB 9ms
9ms Script
application/javascript 2620:1ec:40::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://mem.gfx.ms/scripts/me/MeControl/10.22108.2/en-US/meCore.min.js

Requested by

Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=msnews&market=en-ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bd7c1c14906bd237be9dc60260be6ec2e2f3e93584dc67e62159cdd13bde5834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 23:09:34 GMT
etag: "1d87c90a7d1ad99"
x-azure-ref: 0WLbaYgAAAACeAM7/q0j7Q47rRwS8yuc7RlJBMjMxMDUwNDE3MDE5AGVhYzVmNDlmLWUwMmQtNGY0MS1iMGE2LTJkNTBmOWZjZjg0YQ==
x-cache: TCP_HIT
content-type: application/javascript
access-control-allow-origin: *
date: Fri, 22 Jul 2022 14:38:15 GMT
x-ua-compatible: IE=edge

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 453ms
113ms Image
image/gif 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-07-22T14%3A38%3A13.989Z%27&appId=%27JS%3AMeControl%27&cV=%27Lt1mvGyL0cI5wnuq.8%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msnews%27&*controlVersion=%2710.22108.2%27&*market=%27en-US%27&*scenario=%27Load%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=32.5&*details=%27load%27

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 14:38:16 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: tSHaYpKbU0qM/hYreVFGGQ.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ Frame 8CFB 6 KB
1 KB 156ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,900&display=swap

Requested by

Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.05dd8d2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ad2c33946a64961fc97d9785d565098943cfc0b122e809fe6c7e2353ca11b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 22 Jul 2022 14:14:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Jul 2022 14:38:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Jul 2022 14:38:16 GMT

GET
H2 200 386cc717078799c48075bc41a0cb15cc_237066624.jpg
m2.getsitecontrol.com/images/81390/ Frame 8CFB 290 KB
291 KB 32ms
8ms Image
image/jpeg 138.199.37.230
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m2.getsitecontrol.com/images/81390/386cc717078799c48075bc41a0cb15cc_237066624.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-230.datapacket.com
Software: BunnyCDN-DE-864 /
Resource Hash: 6cc0406d43897cabe86bff1dae5bb45bbd9dc6dba16663194ee73990e41abfe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:16 GMT
cdn-edgestorageid: 755
x-amz-request-id: AKCX3X591KK64JV5
cdn-cachedat: 07/06/2022 16:52:40
cdn-pullzone: 84985
content-length: 297362
x-amz-id-2: ew774K2Um0gNpWmzk5PTeG4NjPv9a4RLEzu27GHKEVcBBZjEcgkLCX5HDIImBsR4uzdXZuMgHMM=
server: BunnyCDN-DE-864
last-modified: Wed, 06 Jul 2022 16:50:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "7364be9080e50d744147a686db3d42cf"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: max-age=2592000
cdn-requestid: 99c6f72f96651910087258f366095c45
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 435ms
113ms Image
image/gif 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.MeControl.TrackedScenario%27&time=%272022-07-22T14%3A38%3A14.008Z%27&appId=%27JS%3AMeControl%27&cV=%27Lt1mvGyL0cI5wnuq.9%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&*partner=%27msnews%27&*controlVersion=%2710.22108.2%27&*market=%27en-US%27&*scenario=%27Interactive%27&*action=%27END%27&*previousAction=%27START%27&*success=true&*durationMs=51.399993896484375&*details=%27Web%20header%27

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 14:38:15 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: +pMusBFRLkiyO3XaK+n6vA.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 8CFB 583 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4560bf82919e7f25eafccb9756ee3d46d4748573fcaed0fe3acb060308740c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK t.gif
web.vortex.data.microsoft.com/collect/v1/ 43 B
714 B 427ms
107ms Image
image/gif 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://web.vortex.data.microsoft.com/collect/v1/t.gif?ver=%272.1%27&name=%27Ms.Webi.OutgoingRequest%27&time=%272022-07-22T14%3A38%3A14.017Z%27&appId=%27JS%3AMeControl%27&cV=%27Lt1mvGyL0cI5wnuq.10%27&flags=2097152&ext-javascript-ver=%271.1%27&ext-javascript-libVer=%274.2.3%27&ext-javascript-domain=%27www.msn.com%27&ext-javascript-userConsent=false&ext-app-env=%27Prod%27&-operationName=%27meCore.min.js%27&-dependencyOperationName=%27DownloadScript%27&-dependencyName=%27MeControl%27&-latencyMs=11&-succeeded=true&-targetUri=%27https%3A%2F%2Fmem.gfx.ms%2Fscripts%2Fme%2FMeControl%2F10.22108.2%2Fen-US%2FmeCore.min.js%27&*baseType=%27Ms.Qos.OutgoingServiceRequest%27&*pageName=%27Initial%20Collapsed%27&*impressionGuid=%27c4adc800-3e2c-44d8-3fde-835ef52b8a4c%27&*market=%27en-US%27&*customData=%27%7B%22computedDuration%22%3A25.199996948242188%2C%22perfDuration%22%3A10.699996948242188%2C%22metaTags%22%3A%7B%22pgpart%22%3A%22msnews%22%7D%2C%22config%22%3A%7B%22ver%22%3A%2210.22108.2%22%2C%22mkt%22%3A%22en-US%22%2C%22ptn%22%3A%22msnews%22%2C%22gfx%22%3A%22https%3A%2F%2Famcdn.msftauth.net%22%2C%22dbg%22%3Afalse%2C%22aad%22%3Atrue%2C%22int%22%3Afalse%2C%22pxy%22%3Atrue%2C%22msTxt%22%3Afalse%2C%22rwd%22%3Atrue%2C%22telEvs%22%3A%22PageAction%2C%20PageView%2C%20ContentUpdate%2C%20OutgoingRequest%2C%20ClientError%2C%20PartnerApiCall%2C%20TrackedScenario%22%2C%22instKey%22%3A%22b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888%22%2C%22oneDSUrl%22%3A%22https%3A%2F%2Fjs.monitor.azure.com%2Fscripts%2Fc%2Fms.shared.analytics-3.1.11.gbl.min.js%22%2C%22remAcc%22%3Atrue%2C%22main%22%3A%22meBoot%22%2C%22wrapperId%22%3Anull%2C%22cdnRegex%22%3A%22%5E(%3F%3Ahttps%3F%3A%5C%5C%2F%5C%5C%2F)%3F(mem%5C%5C.gfx%5C%5C.ms(%3F!%5C%5C.)%7Ccontrols%5C%5C.account.microsoft%3F(%3F%3A-int%7C-dev)%3F(%5C%5C.com)%3F(%3A%5B0-9%5D%7B1%2C6%7D)%7Camcdn%5C%5C.ms(%3F%3Aft)%3Fauth%5C%5C.net(%3F!%5C%5C.))%22%2C%22timeoutMs%22%3A30000%2C%22graphv2%22%3Atrue%2C%22graphinfo%22%3A%7B%22graphclientid%22%3A%227eadcef8-456d-4611-9480-4fff72b8b9e2%22%2C%22graphscope%22%3A%22user.read%22%2C%22graphcodeurl%22%3A%22https%3A%2F%2Flogin.microsoftonline.com%2Fcommon%2Foauth2%2Fv2.0%2Fauthorize%22%2C%22graphredirecturi%22%3A%22https%3A%2F%2Famcdn.msftauth.net%2Fme%2Fcallgraph%22%2C%22graphphotourl%22%3A%22https%3A%2F%2Fgraph.microsoft.com%2Fv1.0%2Fme%2Fphotos%2F96x96%2F%24value%22%7D%2C%22aadUrl%22%3A%22https%3A%2F%2Fmyaccount.microsoft.com%22%2C%22msaUrl%22%3A%22https%3A%2F%2Faccount.microsoft.com%2F%22%2C%22cache%22%3Atrue%7D%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-ca%2Fnews%2Fwebcontent%2Ftoronto-blue-jays-redesign-fourth-of-july-hats-remove-stars%2Fwc-83FDD87802796D9B8A846CAEB03DD489%3Focid%3D**%26cvid%3D**%22%2C%22accts%22%3A%220-0%22%7D%27

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Jul 2022 14:38:15 GMT
X-Content-Type-Options: nosniff
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control: no-cache, no-store
MS-CV: 9phiSboUCUWEk5IERyZaIQ.0
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 ms.shared.analytics-3.1.11.gbl.min.js Show response
js.monitor.azure.com/scripts/c/ 80 KB
29 KB 105ms
9ms Script
text/javascript 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.monitor.azure.com/scripts/c/ms.shared.analytics-3.1.11.gbl.min.js
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/meversion?partner=msnews&market=en-ca
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 532486f86eb4d4423c8bdbabb00c69c942800fbba90d456d8e71210cbac09d9a

Request headers

Referer: https://www.msn.com/
Origin: https://www.msn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:15 GMT
content-encoding: br
x-ms-meta-jssdkver: 3.1.11
last-modified: Wed, 02 Mar 2022 00:34:01 GMT
content-md5: DIZ9SGzozvDW8TjfsqXTcw==
etag: 0x8D9FBE45937B34A
x-azure-ref: 0WLbaYgAAAACRSL7TcYgqSYTzHMUhyS22RlJBMjMxMDUwNDE4MDE3AGYxY2E3M2Q0LTg4ODMtNGNhZi1hYmRjLWZlMmQ1NjdhZmI5Ng==
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 1e09e8d9-501e-003a-6751-9cf20d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-jssdkver,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000, immutable, no-transform
x-ms-version: 2009-09-19

POST
H/1.1 200
OK v1
web.vortex.data.microsoft.com/collect/ 0
0 429ms
107ms Ping
application/json 23.96.225.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.vortex.data.microsoft.com/collect/v1
Requested by: Host: mem.gfx.ms
URL: https://mem.gfx.ms/scripts/me/MeControl/10.22108.2/en-US/meCore.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.96.225.71 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK 1.0 Show response
browser.events.data.msn.com/OneCollector/ 153 B
1 KB 157ms
157ms Fetch
application/json 20.189.173.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.11 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

01b39d8d07a13a8553d7e1bef3fb6b88ccdb195edccc77fafced4b23b2ff9151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 22 Jul 2022 14:38:15 GMT
time-delta-millis: 2266
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://www.msn.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Content-Type: application/json
Access-Control-Allow-Headers: P3P,Set-Cookie,time-delta-millis
Content-Length: 153

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CFB 0
0 66ms
66ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlXwcrmO1orQLcDgPV-G1yeNQ1e2XZqPZiK7aD5sUoYHWjoaltdA-wCDNMnqP0RrQofdqpnthwBz0KkGptgtTGZ-LFbtPfMbgx8Q-4pKelQDeYG86I6Dj3-svDsulooEjq8McYljlgIER9dJcUEOIYRPmDnm-cHeIaBliw1j42rDUDR-LrYjUQxkZ9Mg_FAaBnh6mwFGTKkTEPWxjsRFADKixfcenVhRlm5pYmnMnY1nW5GnzzU5fDXzK-kuNQr0gGcFwuP8Kso0Mw-NOLM8fh90BCL54tFi47BYqSDpigs1bOiQh71aPHAhFDpL5evPfKJSMZVQ&sig=Cg0ArKJSzPCQIYGeShQ9EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.msn.com
URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 22 Jul 2022 14:38:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8CFB 3 KB
1 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2205
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Aug 2022 14:01:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CFB 138 KB
43 KB 513ms
414ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43235
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658317440141293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Jul 2022 14:38:16 GMT

GET
H3 200 4826177540543921101
tpc.googlesyndication.com/simgad/ Frame 8CFB 15 KB
15 KB 129ms
42ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4826177540543921101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1724045044be6ebeadfb0a7aef2fbdef07e9c75855ccc72076474f03f4710e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 17:16:08 GMT
x-content-type-options: nosniff
age: 336128
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15266
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 14:28:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Jul 2023 17:16:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2ED1 13 KB
5 KB 68ms
40ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 8366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 12:18:50 GMT
expires: Sat, 22 Jul 2023 12:18:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8325 783 B
1 KB 130ms
45ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

320ed709ff87964ec3748bbc25caaa1747b7163f818ba1024baca8ddce0892a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8Hsy9JHcqUYdIhmTF9F4vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-8Hsy9JHcqUYdIhmTF9F4vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Jul 2022 14:38:16 GMT
expires: Fri, 22 Jul 2022 14:38:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 202 events
events.getsitectrl.com/api/v1/ Frame 8CFB 0
212 B 299ms
99ms Ping
text/plain 52.86.134.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.getsitectrl.com/api/v1/events?ts=1658500696340&sid=6089961204cc83c9&t=1658500696.573e4d26cbe6548b4066ceeda004083b.4ad795ecc55eb042b6fc33cd59e8039b&s=e566717dca9edcdd1d445e8d53646038
Requested by: Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.05dd8d2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.134.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-134-216.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 22 Jul 2022 14:38:16 GMT
server: Getsitecontrol
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,X-Requested-With
content-length: 0

GET
H3 200 sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2ED1 36 KB
14 KB 110ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sJnbOeR1u3NfD4ifTr6IY70aHZRfr3yKQi-A2m-oHT4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 12:14:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13883
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Jul 2023 12:14:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8325 0
0 356ms
336ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071901&jk=2462427126000773&rc=
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 8CFB 44 KB
44 KB 222ms
39ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sootoday.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 313567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 23:32:09 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2ED1 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zkDptg
Requested by: Host: www.sootoday.com
URL: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 14:38:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CFB 0
0 68ms
67ms Fetch
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-b8GWx5mZkp4tpXclWUJNST2vxfOJN2_spa-9jc2K7kFjecvkFbv90LQcXAC_lry2M_cEwgbNeHEm2ELA06uiipqUaYT06GPdfnVL00UMZkh5bPDuN3AYCzd4xoG6tFnHMct7unVI_3kkvNBlPhNi6ya2lgU_9_orwT5OvADAXO3PG0ZtGt3n1Iw_SLKT01f8QplNPzFhK66XzQFEQjEWMtGiuON6eywbBPsXwxcEZ6IqoDusQBETmnC46M9YMPa3i6u8fDBZz4PMoARkzdsRzPw8HsYLaf6dDy4gyf86DG3Q1eVp1k8U3LX3I9vrJE1D4vXbzoC4&sig=Cg0ArKJSzMvDnmya08rBEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Jul 2022 14:38:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 22 Jul 2022 14:38:16 GMT

GET
DATA 200
OK truncated
/ Frame 8CFB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8237b21cfdd6817eecdf79f2216ac326c5ec3b085dd78877010da0d3e4bdd92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8CFB 0
0 90ms
89ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071901&jk=2462427126000773&bg=!ZmWlZSHNAAacadVKvGk7ACkAdvg8WtvRRZpc1v2I9RY0Vz7z1NyjEiJPJFVigqITLvogmuoAO23j_AIAAACYUgAAAAZoAQcKAKH9Gz8jwtgKUgK7zqEvSL-s7t5VlkOhVGpje-ZFs0yqgy_JWDhLw7FMB7qHOmcWdo6b0FzipVR4E4S0g5hDv800TPWN1z8XFDkRVjORd5uc7LE7uhIWD6JhncMMzHVB6qUosSCoxIbXf5FJpn5jTxHFYkS_QY7IQyMmecrAJuLunr1KP3nhOTDqtnc9jFER_MAM1EEICqHum8GIuqfuBiGzx5kCq3YO0pzLwmuuAacsAz0i6eExRBVsuII7QUWWRIaMuVcBUIwYkIMGXrmDXq14XGtJjYlb1GF4gE-2HK7EBuAy70Y1JRajBgb8NgA4_qNZMVzhv6PWuuSZNNwICVPXC4P2W1qrKJTUOb47Fb7muZrstaBInEUdPDULhyefuiavSISSdqzc-fMgtoY3aYAouQ_OCF5r108KrqiL3wJ8IE80WR7XzUsSn45xm_HncrTYbar55nVxxslnwF0g_LAYicHtzkwE-ikWcWhCEZEdn6_4AcNu4_VzaznY-bf0ERBPUSs0phV1EnKLJgQ6k8MYaqgELIEG0NQCi87z8PjvUeUolBk9_7mpH_3IHbtOtReFvmC-AQj4KLn0UoLxe77s29HTJJ5YIcgZDT-nexLqI8MwbgPc2mDEQ890YoiOZ67AuVQ9voXCfi8_pZiHT8lKv-gCA6NLxle22-gCuZsLlI7mNqyP7vG1abJwjkjSZ5U1pUDQU5Uqt24K7oq2DxmMUy6VZInlcvAAcCIDwU7bHR8oVoUI_qmnNr9UWJxV5XiNqyZuNX3Zh5kRfvz66M-okx3KZguZIOBzffg9LHg2DJhSWpr7s9MIvXA_l9jIz0A-hpuqt_kqexed4irIxb_zPFBu7mr-vFf7ckLHhZOzrjyx3W-muii6n8HW4p0YrDmP5ki2RdlsWFAblZgeTT4KDrbeJaJ9Y40ML1_jE5PQwlDmGoPkAsedjmBz71oGERim14baxOc5jk79d_IO7b9SxYv19SmsfTFt8bIe6mP1cFynoE7lxwfnEJ-zGUjCew5vTePE4_B-EH0Cc5OMzCaJmEHhSb0Di6Yndqw5ow_wdDK3nWVvy7YEBPwW660lgdokKJvm27LJwInEFt4XPfBNsF3iUFAP0aS04j9JCNcu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CFB 42 B
64 B 147ms
71ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurbjWoW7nITfjH9uLjz4gonjADf272a6duQYqnRBWTL8h9Gv_vk86nmIlRiT0WR9Tlxg0Q21NBXzMBlwfCB1jl7tNmWBgreE9S6xF_-GLQZ6uo2a6n&sig=Cg0ArKJSzNS07KsYDbe7EAE&id=lidar2&mcvt=1000&p=0,0,120,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=3&adk=2223898604&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658500691999&rpt=2702&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sootoday.com/national-sports/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars-5518920
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Jul 2022 14:38:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
browser.events.data.microsoft.com/OneCollector/1.0/ 204 B
639 B 501ms
189ms XHR
application/json 20.42.65.89
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.microsoft.com/OneCollector/1.0/?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.11&apikey=b8ffe739c47a401190627519795ca4d2-044a8309-9d4b-430b-9d47-6e87775cbab6-6888&upload-time=1658500696168&time-delta-to-apply-millis=use-collector-delta&w=0

Requested by

Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/c/ms.shared.analytics-3.1.11.gbl.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.42.65.89 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

9e3357177ce8f9a4aad2444b8e89717fca55a9841d4f4f4db31f1fb62cb090dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 22 Jul 2022 14:38:18 GMT
time-delta-millis: 2548
Access-Control-Allow-Methods: POST
Content-Type: application/json
Access-Control-Allow-Origin: https://www.msn.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: time-delta-millis
Content-Length: 204

POST
H/1.1 200
OK 1.0 Show response
browser.events.data.msn.com/OneCollector/ 24 B
950 B 158ms
157ms Fetch
application/json 20.189.173.11
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.1.10&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1658500697644&ext.intweb.msfpc=GUID%3Dbd91513e2524420db1c0ef091d29a03b%26HASH%3Dbd91%26LV%3D202207%26V%3D4%26LU%3D1658500696589&w=0&anoncknm=anon

Requested by

Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.068714f86167eaae8598.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.189.173.11 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.msn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Strict-Transport-Security: max-age=31536000
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 22 Jul 2022 14:38:19 GMT
time-delta-millis: 2261
Access-Control-Allow-Methods: POST
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Access-Control-Allow-Origin: https://www.msn.com
Access-Control-Expose-Headers: time-delta-millis
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: application/json
Access-Control-Allow-Headers: P3P,Set-Cookie,Connection,time-delta-millis
Content-Length: 24

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bing.com
URL: https://www.bing.com/bnc/notifications/count?app=verticalWebcontent&ocid=entnewsntp&pageId=webcontent

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.msn.com/	1970-01-20 22:14:19	Name: USRLOC Value:
.msn.com/	1969-12-31 23:59:59	Name: _EDGE_S Value: F=1
.msn.com/	1970-01-20 14:03:16	Name: _EDGE_V Value: 1
.msn.com/	1970-01-20 14:03:16	Name: MUID Value: 2FACA347D06F6EB92872B2AED15C6F86
www.msn.com/	1970-01-20 13:27:16	Name: MicrosoftApplicationsTelemetryDeviceId Value: 92c32c76-4f79-4d53-826b-af2adf5e225e
www.msn.com/	1970-01-20 04:41:42	Name: ai_session Value: ILyaZg0Gab0KSdM15ruFt1\|1658500691920\|1658500691920
.bing.com/	1970-01-20 14:03:16	Name: MUID Value: 2FACA347D06F6EB92872B2AED15C6F86
.c.bing.com/	1970-01-20 14:03:16	Name: SRM_B Value: 2FACA347D06F6EB92872B2AED15C6F86
.c.bing.com/	1970-01-20 14:03:16	Name: SRM_M Value: 2FACA347D06F6EB92872B2AED15C6F86
.c.msn.com/	1969-12-31 23:59:59	Name: SM Value: C
.c.msn.com/	1970-01-20 04:41:41	Name: ANONCHK Value: 0
.www.sootoday.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: d22aa2959528b999fb5100358c79e900cb5e5551b5396a9237cbaf622ac1828d
login.microsoftonline.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
login.microsoftonline.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
login.microsoftonline.com/	1970-01-20 04:41:40	Name: SSOCOOKIEPULLED Value: 1
login.microsoftonline.com/	1970-01-20 05:24:52	Name: buid Value: 0.AQIAMe_N-B6jSkuT5F9XHpElWqQwtdeAdiNMqL_FLBIdLocBAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrHUksPswxGyAy2VcHntgcBe1BDo8uckIIf1MBQFGDz4twrECkpK2kk2T4qF3ZYzqRyYt_spuVb76BvV-DiU7Qweh9AIhBOf_AMIvWqq2ykNAgAA
login.microsoftonline.com/	1970-01-20 05:24:52	Name: fpc Value: Aiy1sUqtnNJMiDdkerf1hUaSbVEHAQAAAFatbNoOAAAA
.login.microsoftonline.com/	1969-12-31 23:59:59	Name: esctx Value: AQABAAAAAAD--DLA3VO7QrddgJg7WevrUU4E27m8ytLeg8FoMi2PteVcGQ_gdbmLB048G7SmIQ-TF33Wj6ErpDn51KTUZOleQ_48yB4ata4VOBjNTxHbUT70a3Z9FpCDWhTYTH_Omx4hK48WLRz7FTd0sFVaIHJuv1L3vwA2DpYjG1zIElmemAeLLMwMY1hsydV31x3vAJEgAA
.www.sootoday.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: d22aa2959528b999fb5100358c79e900cb5e5551b5396a9237cbaf622ac1828d
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 8e3eb2d000e84c79b098ba82522babf2
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1658500695&co=1
.p.flipp.com/	1970-01-20 22:12:52	Name: gid Value: "1lOOwwALR1Y+gysuELogcw=="
.doubleclick.net/	1970-01-20 14:03:16	Name: IDE Value: AHWqTUkFkVBK1mBFAKsttZ2EMQOImrjv_jEa3T50gbHk4ELTsqmDg3ci-Qpyn8ePLcU
.microsoft.com/	1970-01-20 13:27:16	Name: MC1 Value: GUID=bd91513e2524420db1c0ef091d29a03b&HASH=bd91&LV=202207&V=4&LU=1658500696589
.microsoft.com/	1970-01-20 04:41:42	Name: MS0 Value: 0190a2f160774941bdc3493a8e047137
www.msn.com/	1970-01-20 13:27:16	Name: MSFPC Value: GUID=bd91513e2524420db1c0ef091d29a03b&HASH=bd91&LV=202207&V=4&LU=1658500696589

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	info	URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30 Message: Autofocus processing was blocked because a document already has a focused element.
javascript	error	URL: https://www.msn.com/en-ca/news/webcontent/toronto-blue-jays-redesign-fourth-of-july-hats-remove-stars/wc-83FDD87802796D9B8A846CAEB03DD489?ocid=entnewsntp&cvid=28dec3a1f77746ff837d518020347d30 Message: Access to fetch at 'https://www.bing.com/bnc/notifications/count?app=verticalWebcontent&ocid=entnewsntp&pageId=webcontent' from origin 'https://www.msn.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.bing.com/bnc/notifications/count?app=verticalWebcontent&ocid=entnewsntp&pageId=webcontent Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss: 'report-sample';font-src 'self' data: https: blob: wss: assets.msn.com assets.msn.cn;frame-ancestors 'self' ntp.msn.com windows.msn.com int1.msn.com windows-int1.msn.com ntp.msn.cn windows.msn.cn;media-src 'self' https: blob:;report-to csp-endpoint;worker-src 'self' https: blob: 'report-sample';
Strict-Transport-Security	max-age=1209600; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

72b366b527e947c07365712e9fcdc3b3.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
assets.msn.com
browser.events.data.microsoft.com
browser.events.data.msn.com
c.bing.com
c.msn.com
cdn-gateflipp.flippback.com
events.getsitectrl.com
fonts.googleapis.com
fonts.gstatic.com
gateflipp.flippback.com
graph.facebook.com
imasdk.googleapis.com
img-s-msn-com.akamaized.net
js.monitor.azure.com
l.getsitecontrol.com
login.live.com
login.microsoftonline.com
m2.getsitecontrol.com
mem.gfx.ms
p.flipp.com
pagead2.googlesyndication.com
pubads.g.doubleclick.net
s2.getsitecontrol.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
web.vortex.data.microsoft.com
www.bing.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.msn.com
www.sootoday.com
www.vmcdn.ca
www.bing.com
108.157.4.79
13.32.121.21
131.253.33.203
138.199.37.230
142.250.185.98
18.66.112.122
18.66.112.46
20.189.173.11
20.234.93.27
20.42.65.89
20.49.104.7
23.36.163.109
23.96.225.71
2620:1ec:40::45
2620:1ec:49::45
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::200a
2a00:1450:400e:80f::200a
2a02:26f0:480:3::210:ee90
2a03:2880:f01c:800e:face:b00c:0:2
3.230.107.219
40.126.32.136
40.126.32.138
52.86.134.216
84.17.46.54
01844a80ee1cea97f19777121ecacbb6d1294dec2fd30e0c1890c8054ffbfa1c
01b39d8d07a13a8553d7e1bef3fb6b88ccdb195edccc77fafced4b23b2ff9151
06e3e7b490f22cfd0dae8a8667cd2171682be7c0e27576d0ffda1b32ed3efd85
08304edc90b3665ac92f1123d902972518b9451cd53e1088a711383f48ac4a17
0a434f26bbfd6cf67b07c2f9339b8d26668792dbc7080fa029c9589a048fb86a
0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9
0b44936cf74da9825fcc0286da709c1dedea36ba80f5c0e70bd0b95499e16bb7
0b6d8e8c7a51c12b33bf99ef7ceb7b60e3ea92aa456cc1fe9f6b4441073c25c7
0d7e9c8ccf78dc7a6bce5401902f673f946a5ea6c55e4c2b09e90b05525e34f3
1292a3eead7170f1d080337cc6e89e06244baa7ad853f37058ef3962669bd74c
1461ca0257b0db4bc024345e2c52299e843e3a09953f8b46198fd855b15f200e
1621f5125b67179970e7ab6a21d7d60b04effea3c4d2ba5f1dcc20fa0e522ca7
16f07b55e264a3be3c0d982d52581d7115ad01ec1ffc108d175c8474b694e1c6
1724045044be6ebeadfb0a7aef2fbdef07e9c75855ccc72076474f03f4710e95
17a05825547972d12945fa28174979353ab80b4dc79ce6c352510fa9da71940c
188df729bbd2d1cec1dd45a1e119a8073526217268f8451640d230a94e5a1fe6
19ba9986bbcf00aeb9fdeb256102386e0f779ad9e21c7412120a587390c10f33
1a627b8d6c0efe226854550d06c2e143efdc0d2c60f0258510fd091b2b1c6665
1c179937a03e2d7b532a49ab13597027985ecf393b0480807732cb89e9f472ed
1ee3ef3db4113847c3ce1ef617901dca7cbfba9593f17c21560e262911e714c9
2221a53a73c00a72d0441a1be01d0972f15468ca29e6295d92287012ae94fdd4
254fd27c36e073f89ef5961a63316c877148fa78dbf20e612fb3fc1dbc3af906
256df061c262c1f1daaafab04edf15993728da544e58bd6b57e82f29c1c74c99
27843622978e789dbb467ff033166d5cad40e3f8c6a12b5a1404d235b832309a
2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3104f60df1cafd1398f57b715067461849cc361e872f1b83a55146616a58a4c8
320ed709ff87964ec3748bbc25caaa1747b7163f818ba1024baca8ddce0892a2
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
32a67c6a17ade0c65da81012f334f3e36914804e0aa84d2565cc2961a24bbb4f
3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458
349aa0c6c5693488138201bf51d554c8ef885d65346fe130361b4fd354dc4055
34e5b3f77b75f5401d202f455b255a1f974f83a2a8ef027e4afa6e08cb54c3b6
36ab0d4d9fe092d42d756dbc0afe941434f0561609a43ef22c0b3ed7fa060007
3716d783db4ce9e90de0fda7b5e4a81679a2590c633378b64590066ee6d6eaec
388e26cda19e2f817b4e720449e65d67a24dce0a674afddae256ed7ee9a6667d
38f619de6d4337e8b64bc7a0f4e3b8442a5ba4139afe7fbc46077737d3e0f860
3c76b41c05c39528b76473b26a8939e5daaf53de741945b2d62b2f18c4eb74e5
3d108ffef6e8b8adf05fa7720e109ee115a1651075705c724aca770d2814b392
3d97b9614abf040862324b5339dcef55b990e03f448345fafe55a50a3e800d62
446d2f19fc949fb92f7568d50a4f3727f8001f9df221af11ee7a7ed17a3e29f0
4ad2c33946a64961fc97d9785d565098943cfc0b122e809fe6c7e2353ca11b01
4bbada45fd68ad952c7630330f2a543b374aa0dff02b612ed8637b09b6cef8ae
4d74c6ffc7b9d5f5194b9f65adf94b2f29354a59e643eddf61fb6e206e108096
50eda4cff9320031d5c76f5b1c3691a9f58c0dee769b660e87a798bb4f093646
532486f86eb4d4423c8bdbabb00c69c942800fbba90d456d8e71210cbac09d9a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55dc9ce0a11440a75dc85edc158628ea21aed501992b0f9bd744f1a4d31a2a3d
5610226e0bc7f1a0ae11254a35d7e058ae18ead411eb6d5b2331ccbcba8e9359
57b7587c1e8a8c732e3b7ff4914c828cc00fdf1521f7bde94e90051cefc200e6
57ee7617ff9d86b6a1fc9674a3ff3515ed0bd69ea1f6a0f477009e30ad38db9e
5da5d72996b6aecafd3cbfc439b75a40e12a3ab88b51cb3b7193a1d41f203990
5fd2898712f0305ac843548aedeb3883081a5cbaf4c4332a874bc18d578e69bd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6800c389b5182aacd1b5bc1e0ed769d535b443f3c6a4b07b472d992b778e0ab4
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
68a4f36943a3902d7495b50ee172d842634f328cf86c11564707a167a5050ad9
68fdf300a2b1a6cf7f2eaa3c20df29cf24ad5b1e2ba5a6ca154f504c891b2327
693651ac6c31b07b192c4393b778473c86ccc185c44b547813cf250841b31540
6a2b63314fe802f4c69831fa2cdc5207c6b4ebf6f795d0e2ed4efb57ca765645
6b9ea7bdb8fdb3c7eea8d5ece50ed03e99f4e4fe4db45c66450d6d172e5c045b
6cc0406d43897cabe86bff1dae5bb45bbd9dc6dba16663194ee73990e41abfe2
6fa3c7cceb48d715c9f57e43dcb53eeadca3f82c47df20bec920e5612a8f3fb3
7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915
782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d
785d653df2645599aae40b2bdb678026626afaa365b1fd2819d45d956fab8983
7a813fdf935479399d992e06ea5f99c8e29a52e17cb1781c5a27835ce41c4f19
7a886d66247bc3fe0ef3f5ace6d6c84496c7792d78c1e6a8120be0bc76cb971a
7b4efbc54fb4fd7cd1bc2e396882284662607158730226b364b47b56a0d9655d
7d271f7dccc35e4159b33bdbce0f1b3acc0dfc33d4e4ea0132f109babe40048e
7e6d03cc3d9a0c0fdfb4fe0146cdaa530b75eaa57e89f938b5f6829b548cec50
80727dfc65d83379c73caa9a65b9146c17094a4cbae05b09eb97ae2bd74dd30e
8204b9f8b68e51a0a5c28a8ce1451b66de7ff68307588e59a53a3b5ff3d5df2f
84557be6bb3e730ec5cadf39ea55a6220f374884444dca2037b21fed8739dab5
89d15307cdbe1f676402baa783adbfdba688ec42cc165dc5861ff096d9550258
8a7f36937f5092d31762e184714852d2cc1d950193fedc70a86552f01bf0f2fc
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e3981bb97fb406d909107c2cd73d9bf46ed01fa1a200834f5d32d05ef334afb
916d21fcfc750f2b3d3dbfdf8914ec67bd28be0109a5a2a4a6a6ff28efee5300
922ecd7519e4537a6517defbd1428b5de3760fe52dfda7d558d66bec33e1b2e7
97100f2bbc9e508061910e790adbd454c5b961f2db3c352263eeebd9d5c59403
97406dc49eefe5a732ed1072eeb2da91710e00ddd705f5a2d34ac16da1f6c5c7
98504659bdc49478c45d9991089ccbb57502435268039db2063ae14cb739d4ce
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d33d5277ae159be8363ae8316dbaee0673ef1ab2684b7612c98ecb113e0294b
9e3357177ce8f9a4aad2444b8e89717fca55a9841d4f4f4db31f1fb62cb090dc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a36e3b5c7e78a4118802a6574d3d41b455681950334b24dc2067fbf2ec886c94
a3b19ed468a54ebbf64023ccc2d6e3bd7bcf368b59d9181471f9dd26d81ab706
a407bad2c5c1c6331c406392e74465bca0603fb1040b476e6592fe6fd4a56faf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7f5282cabbf7963811f21d108990cb61c5ded048d010ab13c1263b328de94e1
a8237b21cfdd6817eecdf79f2216ac326c5ec3b085dd78877010da0d3e4bdd92
a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779
a9f48e1c7e7b876c2b3d90a86be4d49341ab51a37c9c6efd2f1dc23f8e43004e
ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d
ae40df96e10d7d79baffb8553dbb54ebf6da9ae7f7b18da0568f064c9721de8e
ae79e2f790372eaaf6d350bfa37f6477d780ed02ffe0804c333b4ab705dbbaea
afc4759aa1ead362c4c11504fa1e71f6fc81c5d3d1b4dd6416215d335d65ad74
afd588d7d1c94d797ef932006d524de973f6fc54556e62f0f340412c87f99d58
b099db39e475bb735f0f889f4ebe8863bd1a1d945faf7c8a422f80da6fa81d3e
b3b55c7cfb22c4e7bbe39665bfeddc75b9e6ef90f483486e349e0ef042b448d6
b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2
b9286d8583f436b9e0e0881b91f402cf837623702de969f0c20501ad2c31e164
bb83e6c7cf4aa041bcc51c81777e0e24484164c096c675bc0c8728f507eb943f
bd7c1c14906bd237be9dc60260be6ec2e2f3e93584dc67e62159cdd13bde5834
c3856672b5e1a4711d5254ffb7b5d593712061fae83cf9290c4a2655a84da5da
c4560bf82919e7f25eafccb9756ee3d46d4748573fcaed0fe3acb060308740c7
c45868384dfd77121a6d62ba32304628c211fdc6d471cb985348d731890b6e96
c78816806df89838631119951f58d5fcd4d501cb284968c964b72f5a29f5b86d
c987d72c0e72f1654a7a25f8eff868704cfd2bf7bb0105165d55fced38e86906
c9bd52ecd38bf9093c7a257a069d08cf03dab816d8da5c1a4f0eced0d9b1ee79
ca7ee6d75a89f45f4573c35b27a39596e1f63a48fe74b21993ea8ec8e86ffdd0
d09942fe08fc2bee9b563f04706f3dbd4276e2b10106b34864d49daa0124d81b
d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092
d25cb34ff9dfb4fac931d5eac079362b57c28ff6bc56260e7eef1c431691db42
d39141ffdb7ac369d4543841aa9c6b58acaba1dbc987fc75421847b54ac5d20d
d4626a22c2af8c95f8143af91c42fac2242da36ef36139912f72c2d85d373482
d7650208e2a5e4d5fea9b849e836d6f7fd4641504f2a9318bae68964400c8dde
d8d3b0cdceac5e8910adc3bd2c1d62e53e051c1ed867148834abaa37d5a8c10d
daa019d9a018e5a5412653b11d0bb8a4b40b344e37fbdca9291f40e84033053a
dba6ea9ecb296ddd7d0c150a586fe6949b8f79fc8026db799723690ac9aa36bf
dfacc28b68125a3ebab167bc626adad84ab00dc28a1823550fdedcc03607941b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e495b1b79d0ed332a3267aef04f5e7d1ddcbf9dd4c5792a0b33890228f66a6e1
e5ebe3a8a94417564e6d23c3f40b73a662bbe29932231dcf1757294cb337d95a
e787b59c992de042598a3773b1e1e576bcf837606c2cca9185e9e27700214a32
ea9052b9746498f060de82c210985ee8d12f8e793984cd9ac9e6164f1b9f64fe
ec1579214a31e060cfd8f1a7c761fa0f66abb87cb4446e28d874af623b4b3711
ed351bd5d6c5a1bac019d6de01bfb226a841fb6068b5a1efa84d3f33bd86b891
ee2b841529e5d06aeae7f65b413b40bbfef5161c9fad9a8a1755dac03806291b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2a3646aa3443053f614db99a4ab17333fc2a5db016f8106e916df7a7236eb5d
f463580c98fd336d4e69e7dca36cf345a81a5e402f61d9f870eae9d8c4e59de9
f771e9815a2ff4435818ea19cb399cf599b4c68b7d6c5440809ae4e6fc947266
fbe9dbce40ed3e6b81b110286829af4d008d7688181b54424503cd0375083172
fbffe5b8e4fc94a46d59eef975940d3f9b9e11c7b913fe6fcd75f25855dcf8e9
fe9feaaac98dcbb591632785fe3d7434bc14fac70a347120b9e30f956cc85d5e
fee0a56410ea85436007d75ded6564ea2a516375de6ea6d718b7e548558677fe
ff78992842fe38cd0f8a8e7a685796c972f43c6f30453df5caf1686a8f9c15ff

www.msn.com Open in urlscan Pro 131.253.33.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

150 Requests

98 %HTTPS

45 %IPv6

24 Domains

37 Subdomains

34 IPs

4 Countries

3014 kBTransfer

9606 kBSize

27 Cookies

3 Outgoing links

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.msn.com Open in urlscan Pro
131.253.33.203 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

98 %
HTTPS

45 %
IPv6

24
Domains

37
Subdomains

34
IPs

4
Countries

3014 kB
Transfer

9606 kB
Size

27
Cookies

150 HTTP transactions
8 data transactions