www.msn.com Open in urlscan Pro
204.79.197.203  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

• https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us HTTP 301
• https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg

Request Chain 14

• https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png HTTP 302
• https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png

Request Chain 15

• https://c.msn.com/c.gif?udc=true&rid=9d80a75714e74f7bbb159f5536538334&rnd=637649434052263925&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252FWeather%252Fplaces%253Fru%253D%25252Fen-us%25252Fweather%25252Ftoday&di=452&lng=en-us&activityId=9d80a75714e74f7bbb159f5536538334&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=weatherplaces&st.sdpt=&subcvs=weather&pg.n=weatherplaces&pg.t=custcol&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0 HTTP 302
• https://c.bing.com/c.gif?udc=true&rid=9d80a75714e74f7bbb159f5536538334&rnd=637649434052263925&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252FWeather%252Fplaces%253Fru%253D%25252Fen-us%25252Fweather%25252Ftoday&di=452&lng=en-us&activityId=9d80a75714e74f7bbb159f5536538334&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=weatherplaces&st.sdpt=&subcvs=weather&pg.n=weatherplaces&pg.t=custcol&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=AE05235A04894CB29954E464C13DDF1E&RedC=c.msn.com&MXFR=3E2DBEC61CB16DD438CCAE5E1DDA6C2D HTTP 302
• https://c.msn.com/c.gif?udc=true&rid=9d80a75714e74f7bbb159f5536538334&rnd=637649434052263925&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252FWeather%252Fplaces%253Fru%253D%25252Fen-us%25252Fweather%25252Ftoday&di=452&lng=en-us&activityId=9d80a75714e74f7bbb159f5536538334&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=weatherplaces&st.sdpt=&subcvs=weather&pg.n=weatherplaces&pg.t=custcol&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=AE05235A04894CB29954E464C13DDF1E&MUID=3E2DBEC61CB16DD438CCAE5E1DDA6C2D

Request Chain 16

• https://www.bizographics.com/collect/?fmt=gif&pid=7850 HTTP 301
• https://px.ads.linkedin.com/collect?fmt=gif&pid=7850 HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Ffmt%3Dgif%26pid%3D7850%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQKL6fdQhieuuQAAAXtcoDE8n3uOHdtW97j2LUMiPiyuQBl9nZFgIgWnOCoDT7srNWjywo2W

Request Chain 17

• https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1629346605&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2fweather%2fsecure%2fsilentpassport%3fsecure%3dtrue&lc=1033&id=1184&mkt=en-us HTTP 302
• https://www.msn.com/en-us/weather/secure/silentpassport?secure=true&lc=1033

Request Chain 18

• https://eb2.3lift.com/mapuid?suid=3E2DBEC61CB16DD438CCAE5E1DDA6C2D&sid=16 HTTP 302
• https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=

Request Chain 20

• https://sb.scorecardresearch.com/b?c1=2&c2=3000001&cs_ucfr=1&rn=1629346606016&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fweather%2Fplaces%3Fru%3D%252Fen-us%252Fweather%252Ftoday&c8=My+Places+-+MSN+Weather&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1629346606016&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fweather%2Fplaces%3Fru%3D%252Fen-us%252Fweather%252Ftoday&c8=My%20Places%20-%20MSN%20Weather&c9=

Request Chain 34

• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
• https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG3uPrqrP3FZt3y1iyI_twk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 35

• https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjY3MTc0MjM3NDU5MDkyMTc3OA%3D%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjY3MTc0MjM3NDU5MDkyMTc3OA%3D%3D&google_tc=

Request Chain 37

• https://pr-bh.ybp.yahoo.com/sync/triplelift/6671742374590921778?gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=2662&xuid=y-Jdl6IPFE2oQKvLsvuHa6DQ4ItV3KhEkYEfpnH2E5KA--~A&dongle=0883

Request Chain 38

• https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
• https://eb2.3lift.com/xuid?mid=3335&xuid=679804040051785204&dongle=4d58&gdpr=1&gdpr_consent=

Request Chain 39

• https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=6671742374590921778 HTTP 302
• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6671742374590921778&dcc=t

Request Chain 40

• https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
• https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=

Request Chain 52

• https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us HTTP 301
• https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg

Request Chain 53

• https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png HTTP 302
• https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png

Request Chain 68

• https://ib.adnxs.com/async_usersync_file HTTP 302
• https://acdn.adnxs.com/dmp/async_usersync.html

Request Chain 77

• https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
• https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 89

• https://c.bing.com/c.gif?Red3=MSOATH_pd HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/msn/313CA79D12F8622F385AB705132A6318

Request Chain 91

• https://cm.mgid.com/m?cdsp=516415&c=&mode=inverse HTTP 301
• https://x.bidswitch.net/sync?ssp=mgid HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
• https://cm.mgid.com/m?cdsp=433145&c=8cb8f96b-fbf4-4d1b-88e1-82927b51cb80&gdpr=&gdpr_consent=&us_privacy=

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request places Show response www.msn.com/en-us/weather/	112 KB 36 KB	161ms 143ms	Document text/html	204.79.197.203 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0003.a-msedge.net Software / ASP.NET Resource Hash 61c3b6ecd412e93220f0587365ca0535c823a9ba3439f97545869caa08f4f535 Security Headers Name Value Content-Security-Policy default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; Strict-Transport-Security max-age=1209600; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers :method GET :authority www.msn.com :scheme https :path /en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cache-control no-cache, no-store, no-transform pragma no-cache content-length 35155 content-type text/html; charset=utf-8 content-encoding gzip expires -1 vary User-Agent set-cookie PreferencesMsn=eyJFeHBpcnlUaW1lIjo2Mzc5NjQ3OTQwNTIyNjM5MjUsIlZlcnNpb24iOjF90; domain=msn.com; expires=Fri, 19-Aug-2022 04:16:45 GMT; path=/; HttpOnly anoncknm=; domain=msn.com; path=/; secure; HttpOnly _EDGE_S=F=1; path=/; httponly; domain=msn.com _EDGE_V=1; path=/; httponly; expires=Tue, 13-Sep-2022 04:16:45 GMT; domain=msn.com MUID=3E2DBEC61CB16DD438CCAE5E1DDA6C2D; samesite=none; path=/; secure; expires=Tue, 13-Sep-2022 04:16:45 GMT; domain=msn.com access-control-allow-origin * x-aspnetmvc-version 5.2 x-appversion 20210817_23350340 x-activity-id 9d80a757-14e7-4f7b-bb15-9f5536538334 x-az {did:94e2fb0a928b472cad8f07b58097c1b4, rid: 22, sn: neurope-prod-entertainment, dt: 2021-08-10T08:53:02.7591702Z, bt: 2021-08-17T00:13:43.6142827Z} nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} strict-transport-security max-age=1209600; includeSubDomains; preload content-security-policy default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; x-ua-compatible IE=Edge;chrome=1 x-content-type-options nosniff x-frame-options SAMEORIGIN x-powered-by ASP.NET access-control-allow-methods HEAD,GET,OPTIONS x-xss-protection 1 x-cache CONFIG_NOCACHE x-msedge-ref Ref A: 9D80A75714E74F7BBB159F5536538334 Ref B: FRAEDGE1512 Ref C: 2021-08-19T04:16:45Z date Thu, 19 Aug 2021 04:16:44 GMT
GET H/1.1	200 OK	f77b07.woff2 static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/	24 KB 24 KB	99ms 25ms	Font application/font-woff2	2.16.186.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/f77b07.woff2 Requested by Host: www.msn.com URL: https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-42.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b Security Headers Name Value X-Xss-Protection 1 Request headers Origin https://www.msn.com Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:45 GMT Last-Modified Tue, 20 Apr 2021 02:08:50 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0a5ac1a8a35d71:0" Access-Control-Allow-Methods HEAD,GET,OPTIONS Content-Type application/font-woff2 Access-Control-Allow-Origin * Cache-Control max-age=21391950 Connection keep-alive Accept-Ranges bytes Content-Length 24428 X-XSS-Protection 1
GET H/1.1	200 OK	92-ee2cf0-7e1f85ec static-entertainment-neu-s-msn-com.akamaized.net/en-us/Weather/_sc/css/d7cb56b9-db4f8135/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/9b-c89214-3c700faa/eb-7b3dd1-ea645cf0/ca-9c582f-491...	139 KB 23 KB	251ms 185ms	Stylesheet text/css	2.16.186.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/Weather/_sc/css/d7cb56b9-db4f8135/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/9b-c89214-3c700faa/eb-7b3dd1-ea645cf0/ca-9c582f-491caa4c/60-a25ca6-273ab94b/6d-d28706-89d4ac68/95-f7269e-b3862f50/8b-cc6783-71e56eef/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/f5-5c0439-33c51778/41-6ebf07-e3adf6f7/14-4010e0-bc6e92da/8a-ac1024-eb5d7a7/92-ee2cf0-7e1f85ec?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Requested by Host: www.msn.com URL: https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-42.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 635350f9be087039fddaa202f32af4fe3665425260858c8936403bd4b386f66c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:45 GMT Content-Encoding gzip X-Content-Type-Options nosniff nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} X-S2 2021-08-19T04:16:45 X-Powered-By ASP.NET X-Activity-Id 00000000-ca5f-4366-9201-b368fe907569 Connection keep-alive Vary User-Agent,Accept-Encoding Content-Length 21981 X-XSS-Protection 1 X-AspNetMvc-Version 5.2 Last-Modified Thu, 19 Aug 2021 04:16:45 GMT Server Microsoft-IIS/8.5 X-Az {did:94e2fb0a928b472cad8f07b58097c1b4, rid: 13, sn: neurope-prod-entertainment, dt: 2021-08-10T08:52:56.7365867Z, bt: 2021-08-17T00:13:43.6142827Z} X-FRAME-OPTIONS SAMEORIGIN X-S1 2021-08-19T04:16:45 Access-Control-Allow-Methods HEAD,GET,OPTIONS Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, no-transform, max-age=31535949 report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} Timing-Allow-Origin * X-AppVersion 20210817_23350340 Expires Fri, 19 Aug 2022 04:15:54 GMT
GET H2	200	js Show response jill.fc.yahoo.com/v1/client/msft/	244 B 571 B	27ms 7ms	Script application/javascript	2a00:1288:80:800::7001 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://jill.fc.yahoo.com/v1/client/msft/js Requested by Host: www.msn.com URL: https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 3b16459f5fe6cd858ea2f26c4eb246e9ab3ae6fdf5e4e326e083b41bfb8ae71b Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:14:57 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade server ATS age 108 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-xss-protection 1; mode=block cache-control max-age=900, s-maxage=900 x-robots-tag noindex, noarchive, nosnippet, nofollow content-length 191 x-content-type-options nosniff x-request-id 26aab3d721e7ad00a45aa363c121efefa11769
GET H2	200	jquery-2.1.1.min.js Show response static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/	82 KB 30 KB	47ms 6ms	Script application/javascript	2a02:26f0:6c00::210:ba23 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js Requested by Host: www.msn.com URL: https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Microsoft-IIS/8.5 / ASP.NET Resource Hash b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Origin https://www.msn.com Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:45 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} x-powered-by ASP.NET x-activity-id 00000000-5433-4ab2-a043-921b06cb8132 content-length 29575 x-xss-protection 1 x-aspnetmvc-version 5.2 last-modified Thu, 17 Dec 2020 22:10:38 GMT server Microsoft-IIS/8.5 x-az {did:951b20c4cd6d42d29795c846b4755d88, rid: 0, sn: neurope-prod-hp, dt: 2020-12-17T21:52:48.8297024Z, bt: 2020-12-17T01:18:28.2032433Z} x-frame-options SAMEORIGIN vary Accept-Encoding access-control-allow-methods HEAD,GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control public, max-age=10432420 report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} x-appversion 20201216_29807887 expires Fri, 17 Dec 2021 22:10:25 GMT
GET H/1.1	200 OK	64-53291c-68ddb2ab Show response static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599...	282 KB 94 KB	356ms 355ms	Script text/javascript	2.16.186.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Requested by Host: www.msn.com URL: https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-42.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 84ba824bd37be5baa74a262c016c244c54101bf302a05565a1d3a09d2789af4b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Origin https://www.msn.com Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:45 GMT Content-Encoding gzip X-Content-Type-Options nosniff nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} X-S2 2021-08-19T04:16:45 X-Powered-By ASP.NET Transfer-Encoding chunked X-Activity-Id 00000000-6dd5-4724-a6e6-6c4e1a2ccb66 Connection keep-alive, Transfer-Encoding Vary User-Agent,Accept-Encoding X-XSS-Protection 1 X-AspNetMvc-Version 5.2 Last-Modified Thu, 19 Aug 2021 04:16:45 GMT Server Microsoft-IIS/8.5 X-Az {did:94e2fb0a928b472cad8f07b58097c1b4, rid: 5, sn: neurope-prod-entertainment, dt: 2021-08-10T07:11:17.7745814Z, bt: 2021-08-17T00:13:43.6142827Z} X-FRAME-OPTIONS SAMEORIGIN X-S1 2021-08-19T04:16:45 Access-Control-Allow-Methods HEAD,GET,OPTIONS Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, no-transform, max-age=31536000 report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} Timing-Allow-Origin * X-AppVersion 20210817_23350340 Expires Fri, 19 Aug 2022 04:16:45 GMT
GET H/1.1	200 OK	59e092.woff2 static-entertainment-neu-s-msn-com.akamaized.net/sc/65/	21 KB 21 KB	60ms 25ms	Font application/font-woff2	2.16.186.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static-entertainment-neu-s-msn-com.akamaized.net/sc/65/59e092.woff2 Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/Weather/_sc/css/d7cb56b9-db4f8135/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/9b-c89214-3c700faa/eb-7b3dd1-ea645cf0/ca-9c582f-491caa4c/60-a25ca6-273ab94b/6d-d28706-89d4ac68/95-f7269e-b3862f50/8b-cc6783-71e56eef/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/f5-5c0439-33c51778/41-6ebf07-e3adf6f7/14-4010e0-bc6e92da/8a-ac1024-eb5d7a7/92-ee2cf0-7e1f85ec?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-42.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 992564f1bcfe51937d23e7568089aa84e71aadb2e0944814a52ea887116ffb36 Security Headers Name Value X-Xss-Protection 1 Request headers Origin https://www.msn.com Referer https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/Weather/_sc/css/d7cb56b9-db4f8135/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/9b-c89214-3c700faa/eb-7b3dd1-ea645cf0/ca-9c582f-491caa4c/60-a25ca6-273ab94b/6d-d28706-89d4ac68/95-f7269e-b3862f50/8b-cc6783-71e56eef/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/f5-5c0439-33c51778/41-6ebf07-e3adf6f7/14-4010e0-bc6e92da/8a-ac1024-eb5d7a7/92-ee2cf0-7e1f85ec?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:45 GMT Last-Modified Tue, 20 Apr 2021 02:08:50 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0a5ac1a8a35d71:0" Access-Control-Allow-Methods HEAD,GET,OPTIONS Content-Type application/font-woff2 Access-Control-Allow-Origin * Cache-Control max-age=21542960 Connection keep-alive Accept-Ranges bytes Content-Length 21096 X-XSS-Protection 1
GET H/1.1	200 OK	e383e0.woff2 static-entertainment-neu-s-msn-com.akamaized.net/sc/91/	6 KB 6 KB	55ms 20ms	Font application/font-woff2	2.16.186.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static-entertainment-neu-s-msn-com.akamaized.net/sc/91/e383e0.woff2 Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/Weather/_sc/css/d7cb56b9-db4f8135/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/9b-c89214-3c700faa/eb-7b3dd1-ea645cf0/ca-9c582f-491caa4c/60-a25ca6-273ab94b/6d-d28706-89d4ac68/95-f7269e-b3862f50/8b-cc6783-71e56eef/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/f5-5c0439-33c51778/41-6ebf07-e3adf6f7/14-4010e0-bc6e92da/8a-ac1024-eb5d7a7/92-ee2cf0-7e1f85ec?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-42.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 5386e2d36f0e037aa5174c444f63538df0f7c155f2d520426ab4121233160916 Security Headers Name Value X-Xss-Protection 1 Request headers Origin https://www.msn.com Referer https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/Weather/_sc/css/d7cb56b9-db4f8135/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/9b-c89214-3c700faa/eb-7b3dd1-ea645cf0/ca-9c582f-491caa4c/60-a25ca6-273ab94b/6d-d28706-89d4ac68/95-f7269e-b3862f50/8b-cc6783-71e56eef/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/f5-5c0439-33c51778/41-6ebf07-e3adf6f7/14-4010e0-bc6e92da/8a-ac1024-eb5d7a7/92-ee2cf0-7e1f85ec?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:45 GMT Last-Modified Fri, 18 Dec 2020 23:27:44 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "098e46295d5d61:0" Access-Control-Allow-Methods HEAD,GET,OPTIONS Content-Type application/font-woff2 Access-Control-Allow-Origin * Cache-Control max-age=10930164 Connection keep-alive Accept-Ranges bytes Content-Length 6128 X-XSS-Protection 1
GET H/1.1	200 OK	566d09.woff2 static-entertainment-neu-s-msn-com.akamaized.net/sc/57/	25 KB 26 KB	78ms 30ms	Font application/font-woff2	2.16.186.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static-entertainment-neu-s-msn-com.akamaized.net/sc/57/566d09.woff2 Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/Weather/_sc/css/d7cb56b9-db4f8135/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/9b-c89214-3c700faa/eb-7b3dd1-ea645cf0/ca-9c582f-491caa4c/60-a25ca6-273ab94b/6d-d28706-89d4ac68/95-f7269e-b3862f50/8b-cc6783-71e56eef/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/f5-5c0439-33c51778/41-6ebf07-e3adf6f7/14-4010e0-bc6e92da/8a-ac1024-eb5d7a7/92-ee2cf0-7e1f85ec?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-42.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733 Security Headers Name Value X-Xss-Protection 1 Request headers Origin https://www.msn.com Referer https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/Weather/_sc/css/d7cb56b9-db4f8135/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/9b-c89214-3c700faa/eb-7b3dd1-ea645cf0/ca-9c582f-491caa4c/60-a25ca6-273ab94b/6d-d28706-89d4ac68/95-f7269e-b3862f50/8b-cc6783-71e56eef/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/f5-5c0439-33c51778/41-6ebf07-e3adf6f7/14-4010e0-bc6e92da/8a-ac1024-eb5d7a7/92-ee2cf0-7e1f85ec?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:45 GMT Last-Modified Tue, 15 Sep 2020 23:50:22 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0737ef9ba8bd61:0" Access-Control-Allow-Methods HEAD,GET,OPTIONS Content-Type application/font-woff2 Access-Control-Allow-Origin * Cache-Control max-age=3594033 Connection keep-alive Accept-Ranges bytes Content-Length 25760 X-XSS-Protection 1
GET H2	200	jac.js Show response jac.yahoosandbox.com/0.7.2/	139 KB 36 KB	20ms 6ms	Script application/javascript	2a00:1288:80:800::7001 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://jac.yahoosandbox.com/0.7.2/jac.js Requested by Host: jill.fc.yahoo.com URL: https://jill.fc.yahoo.com/v1/client/msft/js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 80ddd620de6d2982d76ac2e9a1a17a70041a23225990d1669f3c77534502e4d2 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 04:33:05 GMT content-encoding gzip x-content-type-options nosniff age 85422 x-amz-server-side-encryption AES256 vary Accept-Encoding content-length 35932 x-amz-id-2 HDSSD42AHpLKNOOLskEoGwQa2Ezvq7LnnjvnnSNzMeuDFV3tLX1rG1Clixb/APcb/ihAGrbYKH8= referrer-policy no-referrer-when-downgrade last-modified Tue, 13 Jul 2021 14:50:34 GMT server ATS etag "27216f91f826d09f5b899ee50c9b9e1f-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 x-amz-request-id G704PT6ENFJJP0GP x-xss-protection 1; mode=block cache-control max-age=31536000,s-maxage=31536000 accept-ranges bytes content-type application/javascript
GET H/1.1	200 OK	c19270.woff2 static-entertainment-neu-s-msn-com.akamaized.net/sc/e8/	22 KB 22 KB	26ms 20ms	Font application/font-woff2	2.16.186.42 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://static-entertainment-neu-s-msn-com.akamaized.net/sc/e8/c19270.woff2 Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/Weather/_sc/css/d7cb56b9-db4f8135/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/9b-c89214-3c700faa/eb-7b3dd1-ea645cf0/ca-9c582f-491caa4c/60-a25ca6-273ab94b/6d-d28706-89d4ac68/95-f7269e-b3862f50/8b-cc6783-71e56eef/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/f5-5c0439-33c51778/41-6ebf07-e3adf6f7/14-4010e0-bc6e92da/8a-ac1024-eb5d7a7/92-ee2cf0-7e1f85ec?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.186.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-42.deploy.static.akamaitechnologies.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 86e2cec61725378e8debf1606ecaa4f89b8299ecebbc851cd4ecc9694356f041 Security Headers Name Value X-Xss-Protection 1 Request headers Origin https://www.msn.com Referer https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/Weather/_sc/css/d7cb56b9-db4f8135/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/9b-c89214-3c700faa/eb-7b3dd1-ea645cf0/ca-9c582f-491caa4c/60-a25ca6-273ab94b/6d-d28706-89d4ac68/95-f7269e-b3862f50/8b-cc6783-71e56eef/31-d818fe-ac5c2fc8/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/f5-5c0439-33c51778/41-6ebf07-e3adf6f7/14-4010e0-bc6e92da/8a-ac1024-eb5d7a7/92-ee2cf0-7e1f85ec?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:45 GMT Last-Modified Wed, 03 Mar 2021 01:26:10 GMT Server Microsoft-IIS/8.5 X-Powered-By ASP.NET ETag "0a5f730ccfd71:0" Access-Control-Allow-Methods HEAD,GET,OPTIONS Content-Type application/font-woff2 Access-Control-Allow-Origin * Cache-Control max-age=17414499 Connection keep-alive Accept-Ranges bytes Content-Length 22604 X-XSS-Protection 1
GET H2	200	sp-frame.html Show response tag.idsync.analytics.yahoo.com/ Frame 7C0E	8 KB 3 KB	76ms 18ms	Document text/html	152.195.51.15 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer= Requested by Host: jac.yahoosandbox.com URL: https://jac.yahoosandbox.com/0.7.2/jac.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.51.15 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (lcy/1D5A) / Resource Hash e3ff3a3ce46613ebbf6cf9d70af506779dc37897b6c32c4435853672cb00ac74 Request headers :method GET :authority tag.idsync.analytics.yahoo.com :scheme https :path /sp-frame.html?referrer= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.msn.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.msn.com/ Response headers content-encoding gzip age 237 content-type text/html date Thu, 19 Aug 2021 04:16:46 GMT etag "324f9bb044d7d71fa083c18b96aa4662+gzip" last-modified Wed, 18 Aug 2021 13:17:52 GMT server ECS (lcy/1D5A) vary Accept-Encoding x-amz-id-2 TYMF5xyhueZwPUxaFo8ru097nuIkNAogRgPd8Rx4+d5hPbp6+NcsU/+bFOLADtGfm9xEuWLwVls= x-amz-request-id 6SKPBB8EN3S0X74A x-amz-server-side-encryption AES256 x-cache HIT content-length 3220
GET H2	204	cms cms.analytics.yahoo.com/	0 0	104ms 30ms	Image text/html	212.82.100.182 YAHOO-IRD
General Check archive.org Show headers Download Go to Show image Full URL https://cms.analytics.yahoo.com/cms?partner_id=MSFT Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS spcms.pbp.vip.ir2.yahoo.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	200 OK	config.js Show response confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/	88 KB 30 KB	121ms 26ms	Script text/javascript	104.111.252.77 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 104.111.252.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-252-77.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash f7605c1945755284b4adbcc1f9d5a2a24b444a1028e286c72a011b0fbc5012b3 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:46 GMT Content-Encoding gzip x-amz-request-id 29VYJVKXVYMJE6R7 Connection keep-alive Content-Length 29915 x-amz-id-2 yqtAQlUSLRd5rclkKwURECrX84soXqNsudm/JreibiAZCjBLHzADvFWaB11df8RPvVwihEanJtM= X-Served-By cache-ams21044-AMS Last-Modified Fri, 30 Jul 2021 16:36:57 GMT Server AmazonS3 X-Timer S1627698914.793802,VS0,VE615 ETag "d123ae2ba21fd5eb880186b83588f403" Vary Accept-Encoding Content-Type text/javascript Cache-Control private, max-age=86400 Accept-Ranges bytes X-Cache-Hits 0
GET H/1.1	200 OK	en-us.svg apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/ Redirect Chain https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us? https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg	11 KB 11 KB	420ms 121ms	Image image/svg+xml	52.216.226.72 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.226.72 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:47 GMT Last-Modified Wed, 29 Apr 2020 21:18:39 GMT Server AmazonS3 x-amz-request-id 2N0S02WEKK545BGT ETag "2928664fe1fc6aca88583a6f606d60ba" Content-Type image/svg+xml Accept-Ranges bytes Content-Length 10804 x-amz-id-2 4gVM19cgH+yeHp7NpMcBlAY316t51EJXKp67xCrOvkEQ2+ScsSG3ReWYt+5eYdiT+Y3ScQhf75g= Redirect headers location https://apple-resources.s3.amazonaws.com:443/media-badges/download-on-the-app-store/black/en-us.svg date Thu, 19 Aug 2021 04:16:46 GMT server awselb/2.0 content-length 134 content-type text/html
GET H3-29	200	en_badge_web_generic.png play.google.com/intl/en_us/badges/static/images/badges/ Redirect Chain https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png	14 KB 14 KB	28ms 14ms	Image image/png	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT x-content-type-options nosniff last-modified Tue, 08 Oct 2019 05:15:00 GMT server sffe content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/webmaster/play_google content-type image/png cache-control private, max-age=0 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13957 x-xss-protection 0 expires Thu, 19 Aug 2021 04:16:46 GMT Redirect headers date Thu, 19 Aug 2021 04:16:45 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 location https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 284 x-xss-protection 0
GET H2	200	c.gif c.msn.com/ Redirect Chain https://c.msn.com/c.gif?udc=true&rid=9d80a75714e74f7bbb159f5536538334&rnd=637649434052263925&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252FWeather%252Fplaces%253Fru%253D%25252Fen-us%25252Fwe... https://c.bing.com/c.gif?udc=true&rid=9d80a75714e74f7bbb159f5536538334&rnd=637649434052263925&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252FWeather%252Fplaces%253Fru%253D%25252Fen-us%25252Fw... https://c.msn.com/c.gif?udc=true&rid=9d80a75714e74f7bbb159f5536538334&rnd=637649434052263925&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252FWeather%252Fplaces%253Fru%253D%25252Fen-us%25252Fwe...	42 B 255 B	29ms 28ms	Image image/gif	52.142.114.2 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.msn.com/c.gif?udc=true&rid=9d80a75714e74f7bbb159f5536538334&rnd=637649434052263925&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252FWeather%252Fplaces%253Fru%253D%25252Fen-us%25252Fweather%25252Ftoday&di=452&lng=en-us&activityId=9d80a75714e74f7bbb159f5536538334&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=weatherplaces&st.sdpt=&subcvs=weather&pg.n=weatherplaces&pg.t=custcol&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=AE05235A04894CB29954E464C13DDF1E&MUID=3E2DBEC61CB16DD438CCAE5E1DDA6C2D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:45 GMT last-modified Fri, 02 Jul 2021 16:12:32 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "9d284f105d6fd71:0" p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-type image/gif content-length 42 Redirect headers pragma no-cache date Thu, 19 Aug 2021 04:16:45 GMT x-msedge-ref Ref A: BF7CAB2C3A974D3C84A34BA7B54C2D25 Ref B: FRAEDGE1319 Ref C: 2021-08-19T04:16:46Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.msn.com/c.gif?udc=true&rid=9d80a75714e74f7bbb159f5536538334&rnd=637649434052263925&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252FWeather%252Fplaces%253Fru%253D%25252Fen-us%25252Fweather%25252Ftoday&di=452&lng=en-us&activityId=9d80a75714e74f7bbb159f5536538334&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=weatherplaces&st.sdpt=&subcvs=weather&pg.n=weatherplaces&pg.t=custcol&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=AE05235A04894CB29954E464C13DDF1E&MUID=3E2DBEC61CB16DD438CCAE5E1DDA6C2D cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://www.bizographics.com/collect/?fmt=gif&pid=7850 https://px.ads.linkedin.com/collect?fmt=gif&pid=7850 https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Ffmt%3Dgif%26pid%3D7850%26liSync%3Dtrue https://px.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQKL6fdQhieuuQAAAXtcoDE8n3uOHdtW97j2LUMiPiyuQBl9nZFgIgWnOCoDT7srNWjywo2W	43 B 239 B	365ms 176ms	Image image/gif	108.174.10.14 LINKEDIN
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQKL6fdQhieuuQAAAXtcoDE8n3uOHdtW97j2LUMiPiyuQBl9nZFgIgWnOCoDT7srNWjywo2W Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.174.10.14 , United States, ASN14413 (LINKEDIN, US), Reverse DNS 108-174-10-14.fwd.linkedin.com Software Play / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:47 GMT content-encoding gzip server Play linkedin-action 1 vary Accept-Encoding x-li-fabric prod-lor1 x-li-proto http/2 x-li-pop prod-edc2 content-type image/gif content-length 65 x-li-uuid hcJfahuanBbwZMZogisAAA== Redirect headers date Thu, 19 Aug 2021 04:16:47 GMT server Play linkedin-action 1 x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQKL6fdQhieuuQAAAXtcoDE8n3uOHdtW97j2LUMiPiyuQBl9nZFgIgWnOCoDT7srNWjywo2W x-li-proto http/2 x-li-pop prod-esv5 content-length 0 x-li-uuid u6ZtVRuanBaAtoehkCsAAA==
GET H2	200	silentpassport Show response www.msn.com/en-us/weather/secure/ Frame 09A6 Redirect Chain https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1629346605&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2fweather%2fsecure%2fsilentpassport%3fsecure%3dtrue&l... https://www.msn.com/en-us/weather/secure/silentpassport?secure=true&lc=1033	239 B 347 B	34ms 34ms	Document text/html	204.79.197.203 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.msn.com/en-us/weather/secure/silentpassport?secure=true&lc=1033 Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0003.a-msedge.net Software / ASP.NET Resource Hash 0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12 Security Headers Name Value X-Xss-Protection 1 Request headers :method GET :authority www.msn.com :scheme https :path /en-us/weather/secure/silentpassport?secure=true&lc=1033 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.msn.com/ accept-encoding gzip, deflate, br accept-language en-US cookie PreferencesMsn=eyJFeHBpcnlUaW1lIjo2Mzc5NjQ3OTQwNTIyNjM5MjUsIlZlcnNpb24iOjF90; anoncknm=; _EDGE_S=F=1; _EDGE_V=1; MUID=3E2DBEC61CB16DD438CCAE5E1DDA6C2D; _SS=SID=00 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.msn.com/ Response headers cache-control private, no-transform content-length 185 content-type text/html; charset=utf-8 content-encoding gzip vary User-Agent access-control-allow-origin * x-aspnetmvc-version 5.2 x-appversion 20210817_23350340 x-activity-id a74edfce-ae81-4415-acef-0849ee8b7a80 x-az {did:94e2fb0a928b472cad8f07b58097c1b4, rid: 22, sn: neurope-prod-entertainment, dt: 2021-08-10T08:53:02.7591702Z, bt: 2021-08-17T00:13:43.6142827Z} nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} x-powered-by ASP.NET access-control-allow-methods HEAD,GET,OPTIONS x-xss-protection 1 x-cache CONFIG_NOCACHE x-msedge-ref Ref A: A74EDFCEAE814415ACEF0849EE8B7A80 Ref B: FRAEDGE1512 Ref C: 2021-08-19T04:16:46Z date Thu, 19 Aug 2021 04:16:45 GMT Redirect headers Cache-Control no-store, no-cache Pragma no-cache Content-Length 0 Content-Type text/html; charset=utf-8 Expires Thu, 19 Aug 2021 04:15:46 GMT Location https://www.msn.com/en-us/weather/secure/silentpassport?secure=true&lc=1033 P3P CP="DSP CUR OTPi IND OTRi ONL FIN" Set-Cookie uaid=9ade2aa4fec64c16b8b7fa20bf6e2f84; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=1184&lt=1629346606&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly Referrer-Policy strict-origin-when-cross-origin x-ms-route-info R3_BL2 x-ms-request-id b02293a8-7a51-4db5-9439-b8fa33c6d106 PPServer PPV: 30 H: BL6PPFBBBE413FF V: 0 X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000 X-XSS-Protection 1; mode=block Date Thu, 19 Aug 2021 04:16:45 GMT
GET H2	200	getuid eb2.3lift.com/ Redirect Chain https://eb2.3lift.com/mapuid?suid=3E2DBEC61CB16DD438CCAE5E1DDA6C2D&sid=16 https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=	37 B 352 B	21ms 21ms	Image image/gif	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers location /getuid?ld=1&gdpr=1&cmp_cs=&us_privacy= date Thu, 19 Aug 2021 04:16:46 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
POST H/1.1	200 OK	v1 web.vortex.data.msn.com/collect/	0 0	134ms 29ms	Ping application/json	40.77.226.250 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://www.msn.com Access-Control-Allow-Headers Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials Access-Control-Allow-Credentials true
GET H2	200	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=3000001&cs_ucfr=1&rn=1629346606016&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fweather%2Fplaces%3Fru%3D%252Fen-us%252Fweather%252Ftoday&c8=My+Places+-+MSN+Weat... https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1629346606016&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fweather%2Fplaces%3Fru%3D%252Fen-us%252Fweather%252Ftoday&c8=My%20Places%20-%20M...	64 B 332 B	44ms 43ms	Image image/gif	13.224.96.92 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1629346606016&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fweather%2Fplaces%3Fru%3D%252Fen-us%252Fweather%252Ftoday&c8=My%20Places%20-%20MSN%20Weather&c9= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.92 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-92.zrh50.r.cloudfront.net Software / Resource Hash 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT via 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 etag W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg" x-cache Miss from cloudfront content-type image/gif; charset=utf-8 content-length 64 x-amz-cf-id jKXoR94DBKPmMY6CKRjNqtJg_pRbgHn9hkxTJ65Cn7x6ZgTkPzuQNw== Redirect headers date Thu, 19 Aug 2021 04:16:46 GMT via 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 vary Accept x-cache Miss from cloudfront content-type text/plain; charset=utf-8 location https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1629346606016&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fweather%2Fplaces%3Fru%3D%252Fen-us%252Fweather%252Ftoday&c8=My%20Places%20-%20MSN%20Weather&c9= content-length 235 x-amz-cf-id Vu_k6RnafQbwuHCu2pYW_-Mz5qtb6QBEdb9C1YMlCFxECegiG4OzoQ==
GET H2	200	js Show response jill.fc.yahoo.com/v2/ads/	10 KB 2 KB	391ms 391ms	Script application/javascript	2a00:1288:80:800::7001 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.7.2&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22params%22%3A%7B%22msft_jac%22%3A%221%22%2C%22msft_providerid%22%3A%227HD66FC%22%2C%22msft_rid%22%3A%229d80a75714e74f7bbb159f5536538334%22%2C%22msft_ext_inv_cd%22%3A%22us%22%2C%22msft_muid%22%3A%223E2DBEC61CB16DD438CCAE5E1DDA6C2D%22%7D%2C%22region%22%3A%22US%22%2C%22adClientId%22%3A%221002%22%7D%7D%2C%22positions%22%3A%7B%22banner1_homepag_0%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221629346606024%7C669314265485304200%22%7D%2C%22alias%22%3A%22WEAUSEN12%22%2C%22sizes%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%22rectangle1_home_1%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221629346606024%7C696115139002472300%22%7D%2C%22alias%22%3A%22WEAUSEN11%22%2C%22sizes%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22MSN-enus%22%2C%22pageSessionId%22%3A%224deddc7b0%22%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fweather%2Fplaces%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A4%2C%22applies%22%3A0%7D%7D%7D%2C%22requestId%22%3A1%2C%22metrics%22%3Atrue%7D Requested by Host: jac.yahoosandbox.com URL: https://jac.yahoosandbox.com/0.7.2/jac.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 6eee349e582a0e497357a261df7ae7d3b423fe11c00ec98d138f96efa13386e5 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT content-encoding gzip referrer-policy no-referrer-when-downgrade server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 content-type application/javascript; charset=utf-8 x-xss-protection 1; mode=block cache-control private, no-cache, no-store x-robots-tag noindex, noarchive, nosnippet, nofollow x-content-type-options nosniff x-request-id 27609faa0fe920fd4babddc7eab9d9770e2803
GET H2	200	irisbannerajax Show response www.msn.com/en-us/weather/	7 KB 2 KB	83ms 83ms	XHR text/html	204.79.197.203 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.msn.com/en-us/weather/irisbannerajax?position=top&canvas=vlp&ru=%2Fen-us%2Fweather%2Ftoday Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0003.a-msedge.net Software / ASP.NET Resource Hash 79493ccf29b80b925015abbc75c79827e381a4a29dc8312d436163fc8b0eca97 Security Headers Name Value Content-Security-Policy default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; Strict-Transport-Security max-age=1209600; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers sec-fetch-mode cors accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty cookie PreferencesMsn=eyJFeHBpcnlUaW1lIjo2Mzc5NjQ3OTQwNTIyNjM5MjUsIlZlcnNpb24iOjF90; anoncknm=; _EDGE_S=F=1; _EDGE_V=1; MUID=3E2DBEC61CB16DD438CCAE5E1DDA6C2D :path /en-us/weather/irisbannerajax?position=top&canvas=vlp&ru=%2Fen-us%2Fweather%2Ftoday pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type html accept */* cache-control no-cache :authority www.msn.com referer https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday :scheme https sec-fetch-site same-origin :method GET Referer https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type html Response headers strict-transport-security max-age=1209600; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} x-powered-by ASP.NET x-cache CONFIG_NOCACHE x-activity-id be5683d1-bab0-4544-85c6-3050de796ca7 vary User-Agent content-length 2269 x-xss-protection 1 x-ua-compatible IE=Edge;chrome=1 pragma no-cache x-aspnetmvc-version 5.2 x-az {did:94e2fb0a928b472cad8f07b58097c1b4, rid: 41, sn: neurope-prod-entertainment, dt: 2021-08-10T07:13:24.2260864Z, bt: 2021-08-17T00:13:43.6142827Z} date Thu, 19 Aug 2021 04:16:45 GMT x-frame-options SAMEORIGIN access-control-allow-methods HEAD,GET,OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, no-transform report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} content-security-policy default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; x-msedge-ref Ref A: BE5683D1BAB0454485C63050DE796CA7 Ref B: FRAEDGE1512 Ref C: 2021-08-19T04:16:46Z x-appversion 20210817_23350340 expires -1
POST H/1.1	200 OK	v1 web.vortex.data.msn.com/collect/	0 0	123ms 29ms	Ping application/json	40.77.226.250 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://www.msn.com Access-Control-Allow-Headers Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials Access-Control-Allow-Credentials true
GET H2	200	msnhomepagehistory.aspx Show response www.bing.com/	2 B 1 KB	67ms 51ms	XHR text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.bing.com/msnhomepagehistory.aspx?_=1629346605677 Requested by Host: static-global-s-msn-com.akamaized.net URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers Accept text/plain, */*; q=0.01 Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:45 GMT content-encoding br x-msedge-ref Ref A: 3D0DA8FE23944B6A98F4E6071BB2ECB8 Ref B: FRAEDGE1319 Ref C: 2021-08-19T04:16:46Z x-snr-routing 1 vary Accept-Encoding x-cache CONFIG_NOCACHE p3p CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND" access-control-allow-origin https://www.msn.com cache-control no-cache access-control-allow-credentials true content-type text/plain; charset=utf-8 content-length 6 expires -1
GET H2	200	TaboolaCookieSyncScript.js Show response cdn.taboola.com/	2 KB 1 KB	23ms 6ms	Script application/javascript	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/TaboolaCookieSyncScript.js Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash f20a080cb6f3540c27ec0aa19010bf2351681a7a8d9e791603e8c9626591b9ff Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id H.Y5st4f9YCLW_cyz9zrbO7e673uzGOr content-encoding gzip etag "c82b00ef266759f04018438bb542679a" age 13490 x-cache HIT x-amz-replication-status COMPLETED content-length 817 x-amz-id-2 ebOO41GuGXwn15aJzSbHhqXfrBAIWer4filE8SJ42FYygNpCPEsA8/hvjAJcuk6JCwO6VnNUJZ8= x-served-by cache-fra19128-FRA last-modified Mon, 16 Oct 2017 10:26:53 GMT server AmazonS3 x-timer S1629346606.055367,VS0,VE0 date Thu, 19 Aug 2021 04:16:46 GMT vary Accept-Encoding x-amz-request-id KF820GRC0Q8D823E via 1.1 varnish cache-control private,max-age=14400 accept-ranges bytes content-type application/javascript abp 52 x-cache-hits 96
GET H2	200	MSNIdSync.js Show response widgets.outbrain.com/external/publishers/msn/	5 KB 3 KB	58ms 19ms	Script application/x-javascript	2.18.234.190 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://widgets.outbrain.com/external/publishers/msn/MSNIdSync.js Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-190.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash bb39787d42d16bed2e28e072e0d372639e127d9cc9333859f8661ad26b968768 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT content-encoding gzip last-modified Wed, 11 Aug 2021 07:30:39 GMT server AkamaiNetStorage etag "0f6a98a2a3c197966641f06e0f58da73:1628667484.853382" vary Accept-Encoding access-control-allow-methods GET,POST content-type application/x-javascript access-control-allow-origin * cache-control max-age=345600 access-control-allow-credentials false accept-ranges bytes timing-allow-origin *, * content-length 2155
GET H2	200	sync.js Show response ib.3lift.com/	275 B 572 B	61ms 14ms	Script application/javascript	13.224.196.121 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ib.3lift.com/sync.js Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.196.121 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-196-121.fra2.r.cloudfront.net Software / Resource Hash c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:03:25 GMT via 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront) last-modified Thu, 19 Aug 2021 04:03:25 GMT age 801 x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=900 x-amz-cf-pop FRA2-C1 content-length 275 x-amz-cf-id aRwd6NnU8eU1mghP0PX-k74LUpKUzHJfO818soFpeRxnoshwwBK6EQ==
GET H/1.1	200 OK	pixels Show response service.idsync.analytics.yahoo.com/sp/v0/ Frame 7C0E	13 B 401 B	53ms 15ms	XHR application/json	3.126.56.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://service.idsync.analytics.yahoo.com/sp/v0/pixels?gdpr=undefined&euconsent=undefined&us_privacy=undefined&referrer=https%3A%2F%2Fwww.msn.com%2F Requested by Host: tag.idsync.analytics.yahoo.com URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-56-137.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash 243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://tag.idsync.analytics.yahoo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:46 GMT Strict-Transport-Security max-age=31536000; includeSubDomains; preload Server ATS/7.1.2.138 Age 0 Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin https://tag.idsync.analytics.yahoo.com Cache-Control no-cache Access-Control-Allow-Credentials true Connection keep-alive
POST H/1.1	200 OK	v1 web.vortex.data.msn.com/collect/	0 0	109ms 27ms	Ping application/json	40.77.226.250 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://www.msn.com Access-Control-Allow-Headers Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials Access-Control-Allow-Credentials true
GET H2	200	Impression arc.msn.com/v3/Delivery/Events/	0 209 B	106ms 32ms	Image application/xml	20.82.210.154 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://arc.msn.com/v3/Delivery/Events/Impression?PID=425300254&TID=700366441&CID=128000000002629469&BID=2003288250&PG=PC0001WD69.0000000BZC&TPID=425300254&REQASID=2A6C600B7F3449178AE7E0BE2F364DED&ASID=4ab10b6d43904845aecde11e3a1ea6df&SLOT=1&REQT=20210819T041646&MA_Score=2&&DS_EVTID=4ab10b6d43904845aecde11e3a1ea6df&BCNT=1&PG=PC0001WD69.0000000BZC&UNID=10837393&MAP_TID=0A8BD5E4-B3DA-482D-9874-0AC3DA937787&NCT=1&ASID=2A6C600B7F3449178AE7E0BE2F364DED&REQASID=2A6C600B7F3449178AE7E0BE2F364DED&ARC=1&EMS=1&LOCALE=EN-US&COUNTRY=US&HTD=-1&LANG=1033&DEVLANG=EN&CIP=40.127.197.117&ID=3E2DBEC61CB16DD438CCAE5E1DDA6C2D&OPTOUTSTATE=0&HTTPS=1&MARKETBASEDCOUNTRY=US&CFMT=&H=0&W=0&FESVER=1.3&PL=EN-US&ISSIGNEDIN=0&BROWSER=2&ISMOBILE=0&OPSYS=WIN10&MSN_CANVAS=8&CHNL=CFD&UIT=G Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.82.210.154 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains server Microsoft-IIS/10.0 x-aspnet-version 4.0.30319 x-powered-by ASP.NET content-type application/xml; charset=utf-8 cache-control no-store, no-cache date Thu, 19 Aug 2021 04:16:45 GMT content-length 0 expires Mon, 01 Jan 0001 00:00:00 GMT
GET H2	200	RWzaiV img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/	5 KB 5 KB	47ms 13ms	Image image/png	2a02:26f0:6c00::210:ba1b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWzaiV?ver=1b41 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:26f0:6c00::210:ba1b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 92ca52bdd2c5eb85274e952c45bfde74e715e7c51ad30afa6d59bd87f700a2bc Security Headers Name Value X-Frame-Options deny Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Thu, 19 Aug 2021 04:16:46 GMT last-modified Tue, 17 Aug 2021 19:07:25 GMT x-datacenter NorthEU x-source-length 5127 x-frame-options deny content-type image/png access-control-allow-origin * cache-control public, max-age=312572 x-activityid e3b81aaf-2e78-4158-bf8b-de130b17ee3b x-deployment a89a5014e89c41b7b60a64d7ee950637 content-location https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RWzaiV?ver=1b41 content-length 5127 expires Sun, 22 Aug 2021 19:06:18 GMT
GET H2	200	sync Show response eb2.3lift.com/ Frame F260	1 KB 1 KB	22ms 22ms	Document text/html	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eb2.3lift.com/sync? Requested by Host: ib.3lift.com URL: https://ib.3lift.com/sync.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash 77659811b31a2934d49a2eaa10f5b347b32cf9636972df445c40fecb0b7ed714 Request headers :method GET :authority eb2.3lift.com :scheme https :path /sync? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.msn.com/ accept-encoding gzip, deflate, br accept-language en-US cookie tluid=6671742374590921778 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.msn.com/ Response headers date Thu, 19 Aug 2021 04:16:46 GMT content-type text/html; charset=utf-8 content-length 478 set-cookie sync=CgoIgQIQq9iA5bUvCgoIkQIQq9iA5bUvCgoI4gEQq9iA5bUvCgoIkgIQq9iA5bUvCgoI5gEQq9iA5bUvCgoIhwIQq9iA5bUvCgkIOhCr2IDltS8KCQgLEKvYgOW1LwoJCF8Qq9iA5bUvCgkIHxCr2IDltS8=; Max-Age=7776000; Expires=Wed, 17 Nov 2021 04:16:46 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=6671742374590921778; Max-Age=7776000; Expires=Wed, 17 Nov 2021 04:16:46 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure content-encoding gzip p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" cache-control no-cache, no-store, must-revalidate
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame F260	70 B 265 B	158ms 68ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:46 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	xuid eb2.3lift.com/ Frame F260 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG3uPrqrP3FZt3y1iyI_twk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1	37 B 352 B	23ms 23ms	Image image/gif	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG3uPrqrP3FZt3y1iyI_twk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Thu, 19 Aug 2021 04:16:46 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEG3uPrqrP3FZt3y1iyI_twk&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 332 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame F260 Redirect Chain https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjY3MTc0MjM3NDU5MDkyMTc3OA%3D%3D https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjY3MTc0MjM3NDU5MDkyMTc3OA%3D%3D&google_tc=	170 B 188 B	29ms 17ms	Image image/png	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjY3MTc0MjM3NDU5MDkyMTc3OA%3D%3D&google_tc= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync? Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:46 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 19 Aug 2021 04:16:46 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjY3MTc0MjM3NDU5MDkyMTc3OA%3D%3D&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 360 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	c.gif c.bing.com/ Frame F260	42 B 205 B	30ms 27ms	Image image/gif	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.bing.com/c.gif?xid=6671742374590921778&Red3=TLMS_pd Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:45 GMT etag "9d284f105d6fd71:0" last-modified Fri, 02 Jul 2021 16:12:32 GMT x-msedge-ref Ref A: B75865FAE15D4782B616C0E9EBFF9707 Ref B: FRAEDGE1319 Ref C: 2021-08-19T04:16:46Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-type image/gif content-length 42
GET H2	200	xuid eb2.3lift.com/ Frame F260 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/triplelift/6671742374590921778?gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=2662&xuid=y-Jdl6IPFE2oQKvLsvuHa6DQ4ItV3KhEkYEfpnH2E5KA--~A&dongle=0883	37 B 352 B	23ms 22ms	Image image/gif	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=2662&xuid=y-Jdl6IPFE2oQKvLsvuHa6DQ4ItV3KhEkYEfpnH2E5KA--~A&dongle=0883 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers date Thu, 19 Aug 2021 04:16:46 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 location https://eb2.3lift.com/xuid?mid=2662&xuid=y-Jdl6IPFE2oQKvLsvuHa6DQ4ItV3KhEkYEfpnH2E5KA--~A&dongle=0883 x-xss-protection 1; mode=block content-length 0 x-content-type-options nosniff expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	xuid eb2.3lift.com/ Frame F260 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D https://eb2.3lift.com/xuid?mid=3335&xuid=679804040051785204&dongle=4d58&gdpr=1&gdpr_consent=	37 B 352 B	23ms 23ms	Image image/gif	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?mid=3335&xuid=679804040051785204&dongle=4d58&gdpr=1&gdpr_consent= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT cache-control no-cache, no-store, must-revalidate content-type image/gif content-length 37 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers Pragma no-cache Date Thu, 19 Aug 2021 04:16:46 GMT X-Proxy-Origin 89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid be88d862-d29e-42a8-b13f-3abd834b8177 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://eb2.3lift.com/xuid?mid=3335&xuid=679804040051785204&dongle=4d58&gdpr=1&gdpr_consent= Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	iu3 s.amazon-adsystem.com/ Frame F260 Redirect Chain https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=6671742374590921778 https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6671742374590921778&dcc=t	0 0	107ms 107ms	Image text/html	52.46.154.242 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6671742374590921778&dcc=t Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers Pragma no-cache Date Thu, 19 Aug 2021 04:16:46 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid DQ8RH88RR1DMMZASKRWC Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=6671742374590921778&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	xuid eb2.3lift.com/ Frame F260 Redirect Chain https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1 https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy=	37 B 139 B	22ms 21ms	Image image/gif	76.223.111.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy= Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0f671730127a0812.awsglobalaccelerator.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT cache-control no-cache, no-store, must-revalidate content-length 37 content-type image/gif Redirect headers location /xuid?ld=1&mid=2460&xuid=&dongle=dba8&gdpr=1&cmp_cs=&us_privacy= date Thu, 19 Aug 2021 04:16:46 GMT cache-control no-cache, no-store, must-revalidate content-length 0 p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	400 Request failed due to privacy signals	setuid ib.adnxs.com/prebid/ Frame F260	0 0	42ms 13ms	Image text/html	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=6671742374590921778 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H/1.1	400 Request failed due to privacy signals	setuid ib.adnxs.com/prebid/ Frame F260	0 0	43ms 14ms	Image text/html	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=6671742374590921778 Requested by Host: eb2.3lift.com URL: https://eb2.3lift.com/sync? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://eb2.3lift.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	jac.js Show response jac.yahoosandbox.com/0.7.2/ Frame 3391	139 KB 35 KB	7ms 7ms	Script application/javascript	2a00:1288:80:800::7001 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://jac.yahoosandbox.com/0.7.2/jac.js Requested by Host: confiant.msn.com URL: https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 80ddd620de6d2982d76ac2e9a1a17a70041a23225990d1669f3c77534502e4d2 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 04:33:05 GMT content-encoding gzip x-content-type-options nosniff age 85423 x-amz-server-side-encryption AES256 vary Accept-Encoding content-length 35932 x-amz-id-2 HDSSD42AHpLKNOOLskEoGwQa2Ezvq7LnnjvnnSNzMeuDFV3tLX1rG1Clixb/APcb/ihAGrbYKH8= referrer-policy no-referrer-when-downgrade last-modified Tue, 13 Jul 2021 14:50:34 GMT server ATS etag "27216f91f826d09f5b899ee50c9b9e1f-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 x-amz-request-id G704PT6ENFJJP0GP x-xss-protection 1; mode=block cache-control max-age=31536000,s-maxage=31536000 accept-ranges bytes content-type application/javascript
GET H2	200	jac.js Show response jac.yahoosandbox.com/0.7.2/ Frame C71B	139 KB 35 KB	11ms 11ms	Script application/javascript	2a00:1288:80:800::7001 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://jac.yahoosandbox.com/0.7.2/jac.js Requested by Host: confiant.msn.com URL: https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash 80ddd620de6d2982d76ac2e9a1a17a70041a23225990d1669f3c77534502e4d2 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 04:33:05 GMT content-encoding gzip x-content-type-options nosniff age 85423 x-amz-server-side-encryption AES256 vary Accept-Encoding content-length 35932 x-amz-id-2 HDSSD42AHpLKNOOLskEoGwQa2Ezvq7LnnjvnnSNzMeuDFV3tLX1rG1Clixb/APcb/ihAGrbYKH8= referrer-policy no-referrer-when-downgrade last-modified Tue, 13 Jul 2021 14:50:34 GMT server ATS etag "27216f91f826d09f5b899ee50c9b9e1f-df" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 x-amz-request-id G704PT6ENFJJP0GP x-xss-protection 1; mode=block cache-control max-age=31536000,s-maxage=31536000 accept-ranges bytes content-type application/javascript
GET H/1.1	200 OK	adServe.do Show response web.ssp.yahoo.com/admax/ Frame 3391	3 KB 4 KB	175ms 123ms	Script application/x-javascript	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=WEAUSEN12&tp=msft_muid%3D3E2DBEC61CB16DD438CCAE5E1DDA6C2D!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3D!msft_rid%3D9d80a75714e74f7bbb159f5536538334!msft_year%3D!msft_asid%3D1629346606024|669314265485304200!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js Requested by Host: confiant.msn.com URL: https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash 729c4661289177418e627235669b88ce1481fc28209a8e5c4833cf6baade0160 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 19 Aug 2021 04:16:46 GMT Server ATS/7.1.2.138 Age 0 Content-Type application/x-javascript;charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0 Connection keep-alive Content-Length 3046 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	adcount%7C2.0%7C5113.1%7C3780009%7C0%7C225%7CAdId=11043949;BnId=3;ct=3517981876;st=4678;adcid=1;itime=346606311;reqtype=5;guid=3jjotl9ghrmpe&b=3&s=qj;;impref=1629346606184723453;imprefseq=119655546... 26.at.atwola.com/ Frame 3391	1 B 42 B	148ms 97ms	Image application/x-javascript	2a00:1288:80:800::7000 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3780009%7C0%7C225%7CAdId=11043949;BnId=3;ct=3517981876;st=4678;adcid=1;itime=346606311;reqtype=5;guid=3jjotl9ghrmpe&b=3&s=qj;;impref=1629346606184723453;imprefseq=119655546961290281;imprefts=1629346606;adclntid=1002;pvid=4deddc7b0;kvmsft_providerid=7hd66fc;kvmn=weausen12;kvpg=www.msn.com%2Fen-us%2Fweather%2Fplaces;kvmsft_jac=1;kvsecure=true;kvmsft_rid=9d80a75714e74f7bbb159f5536538334;kvmsft_asid=1629346606024%7C669314265485304200;kvgrp=4deddc7b0;kvmsft_muid=3E2DBEC61CB16DD438CCAE5E1DDA6C2D;kvmsft_ext_inv_cd=us;gdpr=0; Requested by Host: www.msn.com URL: https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:46 GMT referrer-policy no-referrer-when-downgrade server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 content-type application/x-javascript x-xss-protection 1; mode=block cache-control no-store, no-cache content-length 1 x-content-type-options nosniff expires Mon, 15 Jun 1998 00:00:00 GMT
GET H/1.1	200 OK	adServe.do Show response web.ssp.yahoo.com/admax/ Frame C71B	3 KB 4 KB	185ms 139ms	Script application/x-javascript	35.157.246.167 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=WEAUSEN11&tp=msft_muid%3D3E2DBEC61CB16DD438CCAE5E1DDA6C2D!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7hd66fc!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3D!msft_rid%3D9d80a75714e74f7bbb159f5536538334!msft_year%3D!msft_asid%3D1629346606024|696115139002472300!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js Requested by Host: confiant.msn.com URL: https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-246-167.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash a00b79dd14ef5cf95fda67df6e9cb4c45f1299b942e85a4fc561dc30f37bf44c Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 19 Aug 2021 04:16:46 GMT Server ATS/7.1.2.138 Age 0 Content-Type application/x-javascript;charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0 Connection keep-alive Content-Length 3064 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	adcount%7C2.0%7C5113.1%7C3780008%7C0%7C170%7CAdId=11043949;BnId=4;ct=3517981876;st=6254;adcid=1;itime=346606312;reqtype=5;guid=3jjotl9ghrmpe&b=3&s=qj;;impref=1629346606184723456;imprefseq=119655546... 26.at.atwola.com/ Frame C71B	1 B 316 B	142ms 96ms	Image application/x-javascript	2a00:1288:80:800::7000 YAHOO-DEB
General Check archive.org Show headers Download Go to Show image Full URL https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3780008%7C0%7C170%7CAdId=11043949;BnId=4;ct=3517981876;st=6254;adcid=1;itime=346606312;reqtype=5;guid=3jjotl9ghrmpe&b=3&s=qj;;impref=1629346606184723456;imprefseq=119655546961290284;imprefts=1629346606;adclntid=1002;pvid=4deddc7b0;kvmsft_providerid=7hd66fc;kvmn=weausen11;kvpg=www.msn.com%2Fen-us%2Fweather%2Fplaces;kvmsft_jac=1;kvsecure=true;kvmsft_rid=9d80a75714e74f7bbb159f5536538334;kvmsft_asid=1629346606024%7C696115139002472300;kvgrp=4deddc7b0;kvmsft_muid=3E2DBEC61CB16DD438CCAE5E1DDA6C2D;kvmsft_ext_inv_cd=us;gdpr=0; Requested by Host: www.msn.com URL: https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:46 GMT referrer-policy no-referrer-when-downgrade server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 content-type application/x-javascript x-xss-protection 1; mode=block cache-control no-store, no-cache content-length 1 x-content-type-options nosniff expires Mon, 15 Jun 1998 00:00:00 GMT
POST H/1.1	200 OK	v1 web.vortex.data.msn.com/collect/	0 0	112ms 28ms	Ping application/json	40.77.226.250 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://www.msn.com Access-Control-Allow-Headers Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials Access-Control-Allow-Credentials true
GET H/1.1	200 OK	/ Show response confiant.msn.com/ Frame 3391	115 KB 35 KB	26ms 26ms	Script text/javascript	104.111.252.77 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://confiant.msn.com/?wrapper=8wUBVe8wmBTtU5IL4Akcv7tZSp0&tpid=OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9IZFZRbFpsT0hkdFFsUjBWVFZKVERSQmEyTjJOM1JhVTNBd0wzWnRPakI0TUE9PSIsIndkIjp7Im8iOiJ2bSIsInciOjAsImgiOjB9LCJ3ciI6Mn0= Requested by Host: confiant.msn.com URL: https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 104.111.252.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-252-77.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 423ed667bb52a1a272df6da0189015c95c37e8e7ecf5d3f9a33bbdbabec4d656 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:46 GMT Content-Encoding gzip X-Served-By cache-ams21043-AMS Server nginx X-Timer S1629346117.005897,VS0,VE0 ETag 31cd694726b81d540cfadede5841414887143e1b X-Cache-Status hit Vary Accept-Encoding Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=900 Connection keep-alive Accept-Ranges bytes Content-Length 34995 X-Cache-Hits 1
GET H/1.1	200 OK	/ Show response confiant.msn.com/ Frame C71B	115 KB 35 KB	47ms 28ms	Script text/javascript	104.111.252.77 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://confiant.msn.com/?wrapper=8wUBVe8wmBTtU5IL4Akcv7tZSp0&tpid=OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9IZFZRbFpsT0hkdFFsUjBWVFZKVERSQmEyTjJOM1JhVTNBd0wzWnRPakI0TUE9PSIsIndkIjp7Im8iOiJ2bSIsInciOjAsImgiOjB9LCJ3ciI6Mn0= Requested by Host: confiant.msn.com URL: https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 104.111.252.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-252-77.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 423ed667bb52a1a272df6da0189015c95c37e8e7ecf5d3f9a33bbdbabec4d656 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:46 GMT Content-Encoding gzip X-Served-By cache-ams21043-AMS Server nginx X-Timer S1629346117.005897,VS0,VE0 ETag 31cd694726b81d540cfadede5841414887143e1b X-Cache-Status hit Vary Accept-Encoding Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=900 Connection keep-alive Accept-Ranges bytes Content-Length 34995 X-Cache-Hits 1
GET H/1.1	200 OK	en-us.svg apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/ Redirect Chain https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us? https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg	11 KB 11 KB	109ms 109ms	Image image/svg+xml	52.216.226.72 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.226.72 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:47 GMT Last-Modified Wed, 29 Apr 2020 21:18:39 GMT Server AmazonS3 x-amz-request-id 2N0VAMWK6P5DTRTE ETag "2928664fe1fc6aca88583a6f606d60ba" Content-Type image/svg+xml Accept-Ranges bytes Content-Length 10804 x-amz-id-2 l57Sp7u0XGENAOk6sqqlgdxSU/fwNQo1DxCIZNBOM/H573DcXzzypbwVcS/1nc8qa/SYMiJEIEA= Redirect headers location https://apple-resources.s3.amazonaws.com:443/media-badges/download-on-the-app-store/black/en-us.svg date Thu, 19 Aug 2021 04:16:46 GMT server awselb/2.0 content-length 134 content-type text/html
GET H3-29	200	en_badge_web_generic.png play.google.com/intl/en_us/badges/static/images/badges/ Redirect Chain https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png	14 KB 14 KB	15ms 14ms	Image image/png	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT x-content-type-options nosniff last-modified Tue, 08 Oct 2019 05:15:00 GMT server sffe content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/webmaster/play_google content-type image/png cache-control private, max-age=0 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13957 x-xss-protection 0 expires Thu, 19 Aug 2021 04:16:46 GMT Redirect headers date Thu, 19 Aug 2021 04:16:46 GMT x-content-type-options nosniff server sffe content-type text/html; charset=UTF-8 location https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 284 x-xss-protection 0
GET H2	200	loader.js Show response assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 3391	2 KB 2 KB	73ms 18ms	Script application/javascript	2.16.186.170 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201 Requested by Host: confiant.msn.com URL: https://confiant.msn.com/?wrapper=8wUBVe8wmBTtU5IL4Akcv7tZSp0&tpid=OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9IZFZRbFpsT0hkdFFsUjBWVFZKVERSQmEyTjJOM1JhVTNBd0wzWnRPakI0TUE9PSIsIndkIjp7Im8iOiJ2bSIsInciOjAsImgiOjB9LCJ3ciI6Mn0= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-170.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash b0461211f1a898af3e392c03e87f79557be72677891099fd72b6300947ecf620 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 19 Aug 2021 04:16:46 GMT content-encoding gzip nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25} content-md5 pLUHk/oJyNBgGYWe8lAhWA== server-timing 11 content-length 967 x-ms-lease-status unlocked last-modified Fri, 13 Aug 2021 22:41:07 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D95EAB70C5FA71 vary Origin report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} content-type application/javascript access-control-allow-origin * x-ms-request-id 7e38d16f-c01e-003c-25dd-915cc1000000 cache-control public, max-age=86400 akamai-server-ip 2.16.186.166 x-ms-version 2009-09-19 akamai-request-id eba15ac
GET H/1.1	200 OK	pixels Show response service.idsync.analytics.yahoo.com/sp/v0/ Frame 3391	19 B 305 B	19ms 18ms	Script application/javascript	3.126.56.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,55940,58294,55953,58292,58160,55829,55859,55986,57926,55939,56554&referrer=&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent= Requested by Host: confiant.msn.com URL: https://confiant.msn.com/?wrapper=8wUBVe8wmBTtU5IL4Akcv7tZSp0&tpid=OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9IZFZRbFpsT0hkdFFsUjBWVFZKVERSQmEyTjJOM1JhVTNBd0wzWnRPakI0TUE9PSIsIndkIjp7Im8iOiJ2bSIsInciOjAsImgiOjB9LCJ3ciI6Mn0= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-56-137.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:46 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Type application/javascript Cache-Control no-cache Transfer-Encoding chunked Connection keep-alive
GET H2	200	adEvent.do prod-m-node-3113.ssp.yahoo.com/admax/ Frame 3391	43 B 175 B	61ms 15ms	Image image/gif	18.196.95.65 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770909769&dcn=8a96958b0170705f256f79e3fb790025&posi=987180&grp=%3F%3F%3F&nl=1629346606618&rts=1629346606511&pix=1&et=1&a=1d076723fd0847bf9fe25fb6b7f88650&m=aXAtMTAtMjItMTAzLTY4&b=MTMwNzE7U0FNIFBhc3NiYWNrOz8_Pzs7Ozs3NjUxMzM5MGIxYWU0MWIwOTNiM2IzYWJjYzQ1NWQ2ZjszMTU1OTk1NDsxNjI5MzQzODAwOzswOzswOw..&uid=3jjotl9ghrmpe%26b%3D3%26s%3Dqj&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxNw..&xoi=MHxERVU.&af=7&dety=5 Requested by Host: confiant.msn.com URL: https://confiant.msn.com/?wrapper=8wUBVe8wmBTtU5IL4Akcv7tZSp0&tpid=OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9IZFZRbFpsT0hkdFFsUjBWVFZKVERSQmEyTjJOM1JhVTNBd0wzWnRPakI0TUE9PSIsIndkIjp7Im8iOiJ2bSIsInciOjAsImgiOjB9LCJ3ciI6Mn0= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.196.95.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-95-65.eu-central-1.compute.amazonaws.com Software nginx/1.20.1 / Resource Hash f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT last-modified Tue, 17 Aug 2021 06:40:00 GMT server nginx/1.20.1 accept-ranges bytes content-length 43 content-type image/gif
GET H2	200	talon-1.0.31.js Show response s.yimg.com/ix/ Frame 3391	57 KB 58 KB	22ms 7ms	Script application/javascript	2a00:1288:80:800::7000 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/ix/talon-1.0.31.js Requested by Host: confiant.msn.com URL: https://confiant.msn.com/?wrapper=8wUBVe8wmBTtU5IL4Akcv7tZSp0&tpid=OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9IZFZRbFpsT0hkdFFsUjBWVFZKVERSQmEyTjJOM1JhVTNBd0wzWnRPakI0TUE9PSIsIndkIjp7Im8iOiJ2bSIsInciOjAsImgiOjB9LCJ3ciI6Mn0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:14:33 GMT x-content-type-options nosniff age 134 x-amz-server-side-encryption AES256 content-length 58593 x-amz-id-2 9VD+PZeuiyC/hGZl22qyZ13H5Ozp4xyoJ2PZtGQmZJWqD1HiBnec91IeNPE8vmI4mO8PC+RSgHk= referrer-policy no-referrer-when-downgrade last-modified Wed, 28 Apr 2021 14:46:34 GMT server ATS etag "0bcb4d45cc7ee871c6d48b07af3e2b3d" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 x-amz-request-id TVD93SCZKHSGYVVY x-xss-protection 1; mode=block cache-control public,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8
GET H/1.1	200 OK	pixel protected-by.clarium.io/ Frame 3391	68 B 345 B	76ms 17ms	Image image/png	35.158.12.68 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://protected-by.clarium.io/pixel?tag=wt_OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA==&v=5&s=abfa2d5b4217509c1b5b33a662a4941ff5c97bf3&id=eyJhc3QiOnsiYXN0X3MiOjAsImFzdF9jIjowLCJhc3RfYiI6MCwicyI6ImphY1Bvc2l0aW9uX2Jhbm5lcjFfaG9tZXBhZ18wIn0sInRwX2NyaWQiOiJWWjowO3Bhc3NiYWNrOyAtLT4iLCJvIjoidm0ifQ%3D%3D&sb=undefined&cb=4270651&h=www.msn.com Requested by Host: www.msn.com URL: https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.158.12.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-12-68.eu-central-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 19 Aug 2021 04:16:46 GMT Server nginx/1.14.0 (Ubuntu) Content-Type image/png Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Length 68 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	loader.js Show response assets.msn.com/staticsb/statics/latest/samsweeper/ Frame C71B	2 KB 2 KB	38ms 19ms	Script application/javascript	2.16.186.170 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201 Requested by Host: confiant.msn.com URL: https://confiant.msn.com/?wrapper=8wUBVe8wmBTtU5IL4Akcv7tZSp0&tpid=OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9IZFZRbFpsT0hkdFFsUjBWVFZKVERSQmEyTjJOM1JhVTNBd0wzWnRPakI0TUE9PSIsIndkIjp7Im8iOiJ2bSIsInciOjAsImgiOjB9LCJ3ciI6Mn0= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-170.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash b0461211f1a898af3e392c03e87f79557be72677891099fd72b6300947ecf620 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 19 Aug 2021 04:16:46 GMT content-encoding gzip nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25} content-md5 pLUHk/oJyNBgGYWe8lAhWA== server-timing 11 content-length 967 x-ms-lease-status unlocked last-modified Fri, 13 Aug 2021 22:41:07 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D95EAB70C5FA71 vary Origin report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} content-type application/javascript access-control-allow-origin * x-ms-request-id 7e38d16f-c01e-003c-25dd-915cc1000000 cache-control public, max-age=86400 akamai-server-ip 2.16.186.166 x-ms-version 2009-09-19 akamai-request-id eba15af
GET H/1.1	200 OK	pixels Show response service.idsync.analytics.yahoo.com/sp/v0/ Frame C71B	19 B 305 B	20ms 19ms	Script application/javascript	3.126.56.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,58294,55953,58292,58160,55829,55859,55986,57926,55965,55939,56554&referrer=&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent= Requested by Host: confiant.msn.com URL: https://confiant.msn.com/?wrapper=8wUBVe8wmBTtU5IL4Akcv7tZSp0&tpid=OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9IZFZRbFpsT0hkdFFsUjBWVFZKVERSQmEyTjJOM1JhVTNBd0wzWnRPakI0TUE9PSIsIndkIjp7Im8iOiJ2bSIsInciOjAsImgiOjB9LCJ3ciI6Mn0= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-56-137.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.138 / Resource Hash c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 19 Aug 2021 04:16:46 GMT Server ATS/7.1.2.138 Age 0 Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Type application/javascript Cache-Control no-cache Transfer-Encoding chunked Connection keep-alive
GET H2	200	adEvent.do prod-m-node-3113.ssp.yahoo.com/admax/ Frame C71B	43 B 176 B	23ms 15ms	Image image/gif	18.196.95.65 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770909769&dcn=8a96958b0170705f256f79e3fb790025&posi=987177&grp=%3F%3F%3F&nl=1629346606634&rts=1629346606511&pix=1&et=1&a=d4aaaa23036e4471a4313425b26f1fa6&m=aXAtMTAtMjItMTIyLTg0&b=MTMwNzE7U0FNIFBhc3NiYWNrOz8_Pzs7OztjYmRjMzVjMTYxMzM0MjcxYjBhYzFlZjBlNTRlODdjZDszMTU1OTk1NDsxNjI5MzQzODAwOzswOzswOw..&uid=3jjotl9ghrmpe%26b%3D3%26s%3Dqj&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxNw..&xoi=MHxERVU.&af=7&dety=5 Requested by Host: confiant.msn.com URL: https://confiant.msn.com/?wrapper=8wUBVe8wmBTtU5IL4Akcv7tZSp0&tpid=OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9IZFZRbFpsT0hkdFFsUjBWVFZKVERSQmEyTjJOM1JhVTNBd0wzWnRPakI0TUE9PSIsIndkIjp7Im8iOiJ2bSIsInciOjAsImgiOjB9LCJ3ciI6Mn0= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.196.95.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-95-65.eu-central-1.compute.amazonaws.com Software nginx/1.20.1 / Resource Hash f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT last-modified Tue, 17 Aug 2021 06:40:00 GMT server nginx/1.20.1 accept-ranges bytes content-length 43 content-type image/gif
GET H2	200	talon-1.0.31.js Show response s.yimg.com/ix/ Frame C71B	57 KB 57 KB	8ms 7ms	Script application/javascript	2a00:1288:80:800::7000 YAHOO-DEB
General Check archive.org Show headers Download Go to Full URL https://s.yimg.com/ix/talon-1.0.31.js Requested by Host: confiant.msn.com URL: https://confiant.msn.com/?wrapper=8wUBVe8wmBTtU5IL4Akcv7tZSp0&tpid=OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA%3D%3D&v=v2lgcycid&d=eyJ3aCI6Ik9IZFZRbFpsT0hkdFFsUjBWVFZKVERSQmEyTjJOM1JhVTNBd0wzWnRPakI0TUE9PSIsIndkIjp7Im8iOiJ2bSIsInciOjAsImgiOjB9LCJ3ciI6Mn0= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB), Reverse DNS Software ATS / Resource Hash daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac Security Headers Name Value Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:14:33 GMT x-content-type-options nosniff age 134 x-amz-server-side-encryption AES256 content-length 58593 x-amz-id-2 9VD+PZeuiyC/hGZl22qyZ13H5Ozp4xyoJ2PZtGQmZJWqD1HiBnec91IeNPE8vmI4mO8PC+RSgHk= referrer-policy no-referrer-when-downgrade last-modified Wed, 28 Apr 2021 14:46:34 GMT server ATS etag "0bcb4d45cc7ee871c6d48b07af3e2b3d" expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=15552000 x-amz-request-id TVD93SCZKHSGYVVY x-xss-protection 1; mode=block cache-control public,max-age=14400 accept-ranges bytes content-type application/javascript; charset=utf-8
GET H/1.1	200 OK	pixel protected-by.clarium.io/ Frame C71B	68 B 345 B	56ms 17ms	Image image/png	35.158.12.68 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://protected-by.clarium.io/pixel?tag=wt_OHdVQlZlOHdtQlR0VTVJTDRBa2N2N3RaU3AwL3ZtOjB4MA==&v=5&s=abfa2d5b4217509c1b5b33a662a4941ff5c97bf3&id=eyJhc3QiOnsiYXN0X3MiOjAsImFzdF9jIjowLCJhc3RfYiI6MCwicyI6ImphY1Bvc2l0aW9uX3JlY3RhbmdsZTFfaG9tZV8xIn0sInRwX2NyaWQiOiJWWjowO3Bhc3NiYWNrOyAtLT4iLCJvIjoidm0ifQ%3D%3D&sb=undefined&cb=5895767&h=www.msn.com Requested by Host: www.msn.com URL: https://www.msn.com/en-us/weather/places?ru=%2Fen-us%2Fweather%2Ftoday Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.158.12.68 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-12-68.eu-central-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 19 Aug 2021 04:16:46 GMT Server nginx/1.14.0 (Ubuntu) Content-Type image/png Cache-Control no-store, no-cache, must-revalidate, max-age=0 Connection keep-alive Content-Length 68 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	v0.2.js Show response assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 3391	3 KB 2 KB	67ms 19ms	Script application/javascript	2.16.186.170 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.2.js?t=18858178 Requested by Host: assets.msn.com URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-170.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 51efec8a28873f9bcbc470285e8c44721aedd8ba6a3bbb0a7137f15a8fcfa61f Request headers Origin https://www.msn.com Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 19 Aug 2021 04:16:46 GMT content-encoding gzip nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25} content-md5 BwhJIdV9OTCo4hrLZ2FETg== server-timing 12 content-length 1538 x-ms-lease-status unlocked last-modified Fri, 13 Aug 2021 22:41:05 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D95EAB6FD6AC40 vary Origin report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} content-type application/javascript access-control-allow-origin https://www.msn.com x-ms-request-id ad88e8f3-101e-0037-12dc-91888e000000 cache-control public, max-age=86400 akamai-server-ip 2.16.186.166 x-ms-version 2009-09-19 access-control-allow-credentials true timing-allow-origin * akamai-request-id eba1644
GET H2	200	v0.2.js Show response assets.msn.com/staticsb/statics/latest/samsweeper/ Frame C71B	3 KB 2 KB	68ms 19ms	Script application/javascript	2.16.186.170 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.2.js?t=18858178 Requested by Host: assets.msn.com URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-170.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 51efec8a28873f9bcbc470285e8c44721aedd8ba6a3bbb0a7137f15a8fcfa61f Request headers Origin https://www.msn.com Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 19 Aug 2021 04:16:46 GMT content-encoding gzip nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25} content-md5 BwhJIdV9OTCo4hrLZ2FETg== server-timing 12 content-length 1538 x-ms-lease-status unlocked last-modified Fri, 13 Aug 2021 22:41:05 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D95EAB6FD6AC40 vary Origin report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} content-type application/javascript access-control-allow-origin https://www.msn.com x-ms-request-id ad88e8f3-101e-0037-12dc-91888e000000 cache-control public, max-age=86400 akamai-server-ip 2.16.186.166 x-ms-version 2009-09-19 access-control-allow-credentials true timing-allow-origin * akamai-request-id eba1646
GET H2	200	banner.css assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 3391	2 KB 1 KB	18ms 18ms	Stylesheet text/css	2.16.186.170 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.msn.com/staticsb/statics/latest/samsweeper/banner.css?v=18858178 Requested by Host: assets.msn.com URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.2.js?t=18858178 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-170.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 31ecfd013943113cfebc7f959042f706314147c6c7ab183c146d931161ddf451 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 19 Aug 2021 04:16:46 GMT content-encoding gzip nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25} content-md5 wcNFLNkFQo4gf3eg7k5g0g== server-timing 11 content-length 665 x-ms-lease-status unlocked last-modified Fri, 13 Aug 2021 22:41:06 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D95EAB703FE4DA vary Origin report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} content-type text/css access-control-allow-origin * x-ms-request-id 1da2effc-501e-0035-10ca-9185e3000000 cache-control public, max-age=86400 akamai-server-ip 2.16.186.166 x-ms-version 2009-09-19 akamai-request-id eba1671
GET H2	200	rectangle.css assets.msn.com/staticsb/statics/latest/samsweeper/ Frame C71B	1 KB 1 KB	19ms 18ms	Stylesheet text/css	2.16.186.170 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://assets.msn.com/staticsb/statics/latest/samsweeper/rectangle.css?v=18858178 Requested by Host: assets.msn.com URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.2.js?t=18858178 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-170.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 02dab2d35f6317a3fcdb46a41e70a74eddb6784ff23986601f173d6d033d1be3 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Thu, 19 Aug 2021 04:16:46 GMT content-encoding gzip nel {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25} content-md5 3sPABzl1SEN+32ZJ8N3DgA== server-timing 11 content-length 509 x-ms-lease-status unlocked last-modified Fri, 13 Aug 2021 22:41:05 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D95EAB6FD6FA70 vary Origin report-to {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} content-type text/css access-control-allow-origin * x-ms-request-id c3d12de2-901e-0015-6193-91fbb2000000 cache-control public, max-age=86400 akamai-server-ip 2.16.186.166 x-ms-version 2009-09-19 akamai-request-id eba1674
GET H/1.1	200 OK	async_usersync.html Show response acdn.adnxs.com/dmp/ Frame 2EE3 Redirect Chain https://ib.adnxs.com/async_usersync_file https://acdn.adnxs.com/dmp/async_usersync.html	52 KB 17 KB	309ms 20ms	Document text/html	2.18.232.130 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://acdn.adnxs.com/dmp/async_usersync.html Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-232-130.deploy.static.akamaitechnologies.com Software nginx/1.13.10 / Resource Hash 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd Request headers Host acdn.adnxs.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.msn.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.msn.com/ Response headers Last-Modified Wed, 02 Dec 2020 20:56:47 GMT ETag "5fc7ff8f-cf34" Server nginx/1.13.10 Access-Control-Allow-Origin * Content-Type text/html Content-Encoding gzip Content-Length 17053 Cache-Control max-age=86402 Expires Fri, 20 Aug 2021 04:16:49 GMT Date Thu, 19 Aug 2021 04:16:47 GMT Connection keep-alive Vary Accept-Encoding Redirect headers Server nginx/1.17.9 Date Thu, 19 Aug 2021 04:16:46 GMT Content-Type text/html; charset=utf-8 Content-Length 0 Connection keep-alive Cache-Control no-store, no-cache, private Pragma no-cache Expires Sat, 15 Nov 2008 16:00:00 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" X-XSS-Protection 0 Location https://acdn.adnxs.com/dmp/async_usersync.html AN-X-Request-Uuid 840a8a77-9df4-439b-b28f-f6b72cddf435 X-Proxy-Origin 89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
GET H2	200	v1 match.sharethrough.com/sync/	68 B 263 B	60ms 14ms	Image image/png	35.158.176.66 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?supply_id=FPB1dLHF&supply_user_id=null Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.158.176.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-176-66.eu-central-1.compute.amazonaws.com Software / Resource Hash 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:46 GMT content-length 68 content-type image/png
GET H2	200	sync visitor.omnitagjs.com/visitor/	49 B 235 B	67ms 22ms	Image image/gif	185.255.84.152 IGUANE-
General Check archive.org Show headers Download Go to Show image Full URL https://visitor.omnitagjs.com/visitor/sync?uid=9871605be8d4b2a982914bf5c9348e7b&name=MSN&visitor=null&external=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.255.84.152 Villeneuve-le-Roi, France, ASN200271 (IGUANE-, FR), Reverse DNS Software ayl-lb-fra02 / Resource Hash d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:46 GMT x-content-type-options nosniff server ayl-lb-fra02 vary Accept-Encoding content-type image/gif cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 1 content-length 49 expires 0
POST H/1.1	200 OK	v1 web.vortex.data.msn.com/collect/	0 0	113ms 28ms	Ping application/json	40.77.226.250 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://www.msn.com Access-Control-Allow-Headers Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials Access-Control-Allow-Credentials true
POST H/1.1	200 OK	v1 web.vortex.data.msn.com/collect/	0 0	118ms 29ms	Ping application/json	40.77.226.250 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false Requested by Host: static-entertainment-neu-s-msn-com.akamaized.net URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/weather/_sc/js/d7cb56b9-e108f033/direction=ltr.locales=en-us.themes=blue.dpi=resolution1x/4c-9af730-94c33249/b6-1cb2fa-dc19049b/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/de-e0bb84-f9c98504/64-53291c-68ddb2ab?ver=20210817_23350340&fdhead=msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2&csopd=20201002173707&csopdb=20210716192506 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://www.msn.com Access-Control-Allow-Headers Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials Access-Control-Allow-Credentials true
OPTIONS H2	200	auction srtb.msn.com/ Frame	0 0	300ms 32ms	Preflight	204.79.197.203 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://srtb.msn.com/auction Protocol H2 Server 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0003.a-msedge.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-ms-flightid Origin https://www.msn.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers vary Origin access-control-allow-origin https://www.msn.com access-control-allow-credentials true access-control-allow-headers content-type,x-ms-flightid access-control-max-age 21600 x-cache CONFIG_NOCACHE x-msedge-ref Ref A: CEA24D3322CA4699835A4DD0BA1D9A4C Ref B: FRAEDGE1207 Ref C: 2021-08-19T04:16:47Z date Thu, 19 Aug 2021 04:16:47 GMT content-length 0
POST H2	200	auction Show response srtb.msn.com/	10 KB 3 KB	211ms 211ms	XHR text/html	204.79.197.203 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://srtb.msn.com/auction Requested by Host: static-global-s-msn-com.akamaized.net URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0003.a-msedge.net Software / Resource Hash 3fbc928426737b475ac84b2c862cbfe6f597007bc7f60701308da6d8d84c4933 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept text/html, */*; q=0.01 Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 x-ms-flightId msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2 Content-Type application/json Response headers date Thu, 19 Aug 2021 04:16:46 GMT content-encoding gzip x-content-type-options nosniff x-msedge-ref Ref A: 2F7285D4369B44179CDA607851AF08D9 Ref B: FRAEDGE1512 Ref C: 2021-08-19T04:16:47Z vary Origin,Accept-Encoding x-cache CONFIG_NOCACHE content-type text/html; charset=utf-8 access-control-allow-origin https://www.msn.com access-control-allow-credentials true
POST H2	200	auction Show response srtb.msn.com/	6 KB 2 KB	220ms 219ms	XHR text/html	204.79.197.203 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://srtb.msn.com/auction Requested by Host: static-global-s-msn-com.akamaized.net URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0003.a-msedge.net Software / Resource Hash 71c19a728005774d3d692009d54c3d71c8d979f3ae38fbef0460c5a7a26d3933 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept text/html, */*; q=0.01 Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 x-ms-flightId msnallexpusers,muidflt9cf,muidflt260cf,muidflt298cf,muidflt312cf,muidflt313cf,bingcollabedge3cf,jacdeconfiant,bingcollabhp3cf,modhitappc,moneyhz1cf,gallery1cf,gallery2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,prg-1sw-newschvn,prg-1sw-newschev,prg-1sw-thmbts,prg-1sw-2utpst,prg-1sw-wpo2,prg-adspeek,btrecrow1,1s-winauthservice,prg-1sw-nomultipyg,prg-mwtchnl1,prg-1sw-api1c,prg-wpo-olypc,prg-wpo-hpolypc,prg-1sw-flyt-htpc,prg-1sw-halfwec,prg-wea-hourv2 Content-Type application/json Response headers date Thu, 19 Aug 2021 04:16:46 GMT content-encoding gzip x-content-type-options nosniff x-msedge-ref Ref A: 4440EAE5D9B7418D9C772F921FA11502 Ref B: FRAEDGE1512 Ref C: 2021-08-19T04:16:47Z vary Origin,Accept-Encoding x-cache CONFIG_NOCACHE content-type text/html; charset=utf-8 access-control-allow-origin https://www.msn.com access-control-allow-credentials true
OPTIONS H2	200	auction srtb.msn.com/ Frame	0 0	299ms 32ms	Preflight	204.79.197.203 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://srtb.msn.com/auction Protocol H2 Server 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0003.a-msedge.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type,x-ms-flightid Origin https://www.msn.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers vary Origin access-control-allow-origin https://www.msn.com access-control-allow-credentials true access-control-allow-headers content-type,x-ms-flightid access-control-max-age 21600 x-cache CONFIG_NOCACHE x-msedge-ref Ref A: 9A4247C7E1914437B0368AD91FEA28F8 Ref B: FRAEDGE1207 Ref C: 2021-08-19T04:16:47Z date Thu, 19 Aug 2021 04:16:47 GMT content-length 0
GET H/1.1	200 OK	bounce Show response ib.adnxs.com/ Frame 2EE3 Redirect Chain https://ib.adnxs.com/async_usersync?cbfn=queuePixels https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels	0 803 B	14ms 13ms	Script text/html	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 19 Aug 2021 04:16:47 GMT X-Proxy-Origin 89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid 9731ba9d-0a28-45be-9aa8-ff99f7949def Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Thu, 19 Aug 2021 04:16:47 GMT X-Proxy-Origin 89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid ffe46d23-93c2-4b7f-a7e8-3cce669f5ca9 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F3a04a2922b56725e8e458b3a901e6f95.jpg img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame 3391	6 KB 7 KB	31ms 7ms	Image image/webp	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F3a04a2922b56725e8e458b3a901e6f95.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f7426dee425be0e7764723737fd22e4748d82ab016282cded49d2f855e9467b7 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 1 date Thu, 19 Aug 2021 04:16:47 GMT via 1.1 varnish, 1.1 varnish age 1367862 edge-cache-tag 429039537155964009509079240050478971818,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70 status 200 OK x-ratelimit-remaining 100 x-envoy-upstream-service-time 468 x-cache MISS, MISS, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F3a04a2922b56725e8e458b3a901e6f95.jpg content-length 5898 x-request-id d386132697de73b42b67fc107fa68a1c x-backend-name US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104 last-modified Tue, 03 Aug 2021 07:38:05 GMT server nginx x-timer S1629346608.601110,VS0,VE1 etag "03293d807f642a35991aaec2aac13ce4" x-served-by cache-wdc5535-WDC, cache-dca17753-DCA, cache-hhn4041-HHN vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 0, 1
GET H2	200	http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F399d4c22f5cc939e61508b1fc4a1bb9b.png img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame 3391	6 KB 7 KB	35ms 12ms	Image image/webp	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F399d4c22f5cc939e61508b1fc4a1bb9b.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash c65f4c71d2149e2c982bdcb8c21620ba1d79d36e705cb9647824d652c904a801 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 1 date Thu, 19 Aug 2021 04:16:47 GMT via 1.1 varnish, 1.1 varnish age 2048054 edge-cache-tag 356626382551800574663632801374650943334,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70 x-ratelimit-remaining 99 x-envoy-upstream-service-time 103 expiration expiry-date="Mon, 26 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache MISS, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F399d4c22f5cc939e61508b1fc4a1bb9b.png content-length 6522 x-backend-name US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106 last-modified Fri, 25 Jun 2021 05:27:09 GMT server nginx x-timer S1629346608.601232,VS0,VE1 etag "36943d2f5fa7b9f8c39a33c4d096dd18" x-served-by cache-wdc5548-WDC, cache-dca17781-DCA, cache-hhn4041-HHN vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 1, 1
GET H2	204	recommendations.notify-available api.taboola.com/2.0/json/msn-msn-home/ Frame 3391	0 56 B	19ms 16ms	Image image/gif	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://api.taboola.com/2.0/json/msn-msn-home/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__91e531e16a3c5b81037b9e49381a80b7__273279cd0a11326519919632ec97d101__%7E%7EV1%7E%7E1438485718142689884%7E%7E5DvKkai8zV4VEeRT_mtjdcmrnyjwLNpWpf49Vs0o1kcndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5TLGm2S1n_q8Ek7ecpOA_vCeAiN6AWnfEXjE3-Ny0U2NGIhtP5EpJZWEiIzKUBIL6KhbZIzoWvNA-q72vol5DTsCWrmcdwkZyWIISdiXNNCK1bRdWwF-LL0jq9xtEg2_2%2C%7E%7EV1%7E%7E7315684564229090770%7E%7EXsq2Rd0SzD12ZVCbr49s7qsujS2AtLqQ-LX5wkUf88XTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQcxbWIQsIfLiN4jwcY4Vs8ne6mmLajpkLaGBhjnpe6-6yJfTTM0cKAvviyImmTsUdj9xYDbupJOXV0RcRYpdyZMGRMufjoofk89ISOEpZXctc0lwhBrWaw9bM5-dyCGU5Q__text%2Ctext&response.session=v2_db24e6f159dab811f6e802b027b53945_9a7cc888-1e35-4c25-b3d8-65e8a9238278-tuct81760af_1629346607_1629346607_CIi3jgYQy9c-GKPan6G04M-RsQEgASgBMDg4m-MJQISKEEiwhtgDUKPsEFgAYABosa_ptcr9986tAXAA&view.external-id=9d80a75714e74f7bbb159f5536538334 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 9 pragma no-cache date Thu, 19 Aug 2021 04:16:47 GMT via 1.1 varnish server nginx x-timer S1629346608.581340,VS0,VE9 x-served-by cache-fra19128-FRA x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * cache-control no-cache access-control-allow-credentials true accept-ranges bytes content-type image/gif x-cache-hits 0
GET H2	204	served srtb.msn.com/notify/ Frame 3391	0 110 B	32ms 31ms	Image image/gif	204.79.197.203 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://srtb.msn.com/notify/served?rid=9d80a75714e74f7bbb159f5536538334&r=swbanner&i=1&p=HP&l=en-us&d=taboola&b=chrome&a=38aafdf7-8826-4164-87a8-502e15ce0da9&ii=1&c=12606242236878852535;13077424601549409194 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0003.a-msedge.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:46 GMT x-content-type-options nosniff x-msedge-ref Ref A: 9346B39C53504FF19CE0C09A6B5D3737 Ref B: FRAEDGE1512 Ref C: 2021-08-19T04:16:47Z x-cache CONFIG_NOCACHE content-type image/gif cache-control no-cache expires -1
GET H2	204	recommendations.notify-visible api.taboola.com/2.0/json/msn-msn-home/ Frame 3391	0 269 B	18ms 16ms	Image image/gif	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://api.taboola.com/2.0/json/msn-msn-home/recommendations.notify-visible?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__91e531e16a3c5b81037b9e49381a80b7__273279cd0a11326519919632ec97d101__%7E%7EV1%7E%7E1438485718142689884%7E%7E5DvKkai8zV4VEeRT_mtjdcmrnyjwLNpWpf49Vs0o1kcndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5TLGm2S1n_q8Ek7ecpOA_vCeAiN6AWnfEXjE3-Ny0U2NGIhtP5EpJZWEiIzKUBIL6KhbZIzoWvNA-q72vol5DTsCWrmcdwkZyWIISdiXNNCK1bRdWwF-LL0jq9xtEg2_2%2C%7E%7EV1%7E%7E7315684564229090770%7E%7EXsq2Rd0SzD12ZVCbr49s7qsujS2AtLqQ-LX5wkUf88XTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQcxbWIQsIfLiN4jwcY4Vs8ne6mmLajpkLaGBhjnpe6-6yJfTTM0cKAvviyImmTsUdj9xYDbupJOXV0RcRYpdyZMGRMufjoofk89ISOEpZXctc0lwhBrWaw9bM5-dyCGU5Q__text%2Ctext&response.session=v2_db24e6f159dab811f6e802b027b53945_9a7cc888-1e35-4c25-b3d8-65e8a9238278-tuct81760af_1629346607_1629346607_CIi3jgYQy9c-GKPan6G04M-RsQEgASgBMDg4m-MJQISKEEiwhtgDUKPsEFgAYABosa_ptcr9986tAXAA&view.external-id=9d80a75714e74f7bbb159f5536538334&ppb=CIQE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 9 pragma no-cache date Thu, 19 Aug 2021 04:16:47 GMT via 1.1 varnish server nginx x-timer S1629346608.581345,VS0,VE9 x-served-by cache-fra19128-FRA x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * cache-control no-cache access-control-allow-credentials true accept-ranges bytes content-type image/gif x-cache-hits 0
GET H2	204	viewed srtb.msn.com/notify/ Frame 3391	0 108 B	32ms 31ms	Image image/gif	204.79.197.203 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://srtb.msn.com/notify/viewed?rid=9d80a75714e74f7bbb159f5536538334&r=swbanner&i=1&p=HP&l=en-us&d=taboola&b=chrome&a=38aafdf7-8826-4164-87a8-502e15ce0da9&ii=1&c=12606242236878852535;13077424601549409194 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0003.a-msedge.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:46 GMT x-content-type-options nosniff x-msedge-ref Ref A: A91557B1F02645519DCC91F9DDF003D8 Ref B: FRAEDGE1512 Ref C: 2021-08-19T04:16:47Z x-cache CONFIG_NOCACHE content-type image/gif cache-control no-cache expires -1
GET H2	200	https%3A%2F%2Fconsole.brax-cdn.com%2Fcreatives%2Fb9476698-227d-4478-b354-042472d9181c%2Ffe5ed8d8-2b52-48e4-975f-e18ff0ab58fe_1000x600_fd79db2610db091d9a8da3e17eed535e.png img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame C71B	8 KB 9 KB	26ms 8ms	Image image/webp	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A%2F%2Fconsole.brax-cdn.com%2Fcreatives%2Fb9476698-227d-4478-b354-042472d9181c%2Ffe5ed8d8-2b52-48e4-975f-e18ff0ab58fe_1000x600_fd79db2610db091d9a8da3e17eed535e.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f12ae60770a19b9983623a59ef8ff38fee4667b45866c97bdb9719e197118553 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 1 date Thu, 19 Aug 2021 04:16:47 GMT via 1.1 varnish, 1.1 varnish age 568067 edge-cache-tag 441632973708694138935722924259989978027,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70 x-ratelimit-remaining 100 x-envoy-upstream-service-time 105 expiration expiry-date="Sun, 12 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days" x-cache MISS, HIT, HIT x-debug /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A%2F%2Fconsole.brax-cdn.com%2Fcreatives%2Fb9476698-227d-4478-b354-042472d9181c%2Ffe5ed8d8-2b52-48e4-975f-e18ff0ab58fe_1000x600_fd79db2610db091d9a8da3e17eed535e.png content-length 8212 x-backend-name CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802 last-modified Thu, 12 Aug 2021 14:11:50 GMT server nginx x-timer S1629346608.601221,VS0,VE1 etag "1bbf1ab99d28a9fde1a30ee187ff55fe" x-served-by cache-wdc5541-WDC, cache-dca17748-DCA, cache-hhn4041-HHN vary ImageFormat content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-ratelimit-reset 1 x-ratelimit-limit 101 accept-ranges bytes timing-allow-origin * access-control-allow-headers X-Requested-With x-cache-hits 0, 1, 1
GET H2	204	recommendations.notify-available api.taboola.com/2.0/json/msn-msn-home/ Frame C71B	0 55 B	17ms 16ms	Image image/gif	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://api.taboola.com/2.0/json/msn-msn-home/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__91e531e16a3c5b81037b9e49381a80b7__8f9bf74a36ba178117c0409ad08c687a__%7E%7EV1%7E%7E-1462373552493592715%7E%7EtgOg0aGWy_GrpNdmJKDdM2YbAQDF6Qf_NFltOC1Hs-HTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQY9WIqkdVOivc4Sktvp3AKQEWb5sPEMTwAEDT2sryHwmz1FmFQMClnRQdbDXXAnuV0LLuxL37-wWr2XKwFjYkzYwnAHHhfly7HxX-yDR84I_lAE5UUHm1OkYCxg9zrf9gw__text&response.session=v2_1c8b6e9c809078118d9d834004e71f97_b0e3d50c-2e7a-460c-a2ff-40e460108940-tuct81760af_1629346607_1629346607_CIi3jgYQy9c-GKPan6G04M-RsQEgASgBMDg4m-MJQISKEEiwhtgDUKPsEFgAYABosa_ptcr9986tAXAA&view.external-id=9d80a75714e74f7bbb159f5536538334 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 9 pragma no-cache date Thu, 19 Aug 2021 04:16:47 GMT via 1.1 varnish server nginx x-timer S1629346608.584402,VS0,VE9 x-served-by cache-fra19128-FRA x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * cache-control no-cache access-control-allow-credentials true accept-ranges bytes content-type image/gif x-cache-hits 0
GET H2	204	served srtb.msn.com/notify/ Frame C71B	0 98 B	31ms 30ms	Image image/gif	204.79.197.203 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://srtb.msn.com/notify/served?rid=9d80a75714e74f7bbb159f5536538334&r=swrect&i=1&p=HP&l=en-us&d=taboola&b=chrome&a=f07c18ad-11ea-4dad-96f1-6acff5db047a&ii=1&c=2707891082709756109 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0003.a-msedge.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:46 GMT x-content-type-options nosniff x-msedge-ref Ref A: 5DE7CC83FF2B47F28421D739C1B51B99 Ref B: FRAEDGE1512 Ref C: 2021-08-19T04:16:47Z x-cache CONFIG_NOCACHE content-type image/gif cache-control no-cache expires -1
GET H2	204	recommendations.notify-visible api.taboola.com/2.0/json/msn-msn-home/ Frame C71B	0 55 B	16ms 15ms	Image image/gif	151.101.13.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://api.taboola.com/2.0/json/msn-msn-home/recommendations.notify-visible?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__91e531e16a3c5b81037b9e49381a80b7__8f9bf74a36ba178117c0409ad08c687a__%7E%7EV1%7E%7E-1462373552493592715%7E%7EtgOg0aGWy_GrpNdmJKDdM2YbAQDF6Qf_NFltOC1Hs-HTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQY9WIqkdVOivc4Sktvp3AKQEWb5sPEMTwAEDT2sryHwmz1FmFQMClnRQdbDXXAnuV0LLuxL37-wWr2XKwFjYkzYwnAHHhfly7HxX-yDR84I_lAE5UUHm1OkYCxg9zrf9gw__text&response.session=v2_1c8b6e9c809078118d9d834004e71f97_b0e3d50c-2e7a-460c-a2ff-40e460108940-tuct81760af_1629346607_1629346607_CIi3jgYQy9c-GKPan6G04M-RsQEgASgBMDg4m-MJQISKEEiwhtgDUKPsEFgAYABosa_ptcr9986tAXAA&view.external-id=9d80a75714e74f7bbb159f5536538334&ppb=CM4G Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 9 pragma no-cache date Thu, 19 Aug 2021 04:16:47 GMT via 1.1 varnish server nginx x-timer S1629346608.584381,VS0,VE9 x-served-by cache-fra19128-FRA x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" access-control-allow-origin * cache-control no-cache access-control-allow-credentials true accept-ranges bytes content-type image/gif x-cache-hits 0
GET H2	204	viewed srtb.msn.com/notify/ Frame C71B	0 95 B	32ms 32ms	Image image/gif	204.79.197.203 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://srtb.msn.com/notify/viewed?rid=9d80a75714e74f7bbb159f5536538334&r=swrect&i=1&p=HP&l=en-us&d=taboola&b=chrome&a=f07c18ad-11ea-4dad-96f1-6acff5db047a&ii=1&c=2707891082709756109 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS a-0003.a-msedge.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:46 GMT x-content-type-options nosniff x-msedge-ref Ref A: AC316E27967140E18D8652BF9258FFF0 Ref B: FRAEDGE1512 Ref C: 2021-08-19T04:16:47Z x-cache CONFIG_NOCACHE content-type image/gif cache-control no-cache expires -1
GET H2	200	313CA79D12F8622F385AB705132A6318 pr-bh.ybp.yahoo.com/sync/msn/ Redirect Chain https://c.bing.com/c.gif?Red3=MSOATH_pd https://pr-bh.ybp.yahoo.com/sync/msn/313CA79D12F8622F385AB705132A6318	43 B 716 B	34ms 34ms	Image image/gif	2a00:1288:110:c305::8000 YAHOO-IRD
General Check archive.org Show headers Download Go to Show image Full URL https://pr-bh.ybp.yahoo.com/sync/msn/313CA79D12F8622F385AB705132A6318 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB), Reverse DNS Software ATS / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:47 GMT referrer-policy strict-origin-when-cross-origin server ATS age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" strict-transport-security max-age=31536000 content-type image/gif x-xss-protection 1; mode=block content-length 43 x-content-type-options nosniff expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Thu, 19 Aug 2021 04:16:47 GMT x-msedge-ref Ref A: EFB6F290C304460190F1918C87314CDD Ref B: FRAEDGE1319 Ref C: 2021-08-19T04:16:47Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://pr-bh.ybp.yahoo.com/sync/msn/313CA79D12F8622F385AB705132A6318 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H2	200	cksync.php hbx.media.net/	45 B 371 B	89ms 34ms	Image image/gif	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hbx.media.net/cksync.php?type=nms&cs=3&ovsid=null Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=604800 server Apache date Thu, 19 Aug 2021 04:16:48 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Thu, 19 Aug 2021 04:16:48 GMT
GET H3-29	200	m cm.mgid.com/ Redirect Chain https://cm.mgid.com/m?cdsp=516415&c=&mode=inverse https://x.bidswitch.net/sync?ssp=mgid https://x.bidswitch.net/ul_cb/sync?ssp=mgid https://cm.mgid.com/m?cdsp=433145&c=8cb8f96b-fbf4-4d1b-88e1-82927b51cb80&gdpr=&gdpr_consent=&us_privacy=	43 B 558 B	101ms 79ms	Image image/gif	104.19.136.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=433145&c=8cb8f96b-fbf4-4d1b-88e1-82927b51cb80&gdpr=&gdpr_consent=&us_privacy= Protocol H3-29 Security QUIC, , AES_128_GCM Server 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://www.msn.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Thu, 19 Aug 2021 04:16:48 GMT cf-cache-status DYNAMIC x-mg-request-uuid 8de693d9-f341-4a4f-850b-efcd40c1361c expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" content-type image/gif cache-control max-age=0, no-store, no-cache, must-revalidate access-control-allow-credentials true cf-ray 6810918d2c7032b2-CDG alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 server cloudflare Redirect headers location //cm.mgid.com/m?cdsp=433145&c=8cb8f96b-fbf4-4d1b-88e1-82927b51cb80&gdpr=&gdpr_consent=&us_privacy= date Thu, 19 Aug 2021 04:16:48 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H/1.1	200 OK	async_usersync Show response ib.adnxs.com/ Frame 2EE3	0 731 B	15ms 14ms	Script text/html	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/async_usersync?cbfn=queuePixels Requested by Host: acdn.adnxs.com URL: https://acdn.adnxs.com/dmp/async_usersync.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://acdn.adnxs.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Thu, 19 Aug 2021 04:16:48 GMT X-Proxy-Origin 89.249.64.171; 89.249.64.171; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com AN-X-Request-Uuid cff9b14f-54e7-4fc1-92e7-3494e5d86237 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	like.php Show response www.facebook.com/plugins/ Frame 6172	0 1 KB	46ms 32ms	Document text/html	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?locale=en_US&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&send=false&layout=button_count&width=450&show_faces=false&font&colorscheme=light&action=like&height=21 Requested by Host: static-global-s-msn-com.akamaized.net URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /plugins/like.php?locale=en_US&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&send=false&layout=button_count&width=450&show_faces=false&font&colorscheme=light&action=like&height=21 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.msn.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.msn.com/ Response headers content-type text/html;charset=utf-8 pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/; content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"} cross-origin-embedder-policy-report-only require-corp;report-to="coop_report" cross-origin-opener-policy same-origin-allow-popups x-content-type-options nosniff x-xss-protection 0 x-fb-debug 9zHSLheErkLmhhkW5PTfCSy+kEKF067DeGcrVtcs6+pcIzCvOrNTPTQhPOfT7JVvySB6pDMPR5p4nmo30QWxLw== content-length 0 date Thu, 19 Aug 2021 04:16:55 GMT alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
GET H/1.1	200 OK	follow_button.html Show response platform.twitter.com/widgets/ Frame 1440	62 KB 21 KB	6ms 6ms	Document text/html	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/follow_button.html?show_screen_name=false&screen_name=msn&show_count=false&lang=en Requested by Host: static-global-s-msn-com.akamaized.net URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67A8) / Resource Hash 447c1c7d15539123c2736077dabc92784009dded1ab91d5d2815d06ec9460415 Request headers Host platform.twitter.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://www.msn.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.msn.com/ Response headers Content-Encoding gzip Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 948 Cache-Control public, max-age=1800 Content-Type text/html; charset=utf-8 Date Thu, 19 Aug 2021 04:16:55 GMT Etag "24ce82de44dad487e2ca44988fd3ee5b+gzip" Last-Modified Mon, 02 Aug 2021 20:35:12 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (frb/67A8) Vary Accept-Encoding X-Cache HIT x-tw-cdn VZ Content-Length 20678
GET DATA	200 OK	truncated / Frame 1440	822 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	jot syndication.twitter.com/i/ Frame 1440	43 B 165 B	129ms 129ms	Image image/gif	104.244.42.8 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://syndication.twitter.com/i/jot?l=%7B%22language%22%3A%22en%22%2C%22message%22%3A%22%3Anocount%3A%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.msn.com%2F%22%2C%22widget_frame%22%3A%7B%22ancestorOrigins%22%3A%7B%220%22%3A%22https%3A%2F%2Fwww.msn.com%22%7D%2C%22href%22%3A%22https%3A%2F%2Fplatform.twitter.com%2Fwidgets%2Ffollow_button.html%3Fshow_screen_name%3Dfalse%26screen_name%3Dmsn%26show_count%3Dfalse%26lang%3Den%22%2C%22origin%22%3A%22https%3A%2F%2Fplatform.twitter.com%22%2C%22protocol%22%3A%22https%3A%22%2C%22host%22%3A%22platform.twitter.com%22%2C%22hostname%22%3A%22platform.twitter.com%22%2C%22port%22%3A%22%22%2C%22pathname%22%3A%22%2Fwidgets%2Ffollow_button.html%22%2C%22search%22%3A%22%3Fshow_screen_name%3Dfalse%26screen_name%3Dmsn%26show_count%3Dfalse%26lang%3Den%22%2C%22hash%22%3A%22%22%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1629346615259%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%221890d59c%3A1627936082797%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets/follow_button.html?show_screen_name=false&screen_name=msn&show_count=false&lang=en Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.8 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://platform.twitter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 04:16:55 GMT content-encoding gzip x-content-type-options nosniff status 200 OK x-twitter-response-tags BouncerCompliant content-length 65 x-xss-protection 0 pragma no-cache last-modified Thu, 19 Aug 2021 04:16:55 GMT server tsa_o x-frame-options SAMEORIGIN strict-transport-security max-age=631138519 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash 959fac4c037fc949c0459076b773211abfb37e6926929bc0472f11d6da9b3b3e x-transaction 4cf3a6645f9f44f5 expires Tue, 31 Mar 1981 05:00:00 GMT