urlscan.io logo urlscan.io
SecurityTrails logo

www.msn.com Open in urlscan Pro
131.253.33.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.msn.com/en-us/news/oneriverajaxpage
Effective URL: https://www.msn.com/en-us/news/oneriverajaxpage
Submission Tags: falconsandbox
Submission: On April 19 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 8 domains to perform 18 HTTP transactions. The main IP is 131.253.33.203, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.msn.com.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on October 19th 2020. Valid for: a year.
This is the only time www.msn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 131.253.33.203 8068 (MICROSOFT...)
3 2.16.186.40 20940 (AKAMAI-ASN1)
1 2606:2800:233... 15133 (EDGECAST)
1 152.199.19.160 15133 (EDGECAST)
1 40.77.226.250 8075 (MICROSOFT...)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 152.195.51.15 15133 (EDGECAST)
1 212.82.100.182 34010 (YAHOO-IRD)
1 2.19.45.153 16625 (AKAMAI-AS)
1 1 20.190.160.75 8075 (MICROSOFT...)
1 3.126.56.137 16509 (AMAZON-02)
2 4 185.33.220.244 29990 (ASN-APPNEX)
1 104.84.56.200 16625 (AKAMAI-AS)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1288:110... 34010 (YAHOO-IRD)
18 13
4    131.253.33.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.dc-msedge.net
www.msn.com
3    2.16.186.40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-40.deploy.static.akamaitechnologies.com
static-entertainment-neu-s-msn-com.akamaized.net
1    2606:2800:233:af6:eab:2108:1892:6d8 (United States)

ASN15133 (EDGECAST, US)
s.aolcdn.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.msn.com
1    2a02:26f0:1700:3::5f65:1b99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static-global-s-msn-com.akamaized.net
1    152.195.51.15 (United States)

ASN15133 (EDGECAST, US)
tag.idsync.analytics.yahoo.com
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    2.19.45.153 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
confiant.msn.com
1    20.190.160.75 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
service.idsync.analytics.yahoo.com
4    185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    104.84.56.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-200.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
Domain Requested by
4 ib.adnxs.com 2 redirects acdn.adnxs.com
4 www.msn.com 1 redirects www.msn.com
3 static-entertainment-neu-s-msn-com.akamaized.net www.msn.com
static-entertainment-neu-s-msn-com.akamaized.net
1 pr-bh.ybp.yahoo.com
1 c.bing.com 1 redirects
1 acdn.adnxs.com www.msn.com
1 service.idsync.analytics.yahoo.com tag.idsync.analytics.yahoo.com
1 login.live.com 1 redirects
1 confiant.msn.com www.msn.com
1 cms.analytics.yahoo.com
1 tag.idsync.analytics.yahoo.com s.aolcdn.com
1 static-global-s-msn-com.akamaized.net static-entertainment-neu-s-msn-com.akamaized.net
1 web.vortex.data.msn.com www.msn.com
1 ajax.aspnetcdn.com www.msn.com
1 s.aolcdn.com www.msn.com
18 15

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
go.microsoft.com
Subject Issuer Validity Valid
*.msn.com
Microsoft RSA TLS CA 02		 2020-10-19 -
2021-10-19		 a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
o.aolcdn.com
DigiCert SHA2 Secure Server CA		 2020-04-14 -
2022-04-22		 2 years crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2020-11-16 -
2021-11-10		 a year crt.sh
web.vortex.data.msn.com
Microsoft Azure TLS Issuing CA 02		 2020-09-14 -
2021-09-09		 a year crt.sh
*.idsync.analytics.yahoo.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-04 -
2022-04-04		 a year crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-29 -
2021-06-22		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh

This page contains 4 frames:

Primary Page: https://www.msn.com/en-us/news/oneriverajaxpage
Frame ID: 6DC6536CE9D1DEC821251BB35AB817A8
Requests: 12 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Frame ID: 91FFDE18B09049AEF49DFC31860B1008
Requests: 2 HTTP requests in this frame

Frame: https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
Frame ID: 78BAF64441038550DC1EB0149E257127
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AA0242C3BFA3F988989B1D324B3C9B74
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.msn.com/en-us/news/oneriverajaxpage HTTP 302
    https://www.msn.com/en-us/news/oneriverajaxpage Page URL

Page Statistics

18
Requests

100 %
HTTPS

27 %
IPv6

8
Domains

15
Subdomains

13
IPs

5
Countries

295 kB
Transfer

658 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.msn.com/en-us/news/oneriverajaxpage HTTP 302
    https://www.msn.com/en-us/news/oneriverajaxpage Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1618842261&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2fnews%2fsecure%2fsilentpassport%3fsecure%3dtrue&lc=1033&id=1184&mkt=en-us HTTP 302
  • https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
Request Chain 13
  • https://ib.adnxs.com/async_usersync_file HTTP 302
  • https://acdn.adnxs.com/dmp/async_usersync.html
Request Chain 14
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 15
  • https://c.bing.com/c.gif?Red3=MSOATH_pd HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/msn/300BFC272BEA6AA42DFEEC392A386B31

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request oneriverajaxpage
www.msn.com/en-us/news/
Redirect Chain
  • http://www.msn.com/en-us/news/oneriverajaxpage?
  • https://www.msn.com/en-us/news/oneriverajaxpage?
40 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/news/oneriverajaxpage?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/ ASP.NET
Resource Hash
5cc85de30ef220291c2559bfafbd67e6b880a133778981fe9a75b0e3b1502fff
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.msn.com
:scheme
https
:path
/en-us/news/oneriverajaxpage?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_EDGE_S=F=1; _EDGE_V=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, no-transform
pragma
no-cache
content-type
text/html; charset=utf-8
expires
-1
vary
User-Agent
access-control-allow-origin
*
x-aspnetmvc-version
5.2
x-appversion
20210411_20139766 20210411_20139766
x-activity-id
47e32c2b-e7e2-4b1f-95fe-eb3750db14b2 47e32c2b-e7e2-4b1f-95fe-eb3750db14b2
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 53, sn: neurope-prod-entertainment, dt: 2021-04-19T05:08:50.6540157Z, bt: 2021-04-11T00:17:17.6241722Z} {did:94e2fb0a928b472cad8f07b58097c1b4, rid: 53, sn: neurope-prod-entertainment, dt: 2021-04-19T05:08:50.6540157Z, bt: 2021-04-11T00:17:17.6241722Z}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
strict-transport-security
max-age=1209600; includeSubDomains; preload
content-security-policy
default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
x-ua-compatible
IE=Edge;chrome=1 IE=Edge;chrome=1
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-powered-by
ASP.NET
access-control-allow-methods
HEAD,GET,OPTIONS
x-xss-protection
1
x-msedge-ref
Ref A: 47E32C2BE7E24B1F95FEEB3750DB14B2 Ref B: HEL01EDGE0720 Ref C: 2021-04-19T14:24:21Z
set-cookie
MUID=1B311D0FA67767731F4B0D11A7A8668F; samesite=none; path=/; secure; expires=Sat, 14-May-2022 14:24:21 GMT; domain=msn.com
date
Mon, 19 Apr 2021 14:24:20 GMT

Redirect headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Expires
-1
Location
https://www.msn.com/en-us/news/oneriverajaxpage?
Access-Control-Allow-Origin
*
X-AspNetMvc-Version
5.2
X-AppVersion
20210411_20139766 20210411_20139766
X-Activity-Id
d47ef6f7-eacf-44f1-a8a2-43925dbebf18 d47ef6f7-eacf-44f1-a8a2-43925dbebf18
X-Az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 55, sn: neurope-prod-entertainment, dt: 2021-04-19T05:08:34.7279826Z, bt: 2021-04-11T00:17:17.6241722Z} {did:94e2fb0a928b472cad8f07b58097c1b4, rid: 55, sn: neurope-prod-entertainment, dt: 2021-04-19T05:08:34.7279826Z, bt: 2021-04-11T00:17:17.6241722Z}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0} {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]} {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
X-XSS-Protection
1
X-MSEdge-Ref
Ref A: D47EF6F7EACF44F1A8A243925DBEBF18 Ref B: HEL01EDGE1012 Ref C: 2021-04-19T14:24:20Z
Set-Cookie
_EDGE_S=F=1; path=/; httponly; domain=msn.com _EDGE_V=1; path=/; httponly; expires=Sat, 14-May-2022 14:24:20 GMT; domain=msn.com MUID=2CE29CE1ADF86C5621648CFFAC276DC2; samesite=none; path=/; secure; expires=Sat, 14-May-2022 14:24:20 GMT; domain=msn.com
Date
Mon, 19 Apr 2021 14:24:20 GMT
f77b07.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/f77b07.woff2
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/oneriverajaxpage?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 14:24:21 GMT
Last-Modified
Sun, 05 Jul 2020 00:03:50 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0b7f1c25f52d61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=7082909
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24428
X-XSS-Protection
1
8b-8bf1a5-6936df58
static-entertainment-neu-s-msn-com.akamaized.net/en-us/homepage/_sc/css/d7cb56b9-571b03b/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/bc-5b3083-4661102d/d9-da131c-e9f8c494/ 		47 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/homepage/_sc/css/d7cb56b9-571b03b/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/bc-5b3083-4661102d/d9-da131c-e9f8c494/8b-8bf1a5-6936df58?ver=20210411_20139766&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt19cf,muidflt29cf,muidflt58cf,muidflt118cf,pneedge2cf,startedge1cf,platagyhp2cf,gallery1cf,onetrustpoplive,msnapp2cf,1s-bing-news,vebudumu04302020,bbh20200521msn,shophp1cf,csmoney3cf&csopdb=20210406044859
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/oneriverajaxpage?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ebeee39733541794e8df2e8449485419b64cb3a164ab3041c49a7d06f2ed8823
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 14:24:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-S2
2021-04-19T14:24:21
X-Powered-By
ASP.NET
X-Activity-Id
00000000-b78f-4190-82f7-a259142c0599
Connection
keep-alive
Vary
User-Agent,Accept-Encoding
Content-Length
9775
X-XSS-Protection
1
X-AspNetMvc-Version
5.2
Last-Modified
Mon, 19 Apr 2021 14:24:21 GMT
Server
Microsoft-IIS/8.5
X-Az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 41, sn: neurope-prod-entertainment, dt: 2021-03-31T19:58:23.9774395Z, bt: 2021-04-11T00:17:17.6241722Z}
X-FRAME-OPTIONS
SAMEORIGIN
X-S1
2021-04-19T14:24:21
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform, max-age=31536000
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
Timing-Allow-Origin
*
X-AppVersion
20210411_20139766
Expires
Tue, 19 Apr 2022 14:24:21 GMT
adswrappermsni.js
s.aolcdn.com/ads/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.aolcdn.com/ads/adswrappermsni.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/oneriverajaxpage?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:af6:eab:2108:1892:6d8 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E9E) /
Resource Hash
25ddb283ec22b121debdc489888d2a8e863aaa28d3db8a1473124c4ab7561eb5

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:24:21 GMT
content-encoding
gzip
age
75312
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-request-id
D03GRCSJ0PWDAPVG
x-amz-id-2
2JjB+hKlMJNecv4aorWqMeJh10wELhqCQCa1F3E9kxKlbDOH9Ft5gJOA853XtJ+V2RaGAvXLXOc=
x-amz-expiration
expiry-date="Wed, 01 Oct 5881631 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 22 Mar 2021 17:17:24 GMT
server
ECAcc (frc/8E9E)
etag
"d491adc6e5c1ecef2bd661e573664886+gzip"
vary
Accept-Encoding
x-amz-version-id
hE9lG5TiYZ_uvBuRP3gBNq8geMaXKbh4
cache-control
public,max-age=86400
content-length
9706
content-type
application/javascript
jquery-1.9.1.min.js
ajax.aspnetcdn.com/ajax/jquery/ 		90 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery/jquery-1.9.1.min.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/oneriverajaxpage?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ska/F758) /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.msn.com
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16461813
x-cache
HIT
content-length
41473
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:11:01 GMT
server
ECAcc (ska/F758)
etag
"d3a21accc33d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
46-736d08-68ddb2ab
www.msn.com/en-us/homepage/_sc/js/d7cb56b9-1eab39e7/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/d5-3e6c70-f4334fc0/ 		257 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/homepage/_sc/js/d7cb56b9-1eab39e7/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/d5-3e6c70-f4334fc0/46-736d08-68ddb2ab?ver=20210411_20139766&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt19cf,muidflt29cf,muidflt58cf,muidflt118cf,pneedge2cf,startedge1cf,platagyhp2cf,gallery1cf,onetrustpoplive,msnapp2cf,1s-bing-news,vebudumu04302020,bbh20200521msn,shophp1cf,csmoney3cf&csopdb=20210406044859
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/oneriverajaxpage?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/ ASP.NET
Resource Hash
4f5dc143a274fef626d62d8312697d4b8ce68fa36b266314ebe76442c4761f1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-fetch-mode
cors
origin
https://www.msn.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
script
cookie
_EDGE_S=F=1; _EDGE_V=1; MUID=1B311D0FA67767731F4B0D11A7A8668F
:path
/en-us/homepage/_sc/js/d7cb56b9-1eab39e7/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/d5-3e6c70-f4334fc0/46-736d08-68ddb2ab?ver=20210411_20139766&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt19cf,muidflt29cf,muidflt58cf,muidflt118cf,pneedge2cf,startedge1cf,platagyhp2cf,gallery1cf,onetrustpoplive,msnapp2cf,1s-bing-news,vebudumu04302020,bbh20200521msn,shophp1cf,csmoney3cf&csopdb=20210406044859
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.msn.com
referer
https://www.msn.com/en-us/news/oneriverajaxpage?
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.msn.com
Referer
https://www.msn.com/en-us/news/oneriverajaxpage?
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-s2
2021-04-13T21:10:15
x-powered-by
ASP.NET
x-activity-id
6f71731a-0e40-4aa2-8ef1-5fb14e98a7d8
vary
Accept-Encoding
x-xss-protection
1
x-aspnetmvc-version
5.2
last-modified
Tue, 13 Apr 2021 21:10:15 GMT
x-az
{did:951b20c4cd6d42d29795c846b4755d88, rid: 13, sn: neurope-prod-hp, dt: 2021-03-31T23:38:11.2508069Z, bt: 2021-04-11T00:17:17.6241722Z}
x-frame-options
SAMEORIGIN
x-s1
2021-04-13T21:10:15
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-transform, max-age=31041953
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-msedge-ref
Ref A: E98D457F46B84FFBA33832F43F9A0668 Ref B: HEL01EDGE0720 Ref C: 2021-04-19T14:24:21Z
timing-allow-origin
*
x-appversion
20210411_20139766
expires
Wed, 13 Apr 2022 21:10:15 GMT
t.gif
web.vortex.data.msn.com/collect/v1/ 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web.vortex.data.msn.com/collect/v1/t.gif?name=%27Ms.Webi.PageView%27&ver=%272.1%27&appId=%27JS%3AMSN%27&ext-app-env=%27prod%27&ext-javascript-libver=%274.0.0-beta-10%27&ext-user-localId=%27t%3A%27&*baseType=%27Ms.Content.PageView%27&*isJs=False&*isLoggedIn=False&*isManual=True&*serverImpressionGuid=%2747e32c2b-e7e2-4b1f-95fe-eb3750db14b2%27&-ver=%271.0%27&-impressionGuid=%2747e32c2b-e7e2-4b1f-95fe-eb3750db14b2%27&-pageName=%27error500page%27&-uri=%27https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Foneriverajaxpage%27&-referrerUri=%27%27&-pageTags=%27{%22rid%22%3A%2247e32c2b-e7e2-4b1f-95fe-eb3750db14b2%22%2C%22clid%22%3A%2247e32c2b-e7e2-4b1f-95fe-eb3750db14b2%22%2C%22clidType%22%3A%22activityId%22%2C%22dpt%22%3A%22%22%2C%22sdpt%22%3A%22%22%2C%22cvs%22%3A%22browser%22%2C%22subcvs%22%3A%22%22%2C%22mv%22%3A%2215%22%2C%22pg.t%22%3A%22custcol%22%2C%22pg.p%22%3A%22prime%22}%27&-behavior=0&-market=%27en-us%27
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/oneriverajaxpage?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 14:24:21 GMT
X-Content-Type-Options
nosniff
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Cache-Control
no-cache, no-store
MS-CV
7x6EWUhPlEqDaxquub1HZw.0
Content-Type
image/gif
Content-Length
43
Expires
0
Segoe-UI.woff2
static-global-s-msn-com.akamaized.net/hp-neu/_h/57566d09/webcore/fonts/SegoeUI/WestEuropean/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-global-s-msn-com.akamaized.net/hp-neu/_h/57566d09/webcore/fonts/SegoeUI/WestEuropean/Segoe-UI.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/homepage/_sc/css/d7cb56b9-571b03b/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/bc-5b3083-4661102d/d9-da131c-e9f8c494/8b-8bf1a5-6936df58?ver=20210411_20139766&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt19cf,muidflt29cf,muidflt58cf,muidflt118cf,pneedge2cf,startedge1cf,platagyhp2cf,gallery1cf,onetrustpoplive,msnapp2cf,1s-bing-news,vebudumu04302020,bbh20200521msn,shophp1cf,csmoney3cf&csopdb=20210406044859
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:1700:3::5f65:1b99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:24:21 GMT
access-control-allow-methods
HEAD,GET,OPTIONS
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-activity-id
00000000-e79e-432b-a625-643df1be2374
content-length
25760
x-xss-protection
1
x-aspnetmvc-version
5.2
last-modified
Fri, 06 Nov 2020 10:30:37 GMT
server
Microsoft-IIS/8.5
x-az
{did:951b20c4cd6d42d29795c846b4755d88, rid: 36, sn: neurope-prod-hp, dt: 2020-10-30T21:49:38.9246239Z, bt: 2020-10-26T00:14:04.6931872Z}
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=17352385
x-appversion
20201025_28329478
expires
Sat, 06 Nov 2021 10:30:46 GMT
e383e0.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/91/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/91/e383e0.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/homepage/_sc/css/d7cb56b9-571b03b/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/bc-5b3083-4661102d/d9-da131c-e9f8c494/8b-8bf1a5-6936df58?ver=20210411_20139766&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt19cf,muidflt29cf,muidflt58cf,muidflt118cf,pneedge2cf,startedge1cf,platagyhp2cf,gallery1cf,onetrustpoplive,msnapp2cf,1s-bing-news,vebudumu04302020,bbh20200521msn,shophp1cf,csmoney3cf&csopdb=20210406044859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-40.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5386e2d36f0e037aa5174c444f63538df0f7c155f2d520426ab4121233160916
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/homepage/_sc/css/d7cb56b9-571b03b/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/bc-5b3083-4661102d/d9-da131c-e9f8c494/8b-8bf1a5-6936df58?ver=20210411_20139766&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt19cf,muidflt29cf,muidflt58cf,muidflt118cf,pneedge2cf,startedge1cf,platagyhp2cf,gallery1cf,onetrustpoplive,msnapp2cf,1s-bing-news,vebudumu04302020,bbh20200521msn,shophp1cf,csmoney3cf&csopdb=20210406044859
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 14:24:21 GMT
Last-Modified
Fri, 18 Dec 2020 23:27:44 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"098e46295d5d61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=21434354
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6128
X-XSS-Protection
1
sp-frame.html
tag.idsync.analytics.yahoo.com/ Frame 91FF 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Requested by
Host: s.aolcdn.com
URL: https://s.aolcdn.com/ads/adswrappermsni.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (ska/F71C) /
Resource Hash
65aa946829133f2163ed351882e770c0e7651c8c95fac3c53aa78e02a938b7ca

Request headers

:method
GET
:authority
tag.idsync.analytics.yahoo.com
:scheme
https
:path
/sp-frame.html?referrer=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

content-encoding
gzip
age
39
content-type
text/html
date
Mon, 19 Apr 2021 14:24:22 GMT
etag
"9fad51d2a83b0a4de3eb75724ba26b2c+gzip"
last-modified
Mon, 23 Mar 2020 22:06:06 GMT
server
ECS (ska/F71C)
vary
Accept-Encoding
x-amz-id-2
+dvHEKFvRSfwrw1vCYS27colvVLF5EC9NC6yKWDrHqX0DLrWzbQ47t0mjTPnely6q9c5JG4g9io=
x-amz-request-id
STZZFCXX1ERVSSAC
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3087
cms
cms.analytics.yahoo.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=MSFT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
config.js
confiant.msn.com/jRl1DZsisNuFn8JGi3LVRod2F9U/msn/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant.msn.com/jRl1DZsisNuFn8JGi3LVRod2F9U/msn/config.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/homepage/_sc/js/d7cb56b9-1eab39e7/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/d5-3e6c70-f4334fc0/46-736d08-68ddb2ab?ver=20210411_20139766&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt19cf,muidflt29cf,muidflt58cf,muidflt118cf,pneedge2cf,startedge1cf,platagyhp2cf,gallery1cf,onetrustpoplive,msnapp2cf,1s-bing-news,vebudumu04302020,bbh20200521msn,shophp1cf,csmoney3cf&csopdb=20210406044859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2.19.45.153 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cbc4f35894ae6fd84c5d120c8b339a4645676e5854e3d9e0ea5d6c045c75a826

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 14:24:22 GMT
Content-Encoding
gzip
x-amz-request-id
EMK3P50NKE2Y0XQG
Connection
keep-alive
Content-Length
26526
x-amz-id-2
mGiYcJtLtSYfLQIT9Y6PGK0WtG58SSVyiRq7oVgwInzVZUgLE+BXMPuBrZ2db4+Bzb9ack+g/nc=
X-Served-By
cache-cdg20740-CDG
Last-Modified
Wed, 27 Jan 2021 20:20:11 GMT
Server
AmazonS3
X-Timer
S1617574605.838438,VS0,VE1
ETag
"bc9e655ae2af16fa3450e7a40e80ec1b"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
1
silentpassport
www.msn.com/en-us/news/secure/ Frame 78BA
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1618842261&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2fnews%2fsecure%2fsilentpassport%3fsecure%3dtrue&lc=1...
  • https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
239 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/homepage/_sc/js/d7cb56b9-1eab39e7/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/d5-3e6c70-f4334fc0/46-736d08-68ddb2ab?ver=20210411_20139766&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt19cf,muidflt29cf,muidflt58cf,muidflt118cf,pneedge2cf,startedge1cf,platagyhp2cf,gallery1cf,onetrustpoplive,msnapp2cf,1s-bing-news,vebudumu04302020,bbh20200521msn,shophp1cf,csmoney3cf&csopdb=20210406044859
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.253.33.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.dc-msedge.net
Software
/ ASP.NET
Resource Hash
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
Security Headers
Name Value
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.msn.com
:scheme
https
:path
/en-us/news/secure/silentpassport?secure=true&lc=1033
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

cache-control
private, no-transform
content-length
185
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
User-Agent
access-control-allow-origin
*
x-aspnetmvc-version
5.2
x-appversion
20210411_20139766
x-activity-id
1610489c-5411-40fe-a1a8-693c8643c1ee
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 16, sn: neurope-prod-entertainment, dt: 2021-03-31T20:22:53.9993276Z, bt: 2021-04-11T00:17:17.6241722Z}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-powered-by
ASP.NET
access-control-allow-methods
HEAD,GET,OPTIONS
x-xss-protection
1
x-msedge-ref
Ref A: 1610489C541140FEA1A8693C8643C1EE Ref B: HEL01EDGE0720 Ref C: 2021-04-19T14:24:22Z
date
Mon, 19 Apr 2021 14:24:21 GMT

Redirect headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Length
0
Content-Type
text/html; charset=utf-8
Expires
Mon, 19 Apr 2021 14:23:22 GMT
Location
https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie
uaid=a44358566727456e8259fab9a25493cb; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=1184&lt=1618842262&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Referrer-Policy
strict-origin-when-cross-origin
x-ms-route-info
R3_BAY
x-ms-request-id
8ef6ed11-296f-493a-8de3-ad0f663fd990
PPServer
PPV: 30 H: BY1PPF9887146AD V: 0
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Date
Mon, 19 Apr 2021 14:24:21 GMT
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 91FF 		13 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?referrer=https%3A%2F%2Fwww.msn.com%2F
Requested by
Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tag.idsync.analytics.yahoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 14:24:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
ATS/7.1.2.128
Age
0
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://tag.idsync.analytics.yahoo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame AA02
Redirect Chain
  • https://ib.adnxs.com/async_usersync_file
  • https://acdn.adnxs.com/dmp/async_usersync.html
52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/homepage/_sc/js/d7cb56b9-1eab39e7/direction=ltr.locales=en-us.themes=start.dpi=resolution1x/d5-3e6c70-f4334fc0/46-736d08-68ddb2ab?ver=20210411_20139766&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt19cf,muidflt29cf,muidflt58cf,muidflt118cf,pneedge2cf,startedge1cf,platagyhp2cf,gallery1cf,onetrustpoplive,msnapp2cf,1s-bing-news,vebudumu04302020,bbh20200521msn,shophp1cf,csmoney3cf&csopdb=20210406044859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.84.56.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-84-56-200.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.msn.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

Server
nginx/1.13.10
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 20 Apr 2021 14:24:26 GMT
Date
Mon, 19 Apr 2021 14:24:24 GMT
Connection
keep-alive

Redirect headers

Server
nginx/1.17.9
Date
Mon, 19 Apr 2021 14:24:23 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Location
https://acdn.adnxs.com/dmp/async_usersync.html
AN-X-Request-Uuid
748ffa94-0814-4dba-b8b7-f299d2479dac
X-Proxy-Origin
45.12.220.44; 45.12.220.44; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.80:80
bounce
ib.adnxs.com/ Frame AA02
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 14:24:24 GMT
X-Proxy-Origin
45.12.220.44; 45.12.220.44; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.230:80
AN-X-Request-Uuid
7ee6b7ef-1c02-4fda-9a10-ecdaf4bc2414
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 14:24:24 GMT
X-Proxy-Origin
45.12.220.44; 45.12.220.44; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80
AN-X-Request-Uuid
fb48d821-6a68-4b8e-a843-9cddfc5e0f71
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
300BFC272BEA6AA42DFEEC392A386B31
pr-bh.ybp.yahoo.com/sync/msn/
Redirect Chain
  • https://c.bing.com/c.gif?Red3=MSOATH_pd
  • https://pr-bh.ybp.yahoo.com/sync/msn/300BFC272BEA6AA42DFEEC392A386B31
43 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/msn/300BFC272BEA6AA42DFEEC392A386B31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 14:24:24 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Apr 2021 14:24:23 GMT
x-msedge-ref
Ref A: 9DF478045FAF457ABEB22B975F06036D Ref B: FRAEDGE1315 Ref C: 2021-04-19T14:24:24Z
x-powered-by
ASP.NET
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://pr-bh.ybp.yahoo.com/sync/msn/300BFC272BEA6AA42DFEEC392A386B31
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
async_usersync
ib.adnxs.com/ Frame AA02 		0
742 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 14:24:25 GMT
X-Proxy-Origin
45.12.220.44; 45.12.220.44; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.48:80
AN-X-Request-Uuid
02c0ec5b-476e-4e26-88f5-d87067af0b37
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| define function| require object| _pageTimings function| _perfMarker function| _perfMeasure string| c function| _llic string| adsLo number| atwInfo string| adsMNS undefined| adsSz boolean| adsIE undefined| adsCA string| adsATOth object| adsD string| adsVal number| adsCp string| atwIP string| adsExcV string| adsKV number| adsFileless string| adsUA number| adsTile object| adsDivs object| adsCF object| adsCW object| adsCH object| adsCAd number| adsScr string| adsRRDevil string| adsRRCalled number| atwLoaded number| adsIEGT9 number| adsIELT10 string| atwLB number| adsTacOK string| adsProt function| atwInfoFn function| adsDisableTacoda function| atwGDPRDelay function| atwGDPRSetTimeout function| atwGDPRCmp function| atwGDPR function| adsTacFn function| adsBingPing function| adsMSNPing function| adUACInit function| adsGetRotate function| adsCkCol function| adsDoOnL function| adGetBucket function| adSetOthAT function| atwVisCh function| atwGetVisiblePct function| adsReloadServer function| adsRotateMult function| adsReloadAd function| adsReloadIframe function| adsDevilObj function| adsANOnL function| adsRMIFOnL function| adsActualResize function| adsRmChildren function| adsClrDiv function| adsClrAd function| adsGetObj function| adsFilelessFn function| atwIEDelay function| adsLoadAd function| adSetupDiv function| adsGetValues function| htmlAdWH object| atwUAC function| dap_Resize string| adsSZ string| adsTestCo string| adsRotateTime object| adsDevilAd function| $ function| jQuery object| awa string| behaviorKey object| Perf string| globalLeft string| deferredCanary function| Gemini object| Telemetry object| utils object| data object| MSANTracker object| Modernizr object| pp object| confiant function| newGuid function| setImmediate function| clearImmediate function| binding

5 Cookies

Domain/Path Name / Value
.msn.com/ Name: MS0
Value: 8d5b5461e7bc4ce88f171a6aee0ac91b
.msn.com/ Name: MUID
Value: 1B311D0FA67767731F4B0D11A7A8668F
.msn.com/ Name: MC1
Value: GUID=88823d9e450b425ea89e328addd8bd25&HASH=8882&LV=202104&V=4&LU=1618842262073
.msn.com/ Name: _EDGE_V
Value: 1
.msn.com/ Name: _EDGE_S
Value: F=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ajax.aspnetcdn.com
c.bing.com
cms.analytics.yahoo.com
confiant.msn.com
ib.adnxs.com
login.live.com
pr-bh.ybp.yahoo.com
s.aolcdn.com
service.idsync.analytics.yahoo.com
static-entertainment-neu-s-msn-com.akamaized.net
static-global-s-msn-com.akamaized.net
tag.idsync.analytics.yahoo.com
web.vortex.data.msn.com
www.msn.com
104.84.56.200
131.253.33.203
152.195.51.15
152.199.19.160
185.33.220.244
2.16.186.40
2.19.45.153
20.190.160.75
212.82.100.182
2606:2800:233:af6:eab:2108:1892:6d8
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a02:26f0:1700:3::5f65:1b99
3.126.56.137
40.77.226.250
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
25ddb283ec22b121debdc489888d2a8e863aaa28d3db8a1473124c4ab7561eb5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4f5dc143a274fef626d62d8312697d4b8ce68fa36b266314ebe76442c4761f1b
5386e2d36f0e037aa5174c444f63538df0f7c155f2d520426ab4121233160916
5cc85de30ef220291c2559bfafbd67e6b880a133778981fe9a75b0e3b1502fff
65aa946829133f2163ed351882e770c0e7651c8c95fac3c53aa78e02a938b7ca
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cbc4f35894ae6fd84c5d120c8b339a4645676e5854e3d9e0ea5d6c045c75a826
d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebeee39733541794e8df2e8449485419b64cb3a164ab3041c49a7d06f2ed8823