urlscan.io logo urlscan.io
SecurityTrails logo

www.msn.com Open in urlscan Pro
204.79.197.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://360segureportalesclient.epromelectronic.rs/
Effective URL: https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-t...
Submission: On August 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 42 HTTP transactions. The main IP is 204.79.197.203, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.msn.com. The Cisco Umbrella rank of the primary domain is 522.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on September 8th 2022. Valid for: a year.
This is the only time www.msn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    185.119.89.160 (Belgrade, Serbia)

ASN207604 (UNITED, RS)
PTR: s22.unlimited.rs
360segureportalesclient.epromelectronic.rs
8    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firestore.googleapis.com
2    184.73.227.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-227-100.compute-1.amazonaws.com
ipgeolocation.abstractapi.com
3    204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net
www.msn.com
10    95.100.135.138 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-135-138.deploy.static.akamaitechnologies.com
assets.msn.com
1    2606:4700:20::681a:78b (None, )

ASN- ()
btloader.com
1    151.101.129.108 (None, )

ASN- ()
acdn.adnxs.com
1    2a02:26f0:480:f::213:7ec8 (None, )

ASN- ()
img-s-msn-com.akamaized.net
Apex Domain
Subdomains		 Transfer
13 msn.com
www.msn.com — Cisco Umbrella Rank: 522
assets.msn.com — Cisco Umbrella Rank: 109
api.msn.com Failed
browser.events.data.msn.com Failed
c.msn.com Failed
682 KB
8 googleapis.com
firestore.googleapis.com — Cisco Umbrella Rank: 2135
847 B
3 epromelectronic.rs
360segureportalesclient.epromelectronic.rs
367 KB
2 abstractapi.com
ipgeolocation.abstractapi.com — Cisco Umbrella Rank: 81417
639 B
1 akamaized.net
img-s-msn-com.akamaized.net
6 KB
1 adnxs.com
acdn.adnxs.com
34 KB
1 btloader.com
btloader.com
api.btloader.com Failed
7 KB
0 doubleclick.net Failed
ad.doubleclick.net Failed
0 ad-delivery.net Failed
ad-delivery.net Failed
0 scorecardresearch.com Failed
sb.scorecardresearch.com Failed
42 10
Domain Requested by
10 assets.msn.com www.msn.com
assets.msn.com
8 firestore.googleapis.com 360segureportalesclient.epromelectronic.rs
3 www.msn.com 360segureportalesclient.epromelectronic.rs
www.msn.com
assets.msn.com
3 360segureportalesclient.epromelectronic.rs 360segureportalesclient.epromelectronic.rs
2 ipgeolocation.abstractapi.com 360segureportalesclient.epromelectronic.rs
1 img-s-msn-com.akamaized.net
1 acdn.adnxs.com assets.msn.com
1 btloader.com assets.msn.com
0 ad.doubleclick.net Failed
0 ad-delivery.net Failed
0 api.btloader.com Failed btloader.com
0 sb.scorecardresearch.com Failed
0 c.msn.com Failed
0 browser.events.data.msn.com Failed assets.msn.com
0 api.msn.com Failed assets.msn.com
42 15

This site contains no links.

Subject Issuer Validity Valid
www.360segureportalesclient.epromelectronic.rs
R3		 2023-08-12 -
2023-11-10		 3 months crt.sh
edgecert.googleapis.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
ipgeolocation.abstractapi.com
Amazon RSA 2048 M02		 2023-04-23 -
2024-05-21		 a year crt.sh
*.msn.com
Microsoft RSA TLS CA 01		 2022-09-08 -
2023-09-08		 a year crt.sh
assets.msn.com
Microsoft Azure ECC TLS Issuing CA 06		 2023-07-25 -
2024-06-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-06 -
2024-07-05		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar/ar-AA1f93Za?ocid=msedgntp&cvid=719659f535bf4033960163c46ccb0b07&ei=10
Frame ID: 54B1D44D7A1037EA1D44E98DEB180568
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MSN

Page URL History Show full URLs

  1. https://360segureportalesclient.epromelectronic.rs/ Page URL
  2. https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Page Statistics

42
Requests

69 %
HTTPS

38 %
IPv6

10
Domains

15
Subdomains

9
IPs

3
Countries

1098 kB
Transfer

4003 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://360segureportalesclient.epromelectronic.rs/ Page URL
  2. https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar/ar-AA1f93Za?ocid=msedgntp&cvid=719659f535bf4033960163c46ccb0b07&ei=10 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
360segureportalesclient.epromelectronic.rs/ 		464 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://360segureportalesclient.epromelectronic.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.119.89.160 Belgrade, Serbia, ASN207604 (UNITED, RS),
Reverse DNS
s22.unlimited.rs
Software
LiteSpeed /
Resource Hash
68afeb92ed684999507d2232180aac671a222bd1968b43d1a5bb2c9190b330ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
192
content-type
text/html
date
Tue, 15 Aug 2023 17:50:36 GMT
last-modified
Sun, 13 Aug 2023 03:30:48 GMT
server
LiteSpeed
vary
Accept-Encoding
index-6d275758.js
360segureportalesclient.epromelectronic.rs/assets/ 		1 MB
362 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.119.89.160 Belgrade, Serbia, ASN207604 (UNITED, RS),
Reverse DNS
s22.unlimited.rs
Software
LiteSpeed /
Resource Hash
000f7ad447a205ede6b3895d65585704f0022b61013db8e4dd32e5523fd0fb25

Request headers

Referer
https://360segureportalesclient.epromelectronic.rs/
Origin
https://360segureportalesclient.epromelectronic.rs
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Aug 2023 17:50:36 GMT
content-encoding
br
last-modified
Sun, 13 Aug 2023 03:31:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
369870
expires
Tue, 22 Aug 2023 17:50:36 GMT
index-50eb48c4.css
360segureportalesclient.epromelectronic.rs/assets/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://360segureportalesclient.epromelectronic.rs/assets/index-50eb48c4.css
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.119.89.160 Belgrade, Serbia, ASN207604 (UNITED, RS),
Reverse DNS
s22.unlimited.rs
Software
LiteSpeed /
Resource Hash
50eb48c479a51d767b57035e88bc49bde0b3cf2367caa71c39dd52380087c215

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://360segureportalesclient.epromelectronic.rs/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Aug 2023 17:50:36 GMT
content-encoding
br
last-modified
Sun, 13 Aug 2023 03:30:48 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4916
expires
Tue, 22 Aug 2023 17:50:36 GMT
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		54 B
176 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&RID=11398&CVER=22&X-HTTP-Session-Id=gsessionid&zx=u7aefl4f60qt&t=1
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15fdf76197358c418a3964f24ca791702dba4ab8003a89e37899b8eac45615ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://360segureportalesclient.epromelectronic.rs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Aug 2023 17:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-wire-protocol
h2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://360segureportalesclient.epromelectronic.rs
access-control-expose-headers
x-client-wire-protocol,x-http-session-id
cache-control
private
access-control-allow-credentials
true
x-http-session-id
a7q58aPDv24h0R6AZponFwXx6fy-wSobq3KxS4EYmY0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 		54 B
471 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&RID=10600&CVER=22&X-HTTP-Session-Id=gsessionid&zx=antverj9wqbs&t=1
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c95796ba3f80ac6c768e8dbbc0351da02002234a437a89c75143cdbfe60046b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://360segureportalesclient.epromelectronic.rs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Aug 2023 17:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-client-wire-protocol
h2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://360segureportalesclient.epromelectronic.rs
access-control-expose-headers
x-client-wire-protocol,x-http-session-id
cache-control
private
access-control-allow-credentials
true
x-http-session-id
wXWZV-BpRLEp7l4LHSX-8dC8nLY9PyetlUzzViS5KiI
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 		341 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?gsessionid=wXWZV-BpRLEp7l4LHSX-8dC8nLY9PyetlUzzViS5KiI&VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&RID=rpc&SID=RW7ZWJtftRwsuX-bWdSa1w&CI=0&AID=0&TYPE=xmlhttp&zx=235uwyapswj2&t=1
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://360segureportalesclient.epromelectronic.rs/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Aug 2023 17:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Referer, origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://360segureportalesclient.epromelectronic.rs
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		5 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=a7q58aPDv24h0R6AZponFwXx6fy-wSobq3KxS4EYmY0&VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&RID=rpc&SID=pkBvKELAWo1m-ABgt6dmvw&CI=0&AID=0&TYPE=xmlhttp&zx=lnznx1f9o44d&t=1
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://360segureportalesclient.epromelectronic.rs/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Aug 2023 17:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Referer, origin
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://360segureportalesclient.epromelectronic.rs
cache-control
private, max-age=0
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 		10 B
50 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&gsessionid=wXWZV-BpRLEp7l4LHSX-8dC8nLY9PyetlUzzViS5KiI&SID=RW7ZWJtftRwsuX-bWdSa1w&RID=10601&AID=1&zx=a5lxbm91xvmg&t=1
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50b25d63fd1264ca73bedc7cb4213e7f2b9f7ba836e969ff2b8ed7d543c8e140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://360segureportalesclient.epromelectronic.rs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://360segureportalesclient.epromelectronic.rs
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
x-xss-protection
0
/
ipgeolocation.abstractapi.com/v1/ 		51 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ipgeolocation.abstractapi.com/v1/?api_key=77f96b4977494282a0913400300e0622&&fields=country,ip_address
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.227.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-227-100.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ea012c5a22d0c89f69c19400462d499fa9ee5c3a877a8aff9c5935b511d33db9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://360segureportalesclient.epromelectronic.rs/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Aug 2023 17:50:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx/1.14.0 (Ubuntu)
vary
Cookie, Origin
allow
GET, HEAD, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
*
content-length
51
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		10 B
50 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&gsessionid=a7q58aPDv24h0R6AZponFwXx6fy-wSobq3KxS4EYmY0&SID=pkBvKELAWo1m-ABgt6dmvw&RID=11399&AID=4&zx=vdsj4rtjc98p&t=1
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06a403fa19b0e23e9e2ef3f493a6a55f68607c5566298f3e0ed7a08dbf11ad82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://360segureportalesclient.epromelectronic.rs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://360segureportalesclient.epromelectronic.rs
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		10 B
50 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&gsessionid=a7q58aPDv24h0R6AZponFwXx6fy-wSobq3KxS4EYmY0&SID=pkBvKELAWo1m-ABgt6dmvw&RID=11400&AID=4&zx=3tnh289hfrq9&t=1
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06a403fa19b0e23e9e2ef3f493a6a55f68607c5566298f3e0ed7a08dbf11ad82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://360segureportalesclient.epromelectronic.rs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://360segureportalesclient.epromelectronic.rs
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
x-xss-protection
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		10 B
50 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&gsessionid=a7q58aPDv24h0R6AZponFwXx6fy-wSobq3KxS4EYmY0&SID=pkBvKELAWo1m-ABgt6dmvw&RID=11401&AID=4&zx=kbc0iahx8sx1&t=1
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
06a403fa19b0e23e9e2ef3f493a6a55f68607c5566298f3e0ed7a08dbf11ad82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://360segureportalesclient.epromelectronic.rs/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://360segureportalesclient.epromelectronic.rs
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
x-xss-protection
0
/
ipgeolocation.abstractapi.com/v1/ 		51 B
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ipgeolocation.abstractapi.com/v1/?api_key=77f96b4977494282a0913400300e0622&&fields=country,ip_address
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.227.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-227-100.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://360segureportalesclient.epromelectronic.rs/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Aug 2023 17:50:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx/1.14.0 (Ubuntu)
vary
Cookie, Origin
allow
GET, HEAD, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
*
content-length
51
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		0
0
Primary Request ar-AA1f93Za
www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar/ 		68 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar/ar-AA1f93Za?ocid=msedgntp&cvid=719659f535bf4033960163c46ccb0b07&ei=10
Requested by
Host: 360segureportalesclient.epromelectronic.rs
URL: https://360segureportalesclient.epromelectronic.rs/assets/index-6d275758.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
025c1eaacf9721a8f78b524ac4d32282f11e32c5942adef8751a40b999702118
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss: 'report-sample';font-src 'self' data: https: blob: wss: assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn;frame-ancestors 'self' int1.msn.com ntp.msn.cn ntp.msn.com windows-int1.msn.com windows.msn.cn windows.msn.com www.bing.com www.msn.com;media-src 'self' https: blob:;report-to csp-endpoint;worker-src 'self' https: blob: 'report-sample';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://360segureportalesclient.epromelectronic.rs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-methods
HEAD,GET,OPTIONS
cache-control
no-store, no-cache
content-security-policy
block-all-mixed-content;connect-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss:;default-src 'self' data: 'unsafe-inline' 'unsafe-eval' https: blob: wss: 'report-sample';font-src 'self' data: https: blob: wss: assets.msn.com assets2.msn.com assets.msn.cn assets2.msn.cn;frame-ancestors 'self' int1.msn.com ntp.msn.cn ntp.msn.com windows-int1.msn.com windows.msn.cn windows.msn.com www.bing.com www.msn.com;media-src 'self' https: blob:;report-to csp-endpoint;worker-src 'self' https: blob: 'report-sample';
content-type
text/html; charset=utf-8
date
Tue, 15 Aug 2023 17:50:40 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.5}
pragma
no-cache
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
x-cache
CONFIG_NOCACHE
x-ceto-ref
DEC246C0F78B4AD2BCE07145A10E007F|2023-08-15T17:50:41.345Z
x-content-type-options
nosniff
x-fabric-cluster
pmeprodneu
x-frame-options
SAMEORIGIN
x-msedge-ref
Ref A: DEC246C0F78B4AD2BCE07145A10E007F Ref B: FRAEDGE1706 Ref C: 2023-08-15T17:50:41Z
x-ua-compatible
IE=Edge;chrome=1
x-xss-protection
1
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		0
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		0
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Write/ 		0
0
channel
firestore.googleapis.com/google.firestore.v1.Firestore/Listen/ 		0
0
vendors.88ca01f4487a8db1359c.js
assets.msn.com/bundles/v1/views/latest/ 		298 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/vendors.88ca01f4487a8db1359c.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar/ar-AA1f93Za?ocid=msedgntp&cvid=719659f535bf4033960163c46ccb0b07&ei=10
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-138.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5cd80914b8c76268e5e1da31b87c0678ab7020b510fee16e2265b539b4bf922b

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
br
akamai-cache-status
Hit from child
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
content-md5
fHggW8gSoIhi2GRFi5pJ3g==
server-timing
clientrtt; dur=20, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
content-length
77733
x-ms-lease-status
unlocked
last-modified
Fri, 11 Aug 2023 02:08:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB9A0FCA80E9E5
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
50ab9558-f01e-0005-1a16-cd449a000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
95.100.135.134
x-ms-version
2009-09-19
access-control-allow-credentials
true
akamai-request-bc
[a=95.100.135.134,b=109489529,c=g,n=DE_HE_FRANKFURT,o=20940]
akamai-request-id
686ad79
timing-allow-origin
*
microsoft.31b2d1265c084d9f5c90.js
assets.msn.com/bundles/v1/views/latest/ 		306 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/microsoft.31b2d1265c084d9f5c90.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar/ar-AA1f93Za?ocid=msedgntp&cvid=719659f535bf4033960163c46ccb0b07&ei=10
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-138.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2ff626663d8e6ea76aa36857ef474f135ec958b17328fd36b4bf46babfdf48c5

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
br
akamai-cache-status
Hit from child
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
content-md5
DOXyll7TC1FOrJzxaMzHpQ==
server-timing
clientrtt; dur=20, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
content-length
78006
x-ms-lease-status
unlocked
last-modified
Wed, 09 Aug 2023 00:25:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB986F2D32C680
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
1f4212c2-101e-0010-288b-cbee13000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
95.100.135.134
x-ms-version
2009-09-19
access-control-allow-credentials
true
akamai-request-bc
[a=95.100.135.134,b=109489534,c=g,n=DE_HE_FRANKFURT,o=20940]
akamai-request-id
686ad7e
timing-allow-origin
*
common.852f2c4ed1bc8f917003.js
assets.msn.com/bundles/v1/views/latest/ 		881 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/common.852f2c4ed1bc8f917003.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar/ar-AA1f93Za?ocid=msedgntp&cvid=719659f535bf4033960163c46ccb0b07&ei=10
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-138.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f0f0bf30c0cb673e1c8b8d959ecc63506e37e84085a269d0892bb237dca8c0f5

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
br
akamai-cache-status
Hit from child
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
content-md5
a7H+XvFsh9zG7ldqPTbp9Q==
server-timing
clientrtt; dur=20, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
content-length
196553
x-ms-lease-status
unlocked
last-modified
Mon, 14 Aug 2023 19:30:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB9CFCE1F1C755
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
f0f0887c-c01e-005e-78e5-ced35f000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
95.100.135.134
x-ms-version
2009-09-19
access-control-allow-credentials
true
akamai-request-bc
[a=95.100.135.134,b=109489535,c=g,n=DE_HE_FRANKFURT,o=20940]
akamai-request-id
686ad7f
timing-allow-origin
*
experience.8b030e6b7009d3cd2267.js
assets.msn.com/bundles/v1/views/latest/ 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/experience.8b030e6b7009d3cd2267.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar/ar-AA1f93Za?ocid=msedgntp&cvid=719659f535bf4033960163c46ccb0b07&ei=10
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-138.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
76c3316f6c7ea5d2e41026d8291fe46c044faefa317a622c6712230d68e4ba85

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
br
akamai-cache-status
Hit from child
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
content-md5
QQdE/p0PK+CSrYdikgfX3g==
server-timing
clientrtt; dur=20, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
content-length
18411
x-ms-lease-status
unlocked
last-modified
Mon, 14 Aug 2023 19:30:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB9CFCE1BF49D0
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
8436053a-c01e-001b-51e5-ce3a5c000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
95.100.135.134
x-ms-version
2009-09-19
access-control-allow-credentials
true
akamai-request-bc
[a=95.100.135.134,b=109489536,c=g,n=DE_HE_FRANKFURT,o=20940]
akamai-request-id
686ad80
timing-allow-origin
*
web-worker.035fd4a5e77ce97e0981.js
www.msn.com/bundles/v1/views/latest/ 		87 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/bundles/v1/views/latest/web-worker.035fd4a5e77ce97e0981.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar/ar-AA1f93Za?ocid=msedgntp&cvid=719659f535bf4033960163c46ccb0b07&ei=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
1834f0db77cd880ccf1f29230e8466487e68590a1fdf653d4a63636b8a22cc4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar/ar-AA1f93Za?ocid=msedgntp&cvid=719659f535bf4033960163c46ccb0b07&ei=10
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type
BlockBlob
akamai-cache-status
Hit from child
content-encoding
br
date
Tue, 15 Aug 2023 17:50:40 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
content-md5
c6nQh4cet0lu3ETb83lutQ==
x-cache
TCP_HIT
server-timing
clientrtt; dur=7, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
content-length
22805
x-ms-lease-status
unlocked
last-modified
Fri, 04 Aug 2023 01:12:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3DBFFEBACD6346DDA5DEC1FB8A7D7616 Ref B: FRAEDGE1706 Ref C: 2023-08-15T17:50:41Z
etag
0x8DB9487D02E80E7
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
x-ms-request-id
41d6bd7b-f01e-0005-0370-c6449a000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
96.16.48.156
x-ms-version
2009-09-19
akamai-request-bc
[a=96.16.48.156,b=162603618,c=g,n=NL__HAARLEM,o=20940]
akamai-request-id
9b12262
x-cid
7
timing-allow-origin
*
x-ccc
DE
/
www.msn.com/resolver/api/resolve/v3/config/ 		194 KB
42 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/resolver/api/resolve/v3/config/?expType=AppConfig&expInstance=default&apptype=views&v=20230814.292&targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browserType%22:%22safari%22,%22version%22:%2214%22,%22ismobile%22:%22true%22},%22deviceFormFactor%22:%22phone%22,%22domain%22:%22www.msn.com%22,%22locale%22:{%22content%22:{%22language%22:%22es%22,%22market%22:%22co%22},%22display%22:{%22language%22:%22es%22,%22market%22:%22co%22}},%22ocid%22:%22msedgntp%22,%22os%22:%22ios%22,%22platform%22:%22web%22,%22pageType%22:%22article%22,%22pageExperiments%22:[%22prg-1s-workid%22,%22prg-1sw-bknsm%22,%22prg-1sw-bnrts1%22,%22prg-1sw-bnrts1fsh%22,%22prg-1sw-brking-card%22,%22prg-1sw-brns-card%22,%22prg-1sw-c-flash%22,%22prg-1sw-cfwx2stripe%22,%22prg-1sw-enableact%22,%22prg-1sw-finbnd%22,%22prg-1sw-finocn%22,%22prg-1sw-fsah%22,%22prg-1sw-fwictl%22,%22prg-1sw-hrcnhcd%22,%22prg-1sw-otel%22,%22prg-1sw-p1wtrclm%22,%22prg-1sw-pde0%22,%22prg-1sw-pr2clarity%22,%22prg-1sw-rr2fn%22,%22prg-1sw-rr2fp%22,%22prg-1sw-rsbnww%22,%22prg-1sw-spaipv2%22,%22prg-1sw-srdus%22,%22prg-1sw-swsigtext%22,%22prg-1sw-tbrcounter%22,%22prg-1sw-tgnrton%22,%22prg-1sw-tpfl12-t%22,%22prg-1sw-tpsncs12%22,%22prg-1sw-tpsnfl%22,%22prg-1sw-tpsnfltd30%22,%22prg-1sw-tpsnfltfl-t%22,%22prg-1sw-tpsnhtld30%22,%22prg-1sw-tpsnhtlfl-t%22,%22prg-1sw-uet%22,%22prg-1sw-wxlocnew%22,%22prg-1unify1s%22,%22prg-ad-cbuxhld%22,%22prg-adspeek%22,%22prg-cg-inv-dialog-t1-c%22,%22prg-cg-nba%22,%22prg-cg-nba-t%22,%22prg-cg-notf%22,%22prg-cg-notf2%22,%22prg-enable-cgmonitor%22,%22prg-ias%22,%22prg-leadgenintl%22,%22prg-lgintlntp%22,%22prg-pcsmarket-t%22,%22prg-pr2-all1u%22,%22prg-pr2-cpagefilter%22,%22prg-pr2-lrv4%22,%22prg-pr2-psninfoi-c%22,%22prg-pr2-rfhopen%22,%22prg-pr2-syncmap%22,%22prg-pr2-tpfl-c%22,%22prg-sh-adstracking-c%22,%22prg-sh-bd-cb%22,%22prg-sh-bd-newbanner%22,%22prg-sh-fivecolumn%22,%22prg-sh-frcgst%22,%22prg-sh-gpfmob%22,%22prg-sh-newcolumn-c%22,%22prg-sh-recopdp%22,%22prg-sh-rmitmlnk%22,%22prg-sh-unifyadd%22,%22prg-sp-liveapi%22,%22prg-ugc-commsmodule%22,%22prg-ugc-cttsearch1%22,%22prg-ugc-rejpublink%22,%22prg-ugc-videofeed1%22,%22prg-unify1s%22,%22prg-upsaip-r-t%22,%22prg-upsaip-w1-t%22,%22prg-upscache-t%22,%22prg-useakmaipath%22,%22prg-vidcv1%22,%22prg-wpo-actcoord%22,%22prg-wx-lqcache%22,%22prg-xandr-ar-no-pb%22,%22prg-xandr-w-no-pb%22]}
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.852f2c4ed1bc8f917003.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
85088a9e20d18d623b0858d53b2f62cd42514ea354869bdc05bef4254896912b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/es-co/entretenimiento/other/yo-me-llamo-kany-garc%C3%ADa-le-confes%C3%B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar/ar-AA1f93Za?ocid=msedgntp&cvid=719659f535bf4033960163c46ccb0b07&ei=10
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
br
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache
TCP_HIT
content-length
42977
x-ceto-ref
3D9A13B901994BB09528CBC3A109C452|2023-08-15T17:50:41.487Z
x-crs-env
Production
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 91BEC8E13E0840C8BD0A3219CEB591E7 Ref B: FRAEDGE1706 Ref C: 2023-08-15T17:50:41Z
x-crs-buildversion
20230801.2_master
etag
"43dtEcFVWJh6yGUfxJtv7oK7evU"
vary
Accept-Encoding
nel-report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
cache-control
public,max-age=1728000,immutable
x-cid
7
x-ccc
DE
components_views-header_dist_ViewsHeaderTelemetry_js-components_views-header_dist_index_js-ex-aa4e95.e48cada47457372e7361.js
assets.msn.com/bundles/v1/views/latest/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/components_views-header_dist_ViewsHeaderTelemetry_js-components_views-header_dist_index_js-ex-aa4e95.e48cada47457372e7361.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.8b030e6b7009d3cd2267.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-138.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
accdf05b2e916268bb686d333e44d1f76cba48dee96d2a13d0764c413753b02d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
br
akamai-cache-status
Hit from child
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
content-md5
a7I4xvbNdfoiJq4Wryp32A==
server-timing
clientrtt; dur=19, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
content-length
22357
x-ms-lease-status
unlocked
last-modified
Mon, 14 Aug 2023 19:30:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB9CFCE2174D9F
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
84360878-c01e-001b-5be5-ce3a5c000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
95.100.135.134
x-ms-version
2009-09-19
access-control-allow-credentials
true
akamai-request-bc
[a=95.100.135.134,b=109489858,c=g,n=DE_HE_FRANKFURT,o=20940]
akamai-request-id
686aec2
timing-allow-origin
*
article-page.a6221db01dfad0a000ad.js
assets.msn.com/bundles/v1/views/latest/ 		385 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/views/latest/article-page.a6221db01dfad0a000ad.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/experience.8b030e6b7009d3cd2267.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-138.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2f0a8c35c78b0754040c4dfb145eb6e5cbb6ca1d9254080b8c16129f3a0b6db1

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
br
akamai-cache-status
Hit from child
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
content-md5
EKnEfqHDprQjzmCr8do6vQ==
server-timing
clientrtt; dur=19, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
content-length
81135
x-ms-lease-status
unlocked
last-modified
Mon, 14 Aug 2023 19:30:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DB9CFCE38F28A8
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
ee93d41d-b01e-0044-2de5-ce4635000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
95.100.135.134
x-ms-version
2009-09-19
access-control-allow-credentials
true
akamai-request-bc
[a=95.100.135.134,b=109489859,c=g,n=DE_HE_FRANKFURT,o=20940]
akamai-request-id
686aec3
timing-allow-origin
*
AA1f93Za
assets.msn.com/content/view/v2/Detail/es-co/ 		11 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/view/v2/Detail/es-co/AA1f93Za
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.852f2c4ed1bc8f917003.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b75726cea884bf1f46159803535c93d633b0236bc37a6766954513d137bc9d03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

akamai-request-id
686af3e
date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
ddd-usertype
AnonymousMuid
ddd-debugid
64dbbae4-bda2-4263-bb1a-7f9bf92af04b|2023-08-15T17:50:28.8233586Z|fabric_msn|NEU1|News_28
server-timing
clientrtt; dur=20, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
content-length
5183
x-ceto-ref
B95734B26BA640808C101E41D6EF4231|2023-08-15T17:50:28.815Z
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
ddd-authenticatedwithjwtflow
False
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
cache-control
public, max-age=60
akamai-server-ip
95.100.135.134
access-control-allow-credentials
true
x-msedge-responseinfo
6
timing-allow-origin
*
akamai-request-bc
[a=95.100.135.134,b=109489982,c=g,n=DE_HE_FRANKFURT,o=20940]
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
onewebservicelatency
6
x-as-suppresssetcookie
1
SegoeUI-Roman-VF-subset_web.woff2
assets.msn.com/statics/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/SegoeUI-Roman-VF-subset_web.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-138.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
server-timing
clientrtt; dur=19, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
content-length
41006
last-modified
Thu, 04 Jul 2019 01:04:35 GMT
server
AkamaiNetStorage
etag
"72d13803e728b0ef3dfb6da311001643:1562269510.048951"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
95.100.135.134
access-control-allow-credentials
true
accept-ranges
bytes
akamai-request-bc
[a=95.100.135.134,b=109490054,c=g,n=DE_HE_FRANKFURT,o=20940]
akamai-request-id
686af86
timing-allow-origin
*
AAt91uD
assets.msn.com/content/view/v2/provider/es-co/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/content/view/v2/provider/es-co/AAt91uD
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.852f2c4ed1bc8f917003.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
edb206de2384b75a2088a397c5b56f400d8664d5e79cbb45bc7b35c48641a5e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

akamai-request-id
686afd9
date
Tue, 15 Aug 2023 17:50:41 GMT
content-encoding
gzip
akamai-cache-status
Miss from child
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
ddd-usertype
Unknown
ddd-debugid
64dbbae5-d68c-48b8-9d55-dcdcff47bba1|2023-08-15T17:50:29.1366066Z|fabric_msn|NEU1|News_0
server-timing
clientrtt; dur=23, clienttt; dur=7, origin; dur=0 , cdntime; dur=7
content-length
729
x-ceto-ref
C3F64FC07DE44A15AAF45F582FB709C4|2023-08-15T17:50:29.131Z
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
ddd-authenticatedwithjwtflow
False
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
cache-control
public, max-age=60
akamai-server-ip
95.100.135.134
access-control-allow-credentials
true
x-msedge-responseinfo
3
timing-allow-origin
*
akamai-request-bc
[a=95.100.135.134,b=109490137,c=g,n=DE_HE_FRANKFURT,o=20940],[c=p,n=DE_HE_FRANKFURT,o=20940]
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType,traceparent
onewebservicelatency
3
x-as-suppresssetcookie
1
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
tag
btloader.com/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=6208086025961472&upapi=true
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.852f2c4ed1bc8f917003.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
57cd46282c5375545631419d8652ddc7750ab19fc2314ff2790017b561bf851f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Aug 2023 17:50:42 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 15 Aug 2023 17:18:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1960
etag
W/"ecbe7f2acff1538241c91edc7a7b5c72"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oH0QmXWzX4pLbKD3Oo80Vj4tD6t57dkHG172IEOnL8Z9I1aQ3nnO1FSFxoynGyNmXkC1OCZRcwiwGtJOogFLbkcvRFbWhmqkH4NgQS1Ochlblb8O%2F18rQqIqkXHXxV07yV4wwUy4e7g1rA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7f734808de735c8c-FRA
ast.js
acdn.adnxs.com/ast/ 		100 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/views/latest/common.852f2c4ed1bc8f917003.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3b72af59b1d95751583f25bee44592d7026c8b9f6922fd5bfff7ecd961c6859c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Expires
Tue, 11 Jul 2023 13:31:10 GMT
Date
Tue, 15 Aug 2023 17:50:42 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
15480
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
34495
X-Served-By
cache-lga21942-LGA, cache-fra-eddf8230047-FRA
Last-Modified
Mon, 10 Jul 2023 13:28:42 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1692121842.072079,VS0,VE0
ETag
W/"64ac078a-19032"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
247705, 9353
LiveRampObjectStoreCaller
api.msn.com/segments/recoitems/ 		0
0
BBGkQKs.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBGkQKs.img?w=36&h=36&q=60&m=6&f=png&u=t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Aug 2023 17:50:42 GMT
last-modified
Tue, 15 Aug 2023 00:05:52 GMT
x-resizerversion
1.0
x-source-length
4563
x-datacenter
westus
x-frame-options
DENY
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=368168
x-activityid
e0365906-f275-43d3-9b60-4143d4faf319
content-location
https://img.s-msn.com/tenant/amp/entityid/BBGkQKs?w=36&h=36&q=60&m=6&f=png&u=t
timing-allow-origin
*
content-length
6074
expires
Sun, 20 Aug 2023 00:06:50 GMT
eb-garamond-v14-latin-regular.woff2
assets.msn.com/statics/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/statics/fonts/eb-garamond-v14-latin-regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.135.138 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-100-135-138.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779

Request headers

Referer
https://www.msn.com/
Origin
https://www.msn.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 15 Aug 2023 17:50:42 GMT
content-encoding
gzip
akamai-cache-status
Hit from child
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.1}
server-timing
clientrtt; dur=23, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
content-length
29088
last-modified
Thu, 01 Oct 2020 00:43:17 GMT
server
AkamaiNetStorage
etag
"6fbb1cf13dfeff58538dddd9e2ad485c:1601512997.736101"
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
font/woff2
access-control-allow-origin
https://www.msn.com
cache-control
public, max-age=31536000
akamai-server-ip
95.100.135.134
access-control-allow-credentials
true
accept-ranges
bytes
akamai-request-bc
[a=95.100.135.134,b=109490174,c=g,n=DE_HE_FRANKFURT,o=20940]
akamai-request-id
686affe
timing-allow-origin
*
1.0
browser.events.data.msn.com/OneCollector/ 		0
0
c.gif
c.msn.com/ 		0
0
b
sb.scorecardresearch.com/ 		0
0
state
api.btloader.com/mw/ 		0
0
px.gif
ad-delivery.net/ 		0
0
favicon.ico
ad.doubleclick.net/ 		0
0
px.gif
ad-delivery.net/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
firestore.googleapis.com
URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&gsessionid=a7q58aPDv24h0R6AZponFwXx6fy-wSobq3KxS4EYmY0&SID=pkBvKELAWo1m-ABgt6dmvw&RID=11402&AID=12&zx=vb59723xzzl&t=1
Domain
firestore.googleapis.com
URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&gsessionid=a7q58aPDv24h0R6AZponFwXx6fy-wSobq3KxS4EYmY0&SID=pkBvKELAWo1m-ABgt6dmvw&RID=11403&AID=12&zx=7m7wwnu8kili&t=1
Domain
firestore.googleapis.com
URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&gsessionid=a7q58aPDv24h0R6AZponFwXx6fy-wSobq3KxS4EYmY0&SID=pkBvKELAWo1m-ABgt6dmvw&RID=11404&AID=12&zx=tic7cfcfp7d8&t=1
Domain
firestore.googleapis.com
URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Write/channel?gsessionid=wXWZV-BpRLEp7l4LHSX-8dC8nLY9PyetlUzzViS5KiI&VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&RID=rpc&SID=RW7ZWJtftRwsuX-bWdSa1w&CI=0&AID=2&TYPE=xmlhttp&zx=2tzjsyab1bqo&t=1
Domain
firestore.googleapis.com
URL
https://firestore.googleapis.com/google.firestore.v1.Firestore/Listen/channel?gsessionid=a7q58aPDv24h0R6AZponFwXx6fy-wSobq3KxS4EYmY0&VER=8&database=projects%2Fsucursalgp-a721c%2Fdatabases%2F(default)&RID=rpc&SID=pkBvKELAWo1m-ABgt6dmvw&CI=0&AID=12&TYPE=xmlhttp&zx=2t7329nevkyy&t=1
Domain
api.msn.com
URL
https://api.msn.com/segments/recoitems/LiveRampObjectStoreCaller?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=DEC246C0-F78B-4AD2-BCE0-7145A10E007F&ocid=peregrine&cm=es-co&it=web&user=m-00C53A261D7C65941FC129481C7C64C9
Domain
browser.events.data.msn.com
URL
https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1692121842032&time-delta-to-apply-millis=use-collector-delta&w=0&anoncknm=anon&NoResponseBody=true
Domain
c.msn.com
URL
https://c.msn.com/c.gif?rnd=1692121842033&udc=true&pg.n=articleflex&pg.t=article&pg.c=9&pg.p=prime_mobile&rf=https%3A%2F%2F360segureportalesclient.epromelectronic.rs%2F&tp=https%3A%2F%2Fwww.msn.com%2Fes-co%2Fentretenimiento%2Fother%2Fyo-me-llamo-kany-garc%25C3%25ADa-le-confes%25C3%25B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar%2Far-AA1f93Za%3Focid%3Dmsedgntp%26cvid%3D719659f535bf4033960163c46ccb0b07%26ei%3D10&cvs=Browser&di=395&st.dpt=television&st.sdpt=&subcvs=entertainment&lng=es-co&rid=dec246c0f78b4ad2bce07145a10e007f&activityId=dec246c0f78b4ad2bce07145a10e007f&d.imd=true&scr=1600x1200&anoncknm=anon&issso=true&aadState=0
Domain
sb.scorecardresearch.com
URL
https://sb.scorecardresearch.com/b?rn=1692121842033&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fwww.msn.com%2Fes-co%2Fentretenimiento%2Fother%2Fyo-me-llamo-kany-garc%25C3%25ADa-le-confes%25C3%25B3-a-amparo-grisales-que-tuvo-pesadillas-con-ella-y-la-hizo-llorar%2Far-AA1f93Za%3Focid%3Dmsedgntp%26cvid%3D719659f535bf4033960163c46ccb0b07%26ei%3D10%26content%3D1%26mkt%3Des-co&c8=Yo+Me+Llamo+Kany+Garc%C3%ADa+le+confes%C3%B3+a+Amparo+Grisales+que+tuvo+pesadillas+con+ella+y+la+hizo+llorar&c9=https%3A%2F%2F360segureportalesclient.epromelectronic.rs%2F
Domain
api.btloader.com
URL
https://api.btloader.com/mw/state?bt_env=prod
Domain
ad-delivery.net
URL
https://ad-delivery.net/px.gif?ch=2
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Domain
ad-delivery.net
URL
https://ad-delivery.net/px.gif?ch=1&e=0.29340112620392933

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _pageTimings function| getCookieConsentRequired string| _ssrServiceEntryUrl string| _webWorkerBundle string| _authCookieName object| webWorker function| appendScript object| webpackChunk_msnews_msnews_experiences boolean| _isWebWorkerPresent function| _getEntityMetricsCollection number| 2f1acc6c3a606b082e5eef5e54414ffb object| __dynProto$Gbl function| telemetryEventsClear function| telemetryEventsFlush function| _getAppPerfTrace boolean| hasPreHydrateState

6 Cookies

Domain/Path Name / Value
.msn.com/ Name: _C_ETH
Value: 1
.msn.com/ Name: USRLOC
Value:
.msn.com/ Name: MUID
Value: 00C53A261D7C65941FC129481C7C64C9
www.msn.com/ Name: MUIDB
Value: 00C53A261D7C65941FC129481C7C64C9
.msn.com/ Name: _EDGE_S
Value: F=1&SID=02878BC64C146EAD117998A84D296F8B
.msn.com/ Name: _EDGE_V
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

360segureportalesclient.epromelectronic.rs
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
api.msn.com
assets.msn.com
browser.events.data.msn.com
btloader.com
c.msn.com
firestore.googleapis.com
img-s-msn-com.akamaized.net
ipgeolocation.abstractapi.com
sb.scorecardresearch.com
www.msn.com
ad-delivery.net
ad.doubleclick.net
api.btloader.com
api.msn.com
browser.events.data.msn.com
c.msn.com
firestore.googleapis.com
sb.scorecardresearch.com
151.101.129.108
184.73.227.100
185.119.89.160
204.79.197.203
2606:4700:20::681a:78b
2a00:1450:4001:827::200a
2a02:26f0:480:f::213:7ec8
95.100.135.138
000f7ad447a205ede6b3895d65585704f0022b61013db8e4dd32e5523fd0fb25
025c1eaacf9721a8f78b524ac4d32282f11e32c5942adef8751a40b999702118
06a403fa19b0e23e9e2ef3f493a6a55f68607c5566298f3e0ed7a08dbf11ad82
15fdf76197358c418a3964f24ca791702dba4ab8003a89e37899b8eac45615ed
1834f0db77cd880ccf1f29230e8466487e68590a1fdf653d4a63636b8a22cc4f
2f0a8c35c78b0754040c4dfb145eb6e5cbb6ca1d9254080b8c16129f3a0b6db1
2ff626663d8e6ea76aa36857ef474f135ec958b17328fd36b4bf46babfdf48c5
3b72af59b1d95751583f25bee44592d7026c8b9f6922fd5bfff7ecd961c6859c
4c95796ba3f80ac6c768e8dbbc0351da02002234a437a89c75143cdbfe60046b
50b25d63fd1264ca73bedc7cb4213e7f2b9f7ba836e969ff2b8ed7d543c8e140
50eb48c479a51d767b57035e88bc49bde0b3cf2367caa71c39dd52380087c215
57cd46282c5375545631419d8652ddc7750ab19fc2314ff2790017b561bf851f
5cd80914b8c76268e5e1da31b87c0678ab7020b510fee16e2265b539b4bf922b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
68afeb92ed684999507d2232180aac671a222bd1968b43d1a5bb2c9190b330ef
76c3316f6c7ea5d2e41026d8291fe46c044faefa317a622c6712230d68e4ba85
782e446926028500371d007f39dd3459761921204f87975598558703f9a9af6d
85088a9e20d18d623b0858d53b2f62cd42514ea354869bdc05bef4254896912b
a9a77421c8118b715727105cef3b8507b343138b773bd105d5a4f9de0fea3779
accdf05b2e916268bb686d333e44d1f76cba48dee96d2a13d0764c413753b02d
b75726cea884bf1f46159803535c93d633b0236bc37a6766954513d137bc9d03
ea012c5a22d0c89f69c19400462d499fa9ee5c3a877a8aff9c5935b511d33db9
edb206de2384b75a2088a397c5b56f400d8664d5e79cbb45bc7b35c48641a5e5
f0f0bf30c0cb673e1c8b8d959ecc63506e37e84085a269d0892bb237dca8c0f5