urlscan.io logo urlscan.io
SecurityTrails logo

www.msn.com Open in urlscan Pro
204.79.197.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-gre...
Effective URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-gre...
Submission: On June 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 9 countries across 64 domains to perform 426 HTTP transactions. The main IP is 204.79.197.203, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.msn.com.
TLS certificate: Issued by Microsoft RSA TLS CA 02 on October 19th 2020. Valid for: a year.
This is the only time www.msn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 58 204.79.197.203 8068 (MICROSOFT...)
17 92.122.213.234 20940 (AKAMAI-ASN1)
11 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
91 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 95.100.69.216 16625 (AKAMAI-AS)
10 40.77.226.250 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
4 7 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 52.222.174.22 16509 (AMAZON-02)
6 104.18.23.230 13335 (CLOUDFLAR...)
4 18.156.195.47 16509 (AMAZON-02)
6 184.25.239.57 20940 (AKAMAI-ASN1)
3 3.126.56.137 16509 (AMAZON-02)
5 37.157.2.237 198622 (ADFORM)
2 37.157.5.71 198622 (ADFORM)
3 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.230 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 104.108.145.172 16625 (AKAMAI-AS)
2 172.217.16.130 15169 (GOOGLE)
1 152.195.51.15 15133 (EDGECAST)
1 212.82.100.182 34010 (YAHOO-IRD)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 20.190.160.69 8075 (MICROSOFT...)
2 8 35.156.250.242 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 2 54.167.249.152 14618 (AMAZON-AES)
2 52.217.136.201 16509 (AMAZON-02)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 5 34.195.109.238 14618 (AMAZON-AES)
1 2600:9000:20c... 16509 (AMAZON-02)
1 1 2620:119:50e1... 14413 (LINKEDIN)
2 2 2620:119:50e3... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 192.229.221.28 15133 (EDGECAST)
2 2a01:111:202c... 8068 (MICROSOFT...)
30 151.101.13.44 54113 (FASTLY)
1 104.108.145.107 16625 (AKAMAI-AS)
1 52.84.174.29 16509 (AMAZON-02)
2 54.76.164.24 16509 (AMAZON-02)
1 20.82.209.183 8075 (MICROSOFT...)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
11 2a03:2880:f11... 32934 (FACEBOOK)
1 2 70.42.32.159 22075 (AS-OUTBRAIN)
5 7 76.223.111.131 16509 (AMAZON-02)
7 8 142.250.185.194 15169 (GOOGLE)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
4 9 185.33.220.242 29990 (ASN-APPNEX)
2 4 52.46.130.13 16509 (AMAZON-02)
1 104.108.144.238 16625 (AKAMAI-AS)
1 151.101.113.108 54113 (FASTLY)
1 35.158.223.21 16509 (AMAZON-02)
1 185.255.84.153 200271 (IGUANE-)
14 141.226.228.48 200478 (TABOOLA-AS)
12 199.232.137.44 54113 (FASTLY)
1 2 34.98.64.218 15169 (GOOGLE)
2 141.226.224.32 200478 (TABOOLA-AS)
1 152.67.40.109 31898 (ORACLE-BM...)
3 4 54.211.158.99 14618 (AMAZON-AES)
2 2 185.29.133.58 30419 (MEDIAMATH...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
6 7 54.36.109.22 16276 (OVH)
8 8 52.57.46.37 16509 (AMAZON-02)
4 4 51.75.15.61 16276 (OVH)
2 2 52.208.103.128 16509 (AMAZON-02)
2 2 18.195.105.17 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
4 4 185.94.180.125 35220 (SPOTX-AMS)
11 11 18.184.169.195 16509 (AMAZON-02)
3 3 3.127.166.11 16509 (AMAZON-02)
2 2 188.42.191.196 7979 (SERVERS-COM)
2 3 185.33.220.100 29990 (ASN-APPNEX)
1 104.18.100.194 13335 (CLOUDFLAR...)
1 104.108.144.24 16625 (AKAMAI-AS)
1 2 104.19.136.78 13335 (CLOUDFLAR...)
3 9 23.37.42.132 16625 (AKAMAI-AS)
3 69.173.144.138 26667 (RUBICONPR...)
2 2 37.157.4.25 198622 (ADFORM)
1 2 198.148.27.139 19189 (PULSEPOINT)
2 8 104.108.145.8 16625 (AKAMAI-AS)
8 2a02:26f0:12d... 20940 (AKAMAI-ASN1)
7 167.99.157.77 14061 (DIGITALOC...)
1 157.230.212.227 14061 (DIGITALOC...)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2606:2800:234... 15133 (EDGECAST)
1 104.244.42.8 13414 (TWITTER)
1 142.250.185.162 15169 (GOOGLE)
426 76
58    204.79.197.203 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0003.a-msedge.net
www.msn.com
api.msn.com
srtb.msn.com
17    92.122.213.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-122-213-234.deploy.static.akamaitechnologies.com
static-entertainment-neu-s-msn-com.akamaized.net
11    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
jill.fc.yahoo.com
jac.yahoosandbox.com
26.at.atwola.com
s.yimg.com
1    2a02:26f0:10c::5f64:c17b (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static-global-s-msn-com.akamaized.net
91    2a02:26f0:10c::5f64:c1c3 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-s-msn-com.akamaized.net
1    95.100.69.216 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-69-216.deploy.static.akamaitechnologies.com
confiant.msn.com
10    40.77.226.250 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web.vortex.data.msn.com
2    52.142.114.2 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.msn.com
7    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    52.222.174.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-22.cdg50.r.cloudfront.net
sb.scorecardresearch.com
6    104.18.23.230 (United States)

ASN13335 (CLOUDFLARENET, US)
www.dianomi.com
4    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
web.ssp.yahoo.com
eu-central-1-web.ssp.yahoo.com
6    184.25.239.57 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.msn.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
service.idsync.analytics.yahoo.com
5    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
3    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
ad.doubleclick.net
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
20    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    104.108.145.172 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-172.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
googleads4.g.doubleclick.net
1    152.195.51.15 (United States)

ASN15133 (EDGECAST, US)
tag.idsync.analytics.yahoo.com
1    212.82.100.182 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    2606:4700::6810:a10d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.viglink.com
1    20.190.160.69 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.live.com
8    35.156.250.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
scontent-frt3-2.xx.fbcdn.net
2    54.167.249.152 (United States)

ASN14618 (AMAZON-AES, US)
tools.applemediaservices.com
2    52.217.136.201 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
apple-resources.s3.amazonaws.com
4    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
5    34.195.109.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-109-238.compute-1.amazonaws.com
www138.civicscience.com
1    2600:9000:20c3:f400:f:c7b3:ce40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d2zqfs55y95cft.cloudfront.net
1    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
www.bizographics.com
2    2620:119:50e3:101::6cae:b45 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    192.229.221.28 (United States)

ASN15133 (EDGECAST, US)
cdn.adaptv.advertising.com
2    2a01:111:202c::200 (United Kingdom)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bing.com
30    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
vidstat.taboola.com
15.taboola.com
imprammp.taboola.com
wf.taboola.com
api.taboola.com
trc.taboola.com
1    104.108.145.107 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-107.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    52.84.174.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-174-29.cdg50.r.cloudfront.net
ib.3lift.com
2    54.76.164.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-164-24.eu-west-1.compute.amazonaws.com
api.viglink.com
1    20.82.209.183 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
arc.msn.com
1    2a02:26f0:10c::5f64:c18b (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-prod-cms-rt-microsoft-com.akamaized.net
11    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
7    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
8    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
9    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    52.46.130.13 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    104.108.144.238 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
img.s-msn.com
1    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    35.158.223.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.sharethrough.com
1    185.255.84.153 (Paris, France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
14    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
am-wf.taboola.com
12    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
img.img-taboola.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
u.openx.net
2    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    152.67.40.109 (São Paulo, Brazil)

ASN31898 (ORACLE-BMC-31898, US)
sync.hariken.co
4    54.211.158.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i.liadm.com
2    185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
7    54.36.109.22 (France)

ASN16276 (OVH, FR)
id5-sync.com
8    52.57.46.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ice.360yield.com
ad.360yield.com
4    51.75.15.61 (France)

ASN16276 (OVH, FR)
cookie-matching.mediarithmics.com
2    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
2    18.195.105.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
4    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
11    18.184.169.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
3    3.127.166.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
prod.perf-serving.com
2    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    185.33.220.100 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
m.adnxs.com
1    104.18.100.194 (United States)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    104.108.144.24 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-24.deploy.static.akamaitechnologies.com
hbx.media.net
2    104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
9    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
8    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
8    2a02:26f0:12d::1730:ca68 (Berlin, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.vidazoo.com
7    167.99.157.77 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
bisdr.vidazoo.com
1    157.230.212.227 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
wserversa.vidazoo.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2a02:26f0:10c::5f65:5a98 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
inventory.vidazoo.com
1    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
110 akamaized.net
static-entertainment-neu-s-msn-com.akamaized.net
static-global-s-msn-com.akamaized.net
img-s-msn-com.akamaized.net
img-prod-cms-rt-microsoft-com.akamaized.net
1 MB
78 msn.com
www.msn.com
confiant.msn.com
web.vortex.data.msn.com
c.msn.com
assets.msn.com
arc.msn.com
api.msn.com
srtb.msn.com
904 KB
46 taboola.com
cdn.taboola.com
vidstat.taboola.com
15.taboola.com
imprammp.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
api.taboola.com
cds.taboola.com
trc.taboola.com
sync-t1.taboola.com
sync.taboola.com
am-wf.taboola.com
318 KB
20 2mdn.net
s0.2mdn.net
84 KB
17 vidazoo.com
static.vidazoo.com
bisdr.vidazoo.com
wserversa.vidazoo.com
inventory.vidazoo.com
372 KB
13 adnxs.com
ib.adnxs.com
acdn.adnxs.com
m.adnxs.com
26 KB
13 yahoo.com
jill.fc.yahoo.com
web.ssp.yahoo.com
service.idsync.analytics.yahoo.com
eu-central-1-web.ssp.yahoo.com
tag.idsync.analytics.yahoo.com
cms.analytics.yahoo.com
pr-bh.ybp.yahoo.com
17 KB
12 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
33 KB
12 img-taboola.com
img.img-taboola.com
150 KB
11 bidswitch.net
x.bidswitch.net
4 KB
11 facebook.com
www.facebook.com
162 KB
11 doubleclick.net
ad.doubleclick.net
googleads4.g.doubleclick.net
cm.g.doubleclick.net
21 KB
10 moatads.com
z.moatads.com
px.moatads.com
101 KB
9 3lift.com
eb2.3lift.com
ib.3lift.com
4 KB
9 adform.net
track.adform.net
s1.adform.net
c1.adform.net
38 KB
9 bing.com
c.bing.com
www.bing.com
5 KB
8 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
9 KB
8 360yield.com
ice.360yield.com
ad.360yield.com
3 KB
7 id5-sync.com
id5-sync.com
11 KB
7 adsrvr.org
match.adsrvr.org
3 KB
7 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
33 KB
6 dianomi.com
www.dianomi.com
658 KB
5 civicscience.com
www138.civicscience.com
622 B
4 spotxchange.com
sync.search.spotxchange.com
3 KB
4 mediarithmics.com
cookie-matching.mediarithmics.com
2 KB
4 liadm.com
i.liadm.com
2 KB
4 amazon-adsystem.com
s.amazon-adsystem.com
1 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
2 KB
4 google.com
play.google.com
28 KB
4 yimg.com
s.yimg.com
256 KB
3 perf-serving.com
prod.perf-serving.com
2 KB
3 viglink.com
cdn.viglink.com
api.viglink.com
30 KB
3 googletagservices.com
www.googletagservices.com
56 KB
3 yahoosandbox.com
jac.yahoosandbox.com
99 KB
2 twitter.com
platform.twitter.com
syndication.twitter.com
21 KB
2 contextweb.com
bh.contextweb.com
912 B
2 mgid.com
cm.mgid.com
1 KB
2 betweendigital.com
ads.betweendigital.com
1017 B
2 tapad.com
pixel.tapad.com
932 B
2 creative-serving.com
ads.creative-serving.com
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net
997 B
2 mathtag.com
sync.mathtag.com
1 KB
2 openx.net
u.openx.net
494 B
2 zemanta.com
b1sync.zemanta.com
428 B
2 amazonaws.com
apple-resources.s3.amazonaws.com
22 KB
2 applemediaservices.com
tools.applemediaservices.com
267 B
2 facebook.net
connect.facebook.net
67 KB
2 atwola.com
26.at.atwola.com
383 B
2 scorecardresearch.com
sb.scorecardresearch.com
1011 B
1 rfihub.com
p.rfihub.com
777 B
1 turn.com
ad.turn.com
425 B
1 media.net
hbx.media.net
371 B
1 adsymptotic.com
p.adsymptotic.com
293 B
1 zeotap.com
mwzeom.zeotap.com
485 B
1 hariken.co
sync.hariken.co
119 B
1 omnitagjs.com
visitor.omnitagjs.com
235 B
1 sharethrough.com
match.sharethrough.com
263 B
1 s-msn.com
img.s-msn.com
77 KB
1 fbcdn.net
scontent-frt3-2.xx.fbcdn.net
2 KB
1 outbrain.com
widgets.outbrain.com
3 KB
1 advertising.com
cdn.adaptv.advertising.com
2 KB
1 bizographics.com
www.bizographics.com
379 B
1 cloudfront.net
d2zqfs55y95cft.cloudfront.net
35 KB
1 live.com
login.live.com
847 B
426 64
Domain Requested by
91 img-s-msn-com.akamaized.net www.msn.com
static-entertainment-neu-s-msn-com.akamaized.net
25 srtb.msn.com static-global-s-msn-com.akamaized.net
22 api.msn.com assets.msn.com
20 s0.2mdn.net ad.doubleclick.net
s0.2mdn.net
17 static-entertainment-neu-s-msn-com.akamaized.net www.msn.com
static-entertainment-neu-s-msn-com.akamaized.net
static-global-s-msn-com.akamaized.net
13 api.taboola.com
12 img.img-taboola.com static-entertainment-neu-s-msn-com.akamaized.net
11 x.bidswitch.net 11 redirects
11 www.facebook.com connect.facebook.net
www.facebook.com
static-global-s-msn-com.akamaized.net
11 www.msn.com 1 redirects static-entertainment-neu-s-msn-com.akamaized.net
static-global-s-msn-com.akamaized.net
assets.msn.com
10 web.vortex.data.msn.com static-entertainment-neu-s-msn-com.akamaized.net
9 vidstat.taboola.com www.msn.com
15.taboola.com
vidstat.taboola.com
9 ib.adnxs.com 4 redirects eb2.3lift.com
acdn.adnxs.com
ssum.casalemedia.com
9 px.moatads.com ad.doubleclick.net
8 static.vidazoo.com vidstat.taboola.com
static.vidazoo.com
8 cm.g.doubleclick.net 7 redirects eb2.3lift.com
8 eb2.3lift.com 2 redirects ib.3lift.com
eb2.3lift.com
7 bisdr.vidazoo.com static.vidazoo.com
7 id5-sync.com 6 redirects
7 match.adsrvr.org 5 redirects eb2.3lift.com
ssum.casalemedia.com
7 c.bing.com 4 redirects cdn.adaptv.advertising.com
eb2.3lift.com
6 eus.rubiconproject.com imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
6 ad.360yield.com 6 redirects
6 assets.msn.com web.ssp.yahoo.com
assets.msn.com
static-entertainment-neu-s-msn-com.akamaized.net
6 www.dianomi.com static-global-s-msn-com.akamaized.net
www.msn.com
www.dianomi.com
5 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
5 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
5 www138.civicscience.com 1 redirects www138.civicscience.com
5 track.adform.net web.ssp.yahoo.com
s1.adform.net
4 sync.taboola.com imprammp.taboola.com
am-match.taboola.com
ssum.casalemedia.com
4 sync.search.spotxchange.com 4 redirects
4 cookie-matching.mediarithmics.com 4 redirects
4 i.liadm.com 3 redirects
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
ssum.casalemedia.com
4 play.google.com 2 redirects
4 pagead2.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 s.yimg.com web.ssp.yahoo.com
3 token.rubiconproject.com eus.rubiconproject.com
3 secure-assets.rubiconproject.com 3 redirects
3 m.adnxs.com 2 redirects
3 prod.perf-serving.com 3 redirects
3 trc.taboola.com imprammp.taboola.com
am-match.taboola.com
3 www.googletagservices.com s1.adform.net
www.googletagservices.com
s0.2mdn.net
3 service.idsync.analytics.yahoo.com web.ssp.yahoo.com
tag.idsync.analytics.yahoo.com
3 jac.yahoosandbox.com jill.fc.yahoo.com
jac.yahoosandbox.com
2 ssum.casalemedia.com 1 redirects am-match.taboola.com
2 bh.contextweb.com 1 redirects am-match.taboola.com
2 c1.adform.net 2 redirects
2 cm.mgid.com 1 redirects
2 ads.betweendigital.com 2 redirects
2 pixel.tapad.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 ice.360yield.com 2 redirects
2 sync.mathtag.com 2 redirects
2 cds.taboola.com
2 u.openx.net 1 redirects
2 am-vid-events.taboola.com vidstat.taboola.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 pr-bh.ybp.yahoo.com 1 redirects
2 b1sync.zemanta.com 1 redirects
2 api.viglink.com cdn.viglink.com
2 www.bing.com static-global-s-msn-com.akamaized.net
2 px.ads.linkedin.com 2 redirects
2 apple-resources.s3.amazonaws.com
2 tools.applemediaservices.com 2 redirects
2 connect.facebook.net www.msn.com
connect.facebook.net
2 googleads4.g.doubleclick.net ad.doubleclick.net
2 tpc.googlesyndication.com ad.doubleclick.net
tpc.googlesyndication.com
2 s1.adform.net track.adform.net
s1.adform.net
2 eu-central-1-web.ssp.yahoo.com web.ssp.yahoo.com
2 26.at.atwola.com www.msn.com
2 web.ssp.yahoo.com www.msn.com
2 sb.scorecardresearch.com 1 redirects www.msn.com
2 c.msn.com 1 redirects www.msn.com
2 jill.fc.yahoo.com www.msn.com
jac.yahoosandbox.com
1 am-wf.taboola.com vidstat.taboola.com
1 ade.googlesyndication.com
1 syndication.twitter.com platform.twitter.com
1 platform.twitter.com static-global-s-msn-com.akamaized.net
1 inventory.vidazoo.com www.msn.com
1 p.rfihub.com 1 redirects
1 ad.turn.com 1 redirects
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 wserversa.vidazoo.com static.vidazoo.com
1 hbx.media.net
1 p.adsymptotic.com
1 mwzeom.zeotap.com
1 sync.hariken.co
1 imprammp.taboola.com vidstat.taboola.com
1 visitor.omnitagjs.com
1 match.sharethrough.com
1 acdn.adnxs.com static-entertainment-neu-s-msn-com.akamaized.net
1 15.taboola.com vidstat.taboola.com
1 img.s-msn.com
1 scontent-frt3-2.xx.fbcdn.net www.facebook.com
1 img-prod-cms-rt-microsoft-com.akamaized.net
1 arc.msn.com
1 ib.3lift.com static-entertainment-neu-s-msn-com.akamaized.net
1 widgets.outbrain.com static-entertainment-neu-s-msn-com.akamaized.net
1 cdn.taboola.com static-entertainment-neu-s-msn-com.akamaized.net
1 cdn.adaptv.advertising.com www.msn.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 www.bizographics.com 1 redirects
1 d2zqfs55y95cft.cloudfront.net
1 login.live.com 1 redirects
1 cdn.viglink.com www.msn.com
1 cms.analytics.yahoo.com
1 tag.idsync.analytics.yahoo.com jac.yahoosandbox.com
1 z.moatads.com s0.2mdn.net
1 ad.doubleclick.net www.googletagservices.com
1 confiant.msn.com static-entertainment-neu-s-msn-com.akamaized.net
1 static-global-s-msn-com.akamaized.net www.msn.com
426 115
Subject Issuer Validity Valid
*.msn.com
Microsoft RSA TLS CA 02		 2020-10-19 -
2021-10-19		 a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
secure.ace.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-05-27 -
2021-11-17		 6 months crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-27 -
2021-07-14		 2 months crt.sh
web.vortex.data.msn.com
Microsoft Azure TLS Issuing CA 02		 2020-09-14 -
2021-09-09		 a year crt.sh
c.msn.com
Microsoft RSA TLS CA 02		 2021-02-03 -
2022-02-03		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
dianomi.com
Cloudflare Inc ECC CA-3		 2021-06-03 -
2022-06-02		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
jp.techcrunch.com
DigiCert SHA2 High Assurance Server CA		 2021-04-22 -
2021-07-07		 3 months crt.sh
assets.msn.com
Microsoft RSA TLS CA 01		 2020-10-19 -
2021-10-19		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-06-03 -
2021-07-21		 2 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.idsync.analytics.yahoo.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-02		 a year crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
ssl418259.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-04-06 -
2021-10-13		 6 months crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
cdn.adap.tv
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
viglink.com
Amazon		 2020-12-13 -
2022-01-11		 a year crt.sh
arc.msn.com
Microsoft Azure TLS Issuing CA 02		 2021-05-28 -
2022-05-23		 a year crt.sh
*.zemanta.com
DigiCert SHA2 Secure Server CA		 2020-08-23 -
2021-09-01		 a year crt.sh
*.civicscience.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-09 -
2022-05-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.img.s-msn.com
Microsoft RSA TLS CA 01		 2020-10-19 -
2021-10-19		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
sync.hariken.co
R3		 2021-06-05 -
2021-09-03		 3 months crt.sh
*.liadm.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.id5-sync.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.vidazoo.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-02-03		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh

This page contains 23 frames:

Primary Page: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Frame ID: 0BA5744389EDFD0B0043C73B4F73452F
Requests: 268 HTTP requests in this frame

Frame: https://www.dianomi.com/smartads.epl?id=3533
Frame ID: E0A9F59D06C9BDD7365916A6A7461D52
Requests: 6 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.6.1/jac.js
Frame ID: 3AB8D9C2316B01D4DC769162FBB7263D
Requests: 15 HTTP requests in this frame

Frame: https://jac.yahoosandbox.com/0.6.1/jac.js
Frame ID: 7343E288A8A9C7CDF4A3363E2397F46E
Requests: 15 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
Frame ID: 22E36E5E3FE7F8E90CBCEA0DCD037A44
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C8B2444F8F299ACE2D965A01E0F97407
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Frame ID: 11E7B4BE2D15A1BD351376878863F172
Requests: 19 HTTP requests in this frame

Frame: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Frame ID: B6E095E1AAA19724B5B60915A9E5ED1D
Requests: 2 HTTP requests in this frame

Frame: https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
Frame ID: 8A27F7D418805E6AEFCB51C064388B6D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adaptv.advertising.com/msft/msftsync.html
Frame ID: 4DF8B66A36D0A97C708774FF58980137
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
Frame ID: 51D5E46C6179158D5A6A13F69A374B1B
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 9EE1EE61771B48E8892D538509BF816E
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0AF4C67E872C23D3DDDD7B12D783D7A2
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7994267&crid=5083905&dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&cmcv=&pix=undefined&cb=1623246080157&uv=2979&tms=1623246080157&abt=206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm!ul2981_vB&ft=0&unm=MSN_WIDGET&aure=false&cirid=7BA18A6CE2647447271543125220&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 3B54A25AA87DD423D36FEF07CDFB4164
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: D150B427840DB9A95550ACEF61A80BAF
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Frame ID: 9430C84BC88D7AAB9AE9895C4F9EA389
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Frame ID: 848A49D1A9873D673D549F6248CA13A9
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: D234E2205DDD89F3068725DEDC866BA4
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Frame ID: FFF36ADB14DEEA721CD8207DD6F7066C
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Frame ID: 348E1D08DEA184A29E479606C267F23C
Requests: 10 HTTP requests in this frame

Frame: https://static.vidazoo.com/basev/1.0.552/prebid/prebid.js
Frame ID: 850EB9DCA2EC980968BAEE74A6EE6D01
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?locale=en_US&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&send=false&layout=button_count&width=450&show_faces=false&font&colorscheme=light&action=like&height=21
Frame ID: CECC3925DB80483BC9C39A57C74D229A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.html?show_screen_name=false&screen_name=msn&show_count=false&lang=en
Frame ID: 936580F29EA54A91929CE4108C569C71
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-t... HTTP 302
    https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-t... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

426
Requests

99 %
HTTPS

26 %
IPv6

64
Domains

115
Subdomains

76
IPs

9
Countries

4738 kB
Transfer

11243 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY HTTP 302
    https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://c.msn.com/c.gif?udc=true&rid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd=637588428756008908&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Fpolitics%252Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252Far-AAKPSVY&di=17930&lng=en-us&activityId=aadb0927f1a94e7f8b1298ed05eeff6b&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=newspolitics&st.sdpt=&subcvs=news&pg.n=articleflex&pg.t=article&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0 HTTP 302
  • https://c.bing.com/c.gif?udc=true&rid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd=637588428756008908&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Fpolitics%252Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252Far-AAKPSVY&di=17930&lng=en-us&activityId=aadb0927f1a94e7f8b1298ed05eeff6b&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=newspolitics&st.sdpt=&subcvs=news&pg.n=articleflex&pg.t=article&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=0C1044F8F45A4863901DDC70D88C6CF1&RedC=c.msn.com&MXFR=1CA5EC2DDA9662691073FC7CDB8F631A HTTP 302
  • https://c.msn.com/c.gif?udc=true&rid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd=637588428756008908&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Fpolitics%252Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252Far-AAKPSVY&di=17930&lng=en-us&activityId=aadb0927f1a94e7f8b1298ed05eeff6b&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=newspolitics&st.sdpt=&subcvs=news&pg.n=articleflex&pg.t=article&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=0C1044F8F45A4863901DDC70D88C6CF1&MUID=1CA5EC2DDA9662691073FC7CDB8F631A
Request Chain 18
  • https://sb.scorecardresearch.com/b?c1=2&c2=3000001&cs_ucfr=1&rn=1623246076219&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY&c8=Trump+and+Hannity%27s+friendship+%27began+to+break+down%27+when+the+Fox+News+host+grew+%27disgusted%27+with+the+2020+election+lies%2C+according+to+book&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1623246076219&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY&c8=Trump%20and%20Hannity%27s%20friendship%20%27began%20to%20break%20down%27%20when%20the%20Fox%20News%20host%20grew%20%27disgusted%27%20with%20the%202020%20election%20lies%2C%20according%20to%20book&c9=
Request Chain 92
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1623246074&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2fnews%2fsecure%2fsilentpassport%3fsecure%3dtrue&lc=1033&id=1184&mkt=en-us HTTP 302
  • https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
Request Chain 93
  • https://eb2.3lift.com/mapuid?suid=null&sid=16 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
Request Chain 96
  • https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us HTTP 301
  • https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg
Request Chain 97
  • https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png HTTP 302
  • https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
Request Chain 98
  • https://www138.civicscience.com/jspoll/4/civicscience-widget.js HTTP 302
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Request Chain 99
  • https://www.bizographics.com/collect/?fmt=gif&pid=7850 HTTP 301
  • https://px.ads.linkedin.com/collect?fmt=gif&pid=7850 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Ffmt%3Dgif%26pid%3D7850%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQK57_vOYnaVNAAAAXnxAYdoiP-VOb6ktaxuCN7bpbAB3h6W-gjAWV6T-5W1PjK2cWlTO1vQ
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFyS6Xixd5DZq9dNZyHBdnI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 184
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTA2NTYyNDc2MzcwMzI5NzAwOA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTA2NTYyNDc2MzcwMzI5NzAwOA%3D%3D&google_tc=
Request Chain 186
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/5065624763703297008?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-DfWmO0JE2oQi2vRR8UlNlbRWMUZAEptpRZQ.tx6IHA--~A&dongle=0883
Request Chain 187
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3744072739603064518&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 188
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=5065624763703297008 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=5065624763703297008&dcc=t
Request Chain 189
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 234
  • https://ib.adnxs.com/async_usersync_file HTTP 302
  • https://acdn.adnxs.com/dmp/async_usersync.html
Request Chain 238
  • https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png HTTP 302
  • https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
Request Chain 242
  • https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us HTTP 301
  • https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg
Request Chain 296
  • https://u.openx.net/w/1.0/sd?id=543998486&val=298EA637D5906C90390EB666D4896D91&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=298EA637D5906C90390EB666D4896D91&gdpr=0&gdpr_consent=
Request Chain 323
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=298EA637D5906C90390EB666D4896D91 HTTP 303
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=298EA637D5906C90390EB666D4896D91&_li_chk=true&previous_uuid=342769543494400d84f43d9016c66311 HTTP 303
  • https://i.liadm.com/s/64716?bidder_id=88068&bidder_uuid=298EA637D5906C90390EB666D4896D91&previous_uuid=40a0efb1d0754c58b5ed35ec093d279c HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F64716%2F0%2Fa40e58b41c6b4d7e8efd66ff7d64237e%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&34276954-3494-400d-84f4-3d9016c66311&bidder_id=88068&bidder_uuid=298EA637D5906C90390EB666D4896D91&previous_uuid=a40e58b41c6b4d7e8efd66ff7d64237e HTTP 302
  • https://i.liadm.com/s/e/64716/0/a40e58b41c6b4d7e8efd66ff7d64237e?mpid=7156&muid=121960c0-c501-4400-a550-6a9cab1116c0
Request Chain 325
  • https://id5-sync.com/s/464/9.gif?puid=298EA637D5906C90390EB666D4896D91&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=298EA637D5906C90390EB666D4896D91&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOF7LcDVKAgZlj-yc0HvrQbmke3gkqU9AiIL4kHw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOF7LcDVKAgZlj-yc0HvrQbmke3gkqU9AiIL4kHw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=ab0eaae1-d4e8-4fa2-a3f7-fbb5cbc48fdc&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEM3his7jkntjoAptc6YaejU&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEM3his7jkntjoAptc6YaejU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3744072739603064518&opid=apx&ops=&utidl=tech:goo:CAESEM3his7jkntjoAptc6YaejU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17989292236&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/4/4.gif?puid=cdeb0c89d9262c1969874f208e42e0ba&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/464/101/3/5.gif?puid=152e2be3-9416-48ae-8e93-3074c5076c7a&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/2/6.gif?puid=421d7390-8c4c-4c27-a5bb-9793cd82f629&gdpr=1&gdpr_consent=
Request Chain 329
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1392e92d-d5cc-45b6-a2b3-6b94b01568b0
Request Chain 330
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=5f98f2be-c928-11eb-ab12-16821cb20106 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f98f277-c928-11eb-ab12-16821cb20106&orig=video&us_privacy=1---
Request Chain 331
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=d140949b-4c56-490b-b3ab-5deec8afcbcd&ssp=taboola&user_group=1 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
Request Chain 332
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
Request Chain 335
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0481c791-e84c-41c7-988c-84a32359c929
Request Chain 336
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=5fa0059e-c928-11eb-9a90-197e22df0206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5fa0056d-c928-11eb-9a90-197e22df0206&orig=video&us_privacy=1---
Request Chain 337
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=63e61b10-eae7-52a0-a3ad-9d6ac36d586b&ssp=taboola&expires=30&user_group=1 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
Request Chain 338
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
Request Chain 341
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1392e92d-d5cc-45b6-a2b3-6b94b01568b0
Request Chain 359
  • https://c.bing.com/c.gif?Red3=MSAN_Video_pd&rid=aadb0927-f1a9-4e7f-8b12-98ed05eeff6b&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlepage&rf=&tp=https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY HTTP 302
  • https://m.adnxs.com/seg?add=5159620&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D226%26user%3D349EFDC91FEF6E890EE6ED981E5D6FED%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fmapuid%253Fmember%253D280%2526user%253D349EFDC91FEF6E890EE6ED981E5D6FED HTTP 302
  • https://m.adnxs.com/mapuid?member=226&user=349EFDC91FEF6E890EE6ED981E5D6FED&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D280%26user%3D349EFDC91FEF6E890EE6ED981E5D6FED HTTP 302
  • https://m.adnxs.com/mapuid?member=280&user=349EFDC91FEF6E890EE6ED981E5D6FED
Request Chain 360
  • https://c.bing.com/c.gif?Red3=MSDB_pd&rid=aadb0927-f1a9-4e7f-8b12-98ed05eeff6b&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlepage&rf=&tp=https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=349EFDC91FEF6E890EE6ED981E5D6FED&_rand=725327
Request Chain 361
  • https://c.bing.com/c.gif?Red3=MSOATH_pd HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/msn/349EFDC91FEF6E890EE6ED981E5D6FED
Request Chain 363
  • https://cm.mgid.com/m?cdsp=516415&c=298EA637D5906C90390EB666D4896D91&mode=inverse HTTP 301
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=49201f79-6fe3-41b3-b7c1-17187e198c33&gdpr=&gdpr_consent=&us_privacy=
Request Chain 365
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Request Chain 366
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Request Chain 382
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8935404429059246178&ssp=taboola HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
Request Chain 383
  • https://bh.contextweb.com/bh/rtset?gdpr=0&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%25%25VGUID%25%25%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=S1MxTXptNF9nc3lpQ3MwZk8yNnFldw&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAu2aEsOKlPSYvPhkNzkNKc&google_cver=1
Request Chain 384
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
Request Chain 385
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Request Chain 386
  • https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Request Chain 396
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMDFAoHIO5KpvmUFfZWauAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFUlpbMXfN-mdRiqTRXXfM4&google_cver=1&gdpr=1
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMDFAoHIO5KpvmUFfZWauAAABMAAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJj_X_puBcmkwWS0u6isv3s&google_cver=1
Request Chain 398
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMDFAoHIO5KpvmUFfZWauAAABMAAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMDFAoHIO5KpvmUFfZWauAAABMAAAAAB&dcc=t
Request Chain 401
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=121960c0-c501-4400-a550-6a9cab1116c0&gdpr=1&gdpr_consent=
Request Chain 402
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4596033037164490178
Request Chain 403
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827871530774195

426 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ar-AAKPSVY
www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/
Redirect Chain
  • http://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
  • https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
137 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
e7f7be5517f0d501a6daed471a13fda382ac9d8b97f5cb6cce24e8a4f7b4c537
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.msn.com
:scheme
https
:path
/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_EDGE_S=F=1; _EDGE_V=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-cache, no-store, no-transform
pragma
no-cache
content-length
42916
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
User-Agent
set-cookie
anoncknm=; domain=msn.com; path=/; secure; HttpOnly OvrlyTrf=OffNet; domain=www.msn.com; path=/; secure; HttpOnly MUID=1CA5EC2DDA9662691073FC7CDB8F631A; samesite=none; path=/; secure; expires=Mon, 04-Jul-2022 13:41:15 GMT; domain=msn.com
access-control-allow-origin
*
x-aspnetmvc-version
5.2
x-appversion
20210608_21624174
x-activity-id
aadb0927-f1a9-4e7f-8b12-98ed05eeff6b
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 27, sn: neurope-prod-entertainment, dt: 2021-06-05T05:01:51.7147763Z, bt: 2021-06-08T00:13:25.3733084Z}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
strict-transport-security
max-age=1209600; includeSubDomains; preload
content-security-policy
default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
x-ua-compatible
IE=Edge;chrome=1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
access-control-allow-methods
HEAD,GET,OPTIONS
x-xss-protection
1
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: AADB0927F1A94E7F8B1298ED05EEFF6B Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:14Z
date
Wed, 09 Jun 2021 13:41:15 GMT

Redirect headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Length
301
Content-Type
text/html; charset=utf-8
Expires
-1
Location
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Access-Control-Allow-Origin
*
X-AspNetMvc-Version
5.2
X-AppVersion
20210608_21624174
X-Activity-Id
fb46f532-8acc-4f92-946a-d9a016773efb
X-Az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 20, sn: neurope-prod-entertainment, dt: 2021-06-05T04:33:38.2859093Z, bt: 2021-06-08T00:13:25.3733084Z}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
X-Powered-By
ASP.NET
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
X-XSS-Protection
1
X-Cache
CONFIG_NOCACHE
X-MSEdge-Ref
Ref A: FB46F5328ACC4F92946AD9A016773EFB Ref B: WAW01EDGE0318 Ref C: 2021-06-09T13:41:14Z
Set-Cookie
_EDGE_S=F=1; path=/; httponly; domain=msn.com _EDGE_V=1; path=/; httponly; expires=Mon, 04-Jul-2022 13:41:14 GMT; domain=msn.com MUID=3EC4684D508A6AC50091781C51936B0A; samesite=none; path=/; secure; expires=Mon, 04-Jul-2022 13:41:14 GMT; domain=msn.com
Date
Wed, 09 Jun 2021 13:41:13 GMT
f77b07.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/f8/f77b07.woff2
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:15 GMT
Last-Modified
Tue, 15 Sep 2020 23:50:20 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0464df8ba8bd61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=9781137
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24428
X-XSS-Protection
1
4d-ca5100-68ddb2ab
static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa... 		233 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
193410ffe16c8fb22b9bf031173e4c1d89f6b237726873d02ce22308f4e7e0c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-S2
2021-06-08T20:59:42
X-Powered-By
ASP.NET
X-Activity-Id
00000000-9e8f-4c83-aca9-987e08ad64d6
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
33907
X-XSS-Protection
1
X-AspNetMvc-Version
5.2
Last-Modified
Tue, 08 Jun 2021 20:59:41 GMT
Server
Microsoft-IIS/8.5
X-Az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 26, sn: neurope-prod-entertainment, dt: 2021-06-05T04:50:56.4168922Z, bt: 2021-06-08T00:13:25.3733084Z}
X-FRAME-OPTIONS
SAMEORIGIN
X-S1
2021-06-08T20:59:41
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform, max-age=31475927
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
Timing-Allow-Origin
*
X-AppVersion
20210608_21624174
Expires
Wed, 08 Jun 2022 21:00:02 GMT
js
jill.fc.yahoo.com/v1/client/msft/ 		244 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v1/client/msft/js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
247414b887c6cc29fb8d31de9d91c42814a452bf059a843499cb63966f24c3c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:15 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
2768a19bc46943263b24a6a3492ef555a31721
jquery-2.1.1.min.js
static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c17b Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-activity-id
00000000-fd2b-467c-90f6-60bf74fb3bb0
content-length
29575
x-xss-protection
1
x-aspnetmvc-version
5.2
last-modified
Wed, 14 Apr 2021 06:10:36 GMT
server
Microsoft-IIS/8.5
x-az
{did:951b20c4cd6d42d29795c846b4755d88, rid: 1, sn: neurope-prod-hp, dt: 2021-03-31T22:55:33.0620381Z, bt: 2021-04-11T00:17:17.6241722Z}
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=26670604
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-appversion
20210411_20139766
expires
Thu, 14 Apr 2022 06:11:19 GMT
61-a43fe9-68ddb2ab
static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd... 		386 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3dc1713b89ed18a2ac12d6260a2ff4ae5b9c13b74736cc9ac1f4ad1c3e92028d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Powered-By
ASP.NET
X-Activity-Id
00000000-a3bf-415b-8c2e-d2266f8d8748
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
128194
X-XSS-Protection
1
X-AspNetMvc-Version
5.2
Last-Modified
Tue, 08 Jun 2021 20:47:58 GMT
Server
Microsoft-IIS/8.5
X-Az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 31, sn: neurope-prod-entertainment, dt: 2021-06-05T05:01:52.1418089Z, bt: 2021-06-01T00:12:19.8247979Z}
X-FRAME-OPTIONS
SAMEORIGIN
X-S1
2021-06-08T20:47:58
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform, max-age=31475217
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
X-AppVersion
20210601_21448660
Expires
Wed, 08 Jun 2022 20:48:12 GMT
BB10dZP2.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZP2.img?h=40&w=138&m=6&q=60&o=f&l=f&f=png
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8d65e0797e99897c56cbae42fd3a5a471da6abc607332bca61decc387fe4b8b0
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB10dZP2
date
Wed, 09 Jun 2021 13:41:15 GMT
last-modified
Sat, 05 Jun 2021 04:40:21 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
7158
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=53899
x-activityid
5e40da51-d106-472e-aba3-513dd7cf7938
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZP2?h=40&w=138&m=6&q=60&o=f&l=f&f=png
content-length
3801
expires
Thu, 10 Jun 2021 04:39:34 GMT
e151e5.gif
static-entertainment-neu-s-msn-com.akamaized.net/sc/9b/ 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/9b/e151e5.gif
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:15 GMT
Last-Modified
Wed, 19 Aug 2020 20:46:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"027c66976d61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=6342428
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-XSS-Protection
1
a8a064.gif
static-entertainment-neu-s-msn-com.akamaized.net/sc/64/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/64/a8a064.gif
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
10e48837f429e208a5714d7290a44cd704dd08bf4690f1aba93c318a30c802d9
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:15 GMT
Last-Modified
Tue, 15 Sep 2020 23:50:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0737ef9ba8bd61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=9786622
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16360
X-XSS-Protection
1
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
59e092.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/65/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/65/59e092.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
992564f1bcfe51937d23e7568089aa84e71aadb2e0944814a52ea887116ffb36
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:15 GMT
Last-Modified
Tue, 08 Dec 2020 23:36:38 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"07df9bacdd61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=16481169
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21096
X-XSS-Protection
1
566d09.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/57/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/57/566d09.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:15 GMT
Last-Modified
Fri, 08 Jan 2021 00:35:10 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"033c21e56e5d61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=19276865
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25760
X-XSS-Protection
1
e383e0.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/91/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/91/e383e0.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5386e2d36f0e037aa5174c444f63538df0f7c155f2d520426ab4121233160916
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:15 GMT
Last-Modified
Sat, 03 Oct 2020 00:05:02 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"08b9d71899d61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=10296728
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6128
X-XSS-Protection
1
be8793.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/95/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/95/be8793.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b2924db2bdfef25307e5c19b23527515c0bdd1199d2404de4c1679e7fc892c20
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:16 GMT
Last-Modified
Tue, 15 Sep 2020 23:50:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0737ef9ba8bd61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=9778842
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23044
X-XSS-Protection
1
92a94e.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/5c/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/5c/92a94e.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
81f4773e993b23de27dbeb6551b81df92b78f0728312fe246329bfcb34d99327
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:16 GMT
Last-Modified
Fri, 08 Jan 2021 00:35:10 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"033c21e56e5d61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=18810046
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20224
X-XSS-Protection
1
jac.js
jac.yahoosandbox.com/0.6.1/ 		129 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.6.1/jac.js
Requested by
Host: jill.fc.yahoo.com
URL: https://jill.fc.yahoo.com/v1/client/msft/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
aa7c755dbdbd82dae6946f666c012555632c9d906ba69e1de091e1616672a79c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 10:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12639
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
33529
x-amz-id-2
IKT0Wq+IdknFWLv5sFHAjt/SXl7WNJV/jmFY34d7182dJcDO2uATtNFIi00NNQ7gKq/ScxFCo0s=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 May 2021 17:04:47 GMT
server
ATS
etag
"7603780391a62beb614ecef34ec18564-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
179B0Y74HREE27SV
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
config.js
confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
95.100.69.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-69-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
58f81d82b4bba9824aa6f904e9743531c852f8856d29893dc7295ea46f8d77f9

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:16 GMT
Content-Encoding
gzip
x-amz-request-id
26937766CF7506C5
Connection
keep-alive
Content-Length
26528
x-amz-id-2
CPVecYAUHYVCG8KmClAFTkU3naKL5TnOQEp8FfgN/ZbXq7dR0SX/qPbFxr0Quv/09/x6vr7qCvs=
X-Served-By
cache-dca17777-DCA
Last-Modified
Wed, 27 Jan 2021 20:20:14 GMT
Server
AmazonS3
X-Timer
S1611784032.728346,VS0,VE8
ETag
"525cf1247b2af7e3cf039d2e9084edea"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
1
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
c.gif
c.msn.com/
Redirect Chain
  • https://c.msn.com/c.gif?udc=true&rid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd=637588428756008908&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Fpolitics%252Ftrump-and-hannitys-friendship...
  • https://c.bing.com/c.gif?udc=true&rid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd=637588428756008908&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Fpolitics%252Ftrump-and-hannitys-friendshi...
  • https://c.msn.com/c.gif?udc=true&rid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd=637588428756008908&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Fpolitics%252Ftrump-and-hannitys-friendship...
42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.msn.com/c.gif?udc=true&rid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd=637588428756008908&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Fpolitics%252Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252Far-AAKPSVY&di=17930&lng=en-us&activityId=aadb0927f1a94e7f8b1298ed05eeff6b&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=newspolitics&st.sdpt=&subcvs=news&pg.n=articleflex&pg.t=article&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=0C1044F8F45A4863901DDC70D88C6CF1&MUID=1CA5EC2DDA9662691073FC7CDB8F631A
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:15 GMT
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"506f5bd17ad71:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:16 GMT
x-msedge-ref
Ref A: 40BDF694742D411BA2006AB46D79235A Ref B: FRAEDGE1321 Ref C: 2021-06-09T13:41:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.msn.com/c.gif?udc=true&rid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd=637588428756008908&rf=&tp=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Fpolitics%252Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252Far-AAKPSVY&di=17930&lng=en-us&activityId=aadb0927f1a94e7f8b1298ed05eeff6b&d.dgk=tmx.pc.webkit.chrome.chrome76plus&d.imd=0&st.dpt=newspolitics&st.sdpt=&subcvs=news&pg.n=articleflex&pg.t=article&pg.c=&pg.p=prime&anoncknm=&issso=0&aadState=0&CtsSyncId=0C1044F8F45A4863901DDC70D88C6CF1&MUID=1CA5EC2DDA9662691073FC7CDB8F631A
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=3000001&cs_ucfr=1&rn=1623246076219&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1623246076219&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fo...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1623246076219&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY&c8=Trump%20and%20Hannity%27s%20friendship%20%27began%20to%20break%20down%27%20when%20the%20Fox%20News%20host%20grew%20%27disgusted%27%20with%20the%202020%20election%20lies%2C%20according%20to%20book&c9=
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-22.cdg50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:16 GMT
via
1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
EG15Kr16BCu4hM6zNL_D0uzoiraaDS3WlbDGyKhY3-slR57SbbmriQ==

Redirect headers

date
Wed, 09 Jun 2021 13:41:16 GMT
via
1.1 23ce0cf88557469ee496b72a281aec5c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=3000001&cs_ucfr=1&rn=1623246076219&c7=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY&c8=Trump%20and%20Hannity's%20friendship%20'began%20to%20break%20down'%20when%20the%20Fox%20News%20host%20grew%20'disgusted'%20with%20the%202020%20election%20lies%2C%20according%20to%20book&c9=
content-length
497
x-amz-cf-id
9TAAhHka3p3JhkP1wuz0mOsAdtPE5slp92COfBapbtQ-6Sl9oeNZcw==
AAKPPUH.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKPPUH.img?h=400&w=799&m=6&q=60&o=f&l=f&x=606&y=455
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
699026b91a77b260ef9284e6fd5caf31f41d589ccb4297701f5291e7457b6818
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:16 GMT
last-modified
Wed, 09 Jun 2021 11:59:27 GMT
x-datacenter
northeu
x-source-length
281542
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425848
x-activityid
d9551479-3328-4307-828c-b90610a6baf5
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKPPUH?h=400&w=799&m=6&q=60&o=f&l=f&x=606&y=455
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
34011
expires
Mon, 14 Jun 2021 11:58:44 GMT
js
jill.fc.yahoo.com/v2/ads/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jill.fc.yahoo.com/v2/ads/js?jacVersion=0.6.1&config=%7B%22adServer%22%3A%7B%221AS%22%3A%7B%22params%22%3A%7B%22msft_jac%22%3A%221%22%2C%22msft_providerid%22%3A%227GYW6OQ%22%2C%22msft_rid%22%3A%22aadb0927f1a94e7f8b1298ed05eeff6b%22%2C%22msft_ext_inv_cd%22%3A%22us%22%2C%22msft_muid%22%3A%221CA5EC2DDA9662691073FC7CDB8F631A%22%2C%22msft_pagetype%22%3A%22article%22%7D%2C%22region%22%3A%22US%22%2C%22adClientId%22%3A%221002%22%7D%7D%2C%22positions%22%3A%7B%22banner1_article_0%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221623246076346%7C781976592535878300%22%7D%2C%22alias%22%3A%22NEWUSEN23%22%2C%22sizes%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%2C%22rectangle1_arti_1%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221623246076346%7C334943197955879500%22%7D%2C%22alias%22%3A%22NEWUSEN22%22%2C%22sizes%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%22rectangle2_arti_2%22%3A%7B%22params%22%3A%7B%22msft_asid%22%3A%221623246076346%7C142305899046068960%22%7D%2C%22alias%22%3A%22NEWUSEN20%22%2C%22sizes%22%3A%5B%22300x250%22%5D%7D%7D%2C%22site%22%3A%7B%22name%22%3A%22MSN-enus%22%2C%22pageSessionId%22%3A%22820e4289d%22%2C%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY%22%7D%2C%22user%22%3A%7B%22regs%22%3A%7B%22gdpr%22%3A%7B%22apiStatus%22%3A4%2C%22applies%22%3A0%7D%7D%7D%2C%22requestId%22%3A1%7D
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.6.1/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
75f8629fbb025e8341b10cbbc4f1a4dae17c9ae7b652af95176ad18037e248f1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:16 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript; charset=utf-8
x-xss-protection
1; mode=block
cache-control
private, no-cache, no-store
x-robots-tag
noindex, noarchive, nosnippet, nofollow
x-content-type-options
nosniff
x-request-id
26b8af455bd0552a3713675ba7e787ac243150
c19270.woff2
static-entertainment-neu-s-msn-com.akamaized.net/sc/e8/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/e8/c19270.woff2
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
86e2cec61725378e8debf1606ecaa4f89b8299ecebbc851cd4ecc9694356f041
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Origin
https://www.msn.com
Referer
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-d7136680/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/af-3dccb4-64efdea6/eb-7b3dd1-2fb21599/84-81d1de-491caa4c/b5-89218f-379c1ca8/12-fac750-ea7e6d22/58-be95cd-d242788b/65-d7374b-64df159c/ca-9c582f-491caa4c/60-a25ca6-273ab94b/d0-eed937-c5224254/95-f7269e-6b7ba/5b-557500-5dd96923/31-d818fe-ac5c2fc8/7b-647d18-cb0ffa81/78-3d4c80-d6bd9621/49-0d67f3-feaf21fa/bf-1655d3-8d48d18c/55-24fc03-80e63555/94-45790b-902a78d/fe-ebda66-ed3a30c0/d4-5cf11f-bfeb4617/cf-7451ab-9e4d2c3c/b1-580042-10e48d1f/38-2e4d8e-5385bb01/d3-037701-bfad1e46/d0-ae31ef-530ac655/f5-5c0439-28d3313e/4d-ca5100-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:16 GMT
Last-Modified
Sat, 17 Oct 2020 00:06:26 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"06de35a19a4d61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=12040437
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22604
X-XSS-Protection
1
smartads.epl
www.dianomi.com/ Frame E0A9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/smartads.epl?id=3533
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
861863efea730de9c6579f4c9e0bb27d43e8bedda2b01e042d063f332703bcdd
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.dianomi.com
:scheme
https
:path
/smartads.epl?id=3533
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

date
Wed, 09 Jun 2021 13:41:16 GMT
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
x-xss-protection
1; mode=block
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=60; includeSubDomains
vary
X-FORWARDED-PROTO
expires
now
pragma
no-cache
cache-control
no-cache,no-store,private
link
</img/a/pss/2162/40.css>;rel=preload;as=style
cf-cache-status
DYNAMIC
cf-request-id
0a929a92940000cddb0c383000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65cac6ca88decddb-CDG
content-encoding
br
cf-h2-pushed
</img/a/pss/2162/40.css>
40.css
www.dianomi.com/img/a/pss/2162/ Frame E0A9 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/img/a/pss/2162/40.css
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15746ee8997dcf68d96617d4b849b7b71e8cec4e5ff8e290b70ba2454cc1fb71
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smartads.epl?id=3533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2243939
cf-polished
status=cannot_optimize
strict-transport-security
max-age=60; includeSubDomains
x-xss-protection
1; mode=block
last-modified
Fri, 23 Apr 2021 04:35:45 GMT
server
cloudflare
etag
W/"10f4-5c09c544a6d02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Fri, 09 Jul 2021 23:41:16 GMT
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-request-id
0a929a930e0000cddbc836b000000001
cf-ray
65cac6cb4a72cddb-CDG
cf-bgj
minify
viewability6.js
www.dianomi.com/js/ Frame E0A9 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/viewability6.js
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b37dee173bafb3de84a3fa9aff5215868c53852c710406122d458b36343666f
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smartads.epl?id=3533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
4405
cf-polished
origSize=8810
last-modified
Wed, 14 Apr 2021 08:55:40 GMT
strict-transport-security
max-age=60; includeSubDomains
x-xss-protection
1; mode=block
cf-bgj
minify
server
cloudflare
etag
W/"226a-5bfeae94af139"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
X-FORWARDED-PROTO, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-request-id
0a929a934d0000cddb9c1ab000000001
cf-ray
65cac6cbab30cddb-CDG
expires
Wed, 09 Jun 2021 17:41:16 GMT
270x200.jpg
www.dianomi.com/img/a/sav2/120905/4/ Frame E0A9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dianomi.com/img/a/sav2/120905/4/270x200.jpg
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/smartads.epl?id=3533
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad31a03ccf978ae72133b4ec7e74eace354b298108529ac357b65cc9d4658bd
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dianomi.com/smartads.epl?id=3533
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
496718
cf-polished
qual=85, origFmt=jpeg, origSize=12884
content-disposition
inline; filename="270x200.webp"
strict-transport-security
max-age=60; includeSubDomains
content-length
5212
x-xss-protection
1; mode=block
last-modified
Thu, 18 Mar 2021 05:53:12 GMT
server
cloudflare
etag
"3254-5bdc936fc382d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
expires
Fri, 09 Jul 2021 23:41:16 GMT
cache-control
public, max-age=2628000
access-control-allow-credentials
true
cf-request-id
0a929a93520000cddbb6134000000001
accept-ranges
bytes
cf-ray
65cac6cbab34cddb-CDG
cf-bgj
imgq:85,h2pri,csam-hash
SegoeUI-Semibold.woff2
www.dianomi.com/partner/msn/fonts/ Frame E0A9 		324 KB
325 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/partner/msn/fonts/SegoeUI-Semibold.woff2
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2162/40.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e14a910f03580a755870c3e7905b68e3da54bfb99882f6b24ae49b418609fdd
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.dianomi.com
Referer
https://www.dianomi.com/img/a/pss/2162/40.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2243220
strict-transport-security
max-age=60; includeSubDomains
content-length
332084
cf-request-id
0a929a93b10000cddbd3952000000001
last-modified
Thu, 31 Aug 2017 10:44:11 GMT
server
cloudflare
etag
"51134-5580a531ed4c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
https://www.dianomi.com
x-xss-protection
1; mode=block
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
65cac6cc4c4acddb-CDG
expires
Fri, 09 Jul 2021 23:41:16 GMT
SegoeUI.woff2
www.dianomi.com/partner/msn/fonts/ Frame E0A9 		322 KB
323 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/partner/msn/fonts/SegoeUI.woff2
Requested by
Host: www.dianomi.com
URL: https://www.dianomi.com/img/a/pss/2162/40.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.230 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7581f9dc93b034dd6c9b51f10b588472ced523102fdf8ab4720d2a1aeedd0df
Security Headers
Name Value
Strict-Transport-Security max-age=60; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.dianomi.com
Referer
https://www.dianomi.com/img/a/pss/2162/40.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2243220
strict-transport-security
max-age=60; includeSubDomains
content-length
330160
cf-request-id
0a929a93b10000cddb8ca21000000001
last-modified
Thu, 31 Aug 2017 10:44:11 GMT
server
cloudflare
etag
"509b0-5580a531ed4c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-origin
https://www.dianomi.com
x-xss-protection
1; mode=block
cache-control
public, max-age=2628000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
65cac6cc4c4dcddb-CDG
expires
Fri, 09 Jul 2021 23:41:16 GMT
jac.js
jac.yahoosandbox.com/0.6.1/ Frame 3AB8 		129 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.6.1/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.6.1/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
aa7c755dbdbd82dae6946f666c012555632c9d906ba69e1de091e1616672a79c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 10:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12639
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
33529
x-amz-id-2
IKT0Wq+IdknFWLv5sFHAjt/SXl7WNJV/jmFY34d7182dJcDO2uATtNFIi00NNQ7gKq/ScxFCo0s=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 May 2021 17:04:47 GMT
server
ATS
etag
"7603780391a62beb614ecef34ec18564-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
179B0Y74HREE27SV
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
jac.js
jac.yahoosandbox.com/0.6.1/ Frame 7343 		129 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jac.yahoosandbox.com/0.6.1/jac.js
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.6.1/jac.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
aa7c755dbdbd82dae6946f666c012555632c9d906ba69e1de091e1616672a79c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 10:10:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12639
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-length
33529
x-amz-id-2
IKT0Wq+IdknFWLv5sFHAjt/SXl7WNJV/jmFY34d7182dJcDO2uATtNFIi00NNQ7gKq/ScxFCo0s=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 25 May 2021 17:04:47 GMT
server
ATS
etag
"7603780391a62beb614ecef34ec18564-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
179B0Y74HREE27SV
x-xss-protection
1; mode=block
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
content-type
application/javascript
adServe.do
web.ssp.yahoo.com/admax/ Frame 3AB8 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN23&tp=msft_muid%3D1ca5ec2dda9662691073fc7cdb8f631a!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7gyw6oq!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Daadb0927f1a94e7f8b1298ed05eeff6b!msft_year%3D!msft_asid%3D1623246076346|781976592535878300!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
755930b0da9d28feb21b9e2368bab9def9ecbf419acb54f8cee12eefa3dbacad

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:17 GMT
Server
ATS/7.1.2.128
Age
0
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
3070
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adcount%7C2.0%7C5113.1%7C3779657%7C0%7C225%7CAdId=11043949;BnId=3;ct=1841873831;st=5160;adcid=1;itime=246076168;reqtype=5;guid=adp05t5gc1h7s&b=3&s=i5;;impref=16232460762281892880;imprefseq=20803866...
26.at.atwola.com/ Frame 3AB8 		1 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3779657%7C0%7C225%7CAdId=11043949;BnId=3;ct=1841873831;st=5160;adcid=1;itime=246076168;reqtype=5;guid=adp05t5gc1h7s&b=3&s=i5;;impref=16232460762281892880;imprefseq=208038664029157020;imprefts=1623246076;adclntid=1002;pvid=820e4289d;kvgrp=820e4289d;kvmsft_jac=1;kvmsft_pagetype=article;kvpg=www.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-n;kvmn=newusen23;kvsecure=true;kvmsft_providerid=7gyw6oq;kvmsft_asid=1623246076346%7C781976592535878300;kvmsft_rid=aadb0927f1a94e7f8b1298ed05eeff6b;kvmsft_ext_inv_cd=us;kvmsft_muid=1ca5ec2dda9662691073fc7cdb8f631a;gdpr=0;
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:17 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
1
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
adServe.do
web.ssp.yahoo.com/admax/ Frame 7343 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN22&tp=msft_muid%3D1ca5ec2dda9662691073fc7cdb8f631a!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7gyw6oq!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Daadb0927f1a94e7f8b1298ed05eeff6b!msft_year%3D!msft_asid%3D1623246076346|334943197955879500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
112295922ee6ad9f3a8e3fcebcf4f459e91cb2267073aa62bcf91629660bd5ee

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:17 GMT
Server
ATS/7.1.2.128
Age
0
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
Connection
keep-alive
Content-Length
3145
Expires
Thu, 01 Jan 1970 00:00:00 GMT
adcount%7C2.0%7C5113.1%7C3779655%7C0%7C170%7CAdId=11043949;BnId=4;ct=1841873831;st=6534;adcid=1;itime=246076170;reqtype=5;guid=adp05t5gc1h7s&b=3&s=i5;;impref=16232460762281892883;imprefseq=20803866...
26.at.atwola.com/ Frame 7343 		1 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://26.at.atwola.com/adcount%7C2.0%7C5113.1%7C3779655%7C0%7C170%7CAdId=11043949;BnId=4;ct=1841873831;st=6534;adcid=1;itime=246076170;reqtype=5;guid=adp05t5gc1h7s&b=3&s=i5;;impref=16232460762281892883;imprefseq=208038664029157023;imprefts=1623246076;adclntid=1002;pvid=820e4289d;kvgrp=820e4289d;kvmsft_jac=1;kvmsft_pagetype=article;kvpg=www.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-n;kvmn=newusen22;kvsecure=true;kvmsft_providerid=7gyw6oq;kvmsft_asid=1623246076346%7C334943197955879500;kvmsft_rid=aadb0927f1a94e7f8b1298ed05eeff6b;kvmsft_ext_inv_cd=us;kvmsft_muid=1ca5ec2dda9662691073fc7cdb8f631a;gdpr=0;
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:16 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/x-javascript
x-xss-protection
1; mode=block
cache-control
no-store, no-cache
content-length
1
x-content-type-options
nosniff
expires
Mon, 15 Jun 1998 00:00:00 GMT
loader.js
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 3AB8 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN23&tp=msft_muid%3D1ca5ec2dda9662691073fc7cdb8f631a!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7gyw6oq!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Daadb0927f1a94e7f8b1298ed05eeff6b!msft_year%3D!msft_asid%3D1623246076346|781976592535878300!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.239.57 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b0461211f1a898af3e392c03e87f79557be72677891099fd72b6300947ecf620

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 09 Jun 2021 13:41:17 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
pLUHk/oJyNBgGYWe8lAhWA==
server-timing
30
content-length
967
x-ms-lease-status
unlocked
last-modified
Thu, 03 Jun 2021 16:35:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D926AD990CC983
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":https://deff.nelreports.net/api/report?cat=msn}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
45dfef45-e01e-0083-48a5-585a1e000000
cache-control
public, max-age=86400
akamai-server-ip
184.25.239.53
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
d26eb589
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 3AB8 		19 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,58294,55953,55936,58292,58160,55829,55859,57926,55965,55939,58309&referrer=&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN23&tp=msft_muid%3D1ca5ec2dda9662691073fc7cdb8f631a!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7gyw6oq!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Daadb0927f1a94e7f8b1298ed05eeff6b!msft_year%3D!msft_asid%3D1623246076346|781976592535878300!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:17 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
adEvent.do
eu-central-1-web.ssp.yahoo.com/admax/ Frame 3AB8 		43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-central-1-web.ssp.yahoo.com/admax/adEvent.do?tidi=770909769&dcn=8a969126016f6fd3bd4cd46753560012&posi=986595&grp=%3F%3F%3F&nl=1623246077174&rts=1623246077052&pix=1&et=1&a=f7fdcb0c481b4b8d828ec11cfb5b27b7&m=aXAtMTAtMjItOTktMTIy&b=MTMwNzE7U0FNIFBhc3NiYWNrOz8_Pzs7OzszMTUzM2JhZTJlZDM0NDBhOGNlOTRhZjI4ZWRmMzRmZjszMTU1OTk1NDsxNjIzMjQxODAwOzswOzsw&uid=adp05t5gc1h7s%26b%3D3%26s%3Di5&xdi=Q2hyb21lIC0gV2luZG93c3w_Pz98TlQgMTAuMHwxNw..&xoi=MHxQT0w.&af=7&dety=5
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN23&tp=msft_muid%3D1ca5ec2dda9662691073fc7cdb8f631a!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7gyw6oq!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Daadb0927f1a94e7f8b1298ed05eeff6b!msft_year%3D!msft_asid%3D1623246076346|781976592535878300!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:17 GMT
Last-Modified
Tue, 08 Jun 2021 21:47:16 GMT
Server
ATS/7.1.2.128
Age
0
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
talon-1.0.31.js
s.yimg.com/ix/ Frame 3AB8 		57 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ix/talon-1.0.31.js
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN23&tp=msft_muid%3D1ca5ec2dda9662691073fc7cdb8f631a!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7gyw6oq!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Daadb0927f1a94e7f8b1298ed05eeff6b!msft_year%3D!msft_asid%3D1623246076346|781976592535878300!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 09 Jun 2021 11:55:03 GMT
x-content-type-options
nosniff
age
6375
x-amz-server-side-encryption
AES256
content-length
58593
x-amz-id-2
oUaM83/MMBpHbdxK83ngPsewZdjXWi93cBv27AeeMtXttMrxelwia14JqwghT1Qt2WT7rRKIKrM=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Apr 2021 14:46:34 GMT
server
ATS
etag
"0bcb4d45cc7ee871c6d48b07af3e2b3d"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
Z20NBZ7F8XWW31P6
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
/
track.adform.net/adfscript/ Frame 7343 		971 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=46597878;rtbwp=0.713285;rtbdata=74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN22&tp=msft_muid%3D1ca5ec2dda9662691073fc7cdb8f631a!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7gyw6oq!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Daadb0927f1a94e7f8b1298ed05eeff6b!msft_year%3D!msft_asid%3D1623246076346|334943197955879500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3aaf587e86c0fa9e8e18d4613bc79cb5315b8078158a146dca7312301921671f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
834
expires
-1
adEvent.do
eu-central-1-web.ssp.yahoo.com/admax/ Frame 7343 		43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-central-1-web.ssp.yahoo.com/admax/adEvent.do?tidi=770909769&dcn=8a969126016f6fd3bd4cd46753560012&posi=986592&grp=%3F%3F%3F&nl=1623246077222&rts=1623246077048&pix=1&et=1&a=54667b8da81143bead312b577f4b1e2b&m=aXAtMTAtMjItMTA4LTE2Nw..&p=MC4wMDA3MTMyODU&b=NDU1MTs1ODMzO2tyb2xld3NraWUucGw7Ozs7YjNjYmY0ZjJiM2E3NGFlZmI2NWMxYmRlNDA4MjlmYzQ7MTYxMjI4OzE2MjMyNDE4MDA7OzAuMDAwNzEzMjg1Ozsw&uid=adp05t5gc1h7s%26b%3D3%26s%3Di5&xdi=Q2hyb21lIC0gV2luZG93c3w_Pz98TlQgMTAuMHwxNw..&xoi=MHxQT0w.&af=6&dety=2
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN22&tp=msft_muid%3D1ca5ec2dda9662691073fc7cdb8f631a!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7gyw6oq!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Daadb0927f1a94e7f8b1298ed05eeff6b!msft_year%3D!msft_asid%3D1623246076346|334943197955879500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:17 GMT
Last-Modified
Fri, 04 Jun 2021 13:01:36 GMT
Server
ATS/7.1.2.128
Age
0
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame 7343 		19 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?pixelIds=58269,55940,58294,55953,58292,58160,55829,55859,57926,55965,55939,58309&referrer=&limit=12&us_privacy=&js=1&_origin=1&gdpr=0&euconsent=
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN22&tp=msft_muid%3D1ca5ec2dda9662691073fc7cdb8f631a!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7gyw6oq!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Daadb0927f1a94e7f8b1298ed05eeff6b!msft_year%3D!msft_asid%3D1623246076346|334943197955879500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:17 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
talon-1.0.31.js
s.yimg.com/ix/ Frame 7343 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ix/talon-1.0.31.js
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/admax/adServe.do?secure=1&pos=NEWUSEN22&tp=msft_muid%3D1ca5ec2dda9662691073fc7cdb8f631a!msft_ext_inv_cd%3Dus!msft_optout%3D!msft_sdkv%3D!msft_providerid%3D7gyw6oq!msft_category%3D!msft_make%3D!msft_model%3D!msft_new%3D!msft_pagetype%3Darticle!msft_rid%3Daadb0927f1a94e7f8b1298ed05eeff6b!msft_year%3D!msft_asid%3D1623246076346|334943197955879500!msft_jac%3D1&us_privacy=&gdpr=0&euconsent=&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Wed, 09 Jun 2021 11:55:03 GMT
x-content-type-options
nosniff
age
6375
x-amz-server-side-encryption
AES256
content-length
58593
x-amz-id-2
oUaM83/MMBpHbdxK83ngPsewZdjXWi93cBv27AeeMtXttMrxelwia14JqwghT1Qt2WT7rRKIKrM=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 28 Apr 2021 14:46:34 GMT
server
ATS
etag
"0bcb4d45cc7ee871c6d48b07af3e2b3d"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
Z20NBZ7F8XWW31P6
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
v0.2.js
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 3AB8 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.2.js?t=18787570
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/loader.js?v=210201
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.239.57 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
fbe4c60f8637e27be5d5c4e3d723b723ccf3fddacd2593d672abf68dc05be9f5

Request headers

Origin
https://www.msn.com
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 09 Jun 2021 13:41:17 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
VDKziiSRaw97prqgGBSWPw==
server-timing
23
content-length
1574
x-ms-lease-status
unlocked
last-modified
Sat, 05 Jun 2021 22:57:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D92875574B348D
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":https://deff.nelreports.net/api/report?cat=msn}]}
content-type
application/javascript
access-control-allow-origin
https://www.msn.com
x-ms-request-id
41fd5b6b-501e-0057-3b34-5d0a7d000000
cache-control
public, max-age=86400
akamai-server-ip
184.25.239.53
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
d26eb717
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 7343 		35 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46597878;rtbwp=0.713285;rtbdata=74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:17 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 10 Jun 2021 16:31:46 GMT
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
banner.css
assets.msn.com/staticsb/statics/latest/samsweeper/ Frame 3AB8 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/staticsb/statics/latest/samsweeper/banner.css?v=18787570
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/staticsb/statics/latest/samsweeper/v0.2.js?t=18787570
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.239.57 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
31ecfd013943113cfebc7f959042f706314147c6c7ab183c146d931161ddf451

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 09 Jun 2021 13:41:17 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
wcNFLNkFQo4gf3eg7k5g0g==
server-timing
30
content-length
665
x-ms-lease-status
unlocked
last-modified
Sat, 05 Jun 2021 22:57:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D92875574AE65E
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":https://deff.nelreports.net/api/report?cat=msn}]}
content-type
text/css
access-control-allow-origin
https://www.msn.com
x-ms-request-id
41fd5b8f-501e-0057-5834-5d0a7d000000
cache-control
public, max-age=86400
akamai-server-ip
184.25.239.53
x-ms-version
2009-09-19
access-control-allow-credentials
true
timing-allow-origin
*
akamai-request-id
d26eb7a3
/
track.adform.net/adfserve/ Frame 7343 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=46597878;rtbwp=0.713285;rtbdata=74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1;js=1;adfxid=1x;9044;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2c2afd8fc6e4434d6e88c3f832e7fe9bc9c94816dd7c8140659eaa78e56df3c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
2786
expires
-1
dcmads.js
www.googletagservices.com/dcm/ Frame 7343 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 12:49:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3796
x-xss-protection
0
last-modified
Mon, 07 Jun 2021 18:22:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 09 Jun 2021 13:49:18 GMT
/
track.adform.net/csimpr/ Frame 7343 		35 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=46597878&csi=zJoPNrr5nQZ2vGJiVgL5EZgXg_XGrhRuePxZ5RhgPxDrygPkIxxfk2sSwHqFscYwXVnlBNM3-JnKMHGm_cTOeGQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:17 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.msn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
impl_v75.js
www.googletagservices.com/dcm/ Frame 7343 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v75.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 17:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15538
x-xss-protection
0
last-modified
Fri, 04 Jun 2021 19:52:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 08 Jun 2022 17:08:29 GMT
ThirdParty
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ Frame 7343 		34 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.206/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f644111d79c25160befe025154fc7d8edb57ebcda35b0a2df2c413405a408d2b

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:17 GMT
content-encoding
gzip
last-modified
Tue, 04 May 2021 13:03:07 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 10 Jun 2021 17:21:45 GMT
B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtb...
ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/ Frame 22E3 		37 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
7304fd965af419c2561eea3e5c629cf653bf1db54396c4e65258dacfa1d922e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ad.doubleclick.net
:scheme
https
:path
/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 09 Jun 2021 13:41:17 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
18682
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 09-Jun-2021 13:56:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 22E3 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:34:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
434
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 23 Jun 2021 13:34:03 GMT
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 22E3 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://ad.doubleclick.net
Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 19:28:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65580
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jun 2021 19:28:17 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 22E3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1303
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jun 2022 13:19:34 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C8B2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 09 Jun 2021 13:19:34 GMT
expires
Thu, 09 Jun 2022 13:19:34 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1303
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
moatad.js
z.moatads.com/heinekenpldcmdisplay24614018836/ Frame 22E3 		290 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/heinekenpldcmdisplay24614018836/moatad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ae165024bd0e8bd54728e4400d609b2d30f151059427f3dfbebf716082cc12ad

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
content-encoding
gzip
last-modified
Thu, 13 May 2021 15:28:12 GMT
server
AmazonS3
x-amz-request-id
FMTKGRVP5Q825M3F
etag
"fe70deeecb35c33c201ec232fc82b8bc"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=38693
accept-ranges
bytes
content-length
100386
x-amz-id-2
kckjUKJiec7l5w+gL5HCYYmE9p43e4o7kJZTIgNRJK3yYLhBEzeBtb7A4tmO+JuH4Mw1Co4cb2g=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 22E3 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:17 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1623066169988846"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37960
x-xss-protection
0
expires
Wed, 09 Jun 2021 13:41:17 GMT
index.html
s0.2mdn.net/8243536/1617784462553/300x250/ Frame 11E7 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7371a25940b0f55b8e0e4104d0cda46192761954555584ac55e840b69f95cb1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/8243536/1617784462553/300x250/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
1370
date
Wed, 09 Jun 2021 06:24:51 GMT
expires
Thu, 10 Jun 2021 06:24:51 GMT
last-modified
Wed, 07 Apr 2021 08:34:22 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
26187
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 22E3 		0
528 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1berfrtTCCCyn8w14ur9bPecrCip4uFBVYBP-KiGUQeTRs0h5keHJ2qdUXOUQIV17TBUu5crOUaokeSVg_4_dVlrI4smwHNQLHjeAJOqClk2zM3JqZw&sig=Cg0ArKJSzD1r0Z2J-s4dEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=79&cbvp=1&cstd=70&cisv=r20210607.43756&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
pagead2.googlesyndication.com/bg/ Frame C8B2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 00:21:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
48007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5768
x-xss-protection
0
last-modified
Mon, 31 May 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jun 2022 00:21:11 GMT
style.css
s0.2mdn.net/8243536/1617784462553/300x250/style/ Frame 11E7 		939 B
396 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/style/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
490bcddc05b4c45555d4ffd949f14f793a5adcacf5f360f35c83244b7aed8d01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 19:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
372
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 08:34:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 09 Jun 2021 19:53:43 GMT
anime.min.js
s0.2mdn.net/8243536/1617784462553/300x250/script/ Frame 11E7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/script/anime.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a43f4a6446508a64cb40e3134fdf65061193ec05f230fcf783dd86d62c9de3bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 22:15:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55539
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7098
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 08:34:22 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 09 Jun 2021 22:15:39 GMT
animation.js
s0.2mdn.net/8243536/1617784462553/300x250/script/ Frame 11E7 		5 KB
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/script/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74481240ddfa62248e49d4a88391fb6ebbfb5879a1dd8e28802f0b0d437ca297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 06:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
602
x-xss-protection
0
last-modified
Wed, 07 Apr 2021 08:34:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 10 Jun 2021 06:24:52 GMT
miasta.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/miasta.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b249214c0471232baaa435d8ab9697c6e3d40d3c6e393f84fc8006de53c62d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 17:44:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:23 GMT
server
sffe
age
71779
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5629
x-xss-protection
0
expires
Wed, 09 Jun 2021 17:44:59 GMT
bg.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/bg.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/style/style.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9084c7dfc27796dc45dc373cb4a31665c6671d4bfc996756b32d7160dda79aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/style/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:43:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:22 GMT
server
sffe
age
61088
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3068
x-xss-protection
0
expires
Wed, 09 Jun 2021 20:43:10 GMT
puszki.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/puszki.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b1184bbdca92bed0ecad00bd942b9cef222cf5fea17851944307a56821e13ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 17:44:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:23 GMT
server
sffe
age
71779
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15697
x-xss-protection
0
expires
Wed, 09 Jun 2021 17:44:59 GMT
txt_cta_1.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		483 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/txt_cta_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
114309cc79f85305e1cbc13d4b8ececeab9b4340c8fcd256ea9a8a8bd354defb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 17:20:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:22 GMT
server
sffe
age
73248
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
483
x-xss-protection
0
expires
Wed, 09 Jun 2021 17:20:30 GMT
txt_cta_2.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		461 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/txt_cta_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b0e235974b8f97a84ccd49544545d349bd1c0b3f10cdeb427bacbe7ca4cb800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 21:46:42 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:23 GMT
server
sffe
age
57276
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
461
x-xss-protection
0
expires
Wed, 09 Jun 2021 21:46:42 GMT
kluczyk.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/kluczyk.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95c3303327395d4bc9fac04766611b5b154fff4fd2c88c244167b33521a0ff1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 18:11:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:23 GMT
server
sffe
age
70189
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1452
x-xss-protection
0
expires
Wed, 09 Jun 2021 18:11:29 GMT
logo.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22e9c5355b94e784482493510a6773beeafc8aab0476addf48aa2617f64be979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 19:53:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:22 GMT
server
sffe
age
64054
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2011
x-xss-protection
0
expires
Wed, 09 Jun 2021 19:53:44 GMT
txt_1_1.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		867 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/txt_1_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4853c7f3a1893a8b0eed88a2364823234dececc963b9c64f98c81ebcaf5e7ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:44:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:22 GMT
server
sffe
age
60985
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
867
x-xss-protection
0
expires
Wed, 09 Jun 2021 20:44:53 GMT
txt_1_2.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/txt_1_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
107041a10c1adce2cf47358edaabb07587262d3fc69b9cc10ee57504c3320fe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 17:44:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:22 GMT
server
sffe
age
71779
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1028
x-xss-protection
0
expires
Wed, 09 Jun 2021 17:44:59 GMT
txt_1_3.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/txt_1_3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eec4bd4d74c43ebdf1d97f8cf97c6095f0f9a33315c00b969774f6c1ed1a0979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 18:29:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:23 GMT
server
sffe
age
69091
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1283
x-xss-protection
0
expires
Wed, 09 Jun 2021 18:29:47 GMT
txt_2_1.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		800 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/txt_2_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
330516ac2e1e5bc23e2c6da6fc28a6fb45e80195f26723c49d34df990d09256b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:04:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:23 GMT
server
sffe
age
63437
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
800
x-xss-protection
0
expires
Wed, 09 Jun 2021 20:04:01 GMT
txt_2_2.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/txt_2_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16274584b29005b5bf1c751f386535af165fe63689b1910bf817aca2a4e55f81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 14:25:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:22 GMT
server
sffe
age
83745
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2062
x-xss-protection
0
expires
Wed, 09 Jun 2021 14:25:33 GMT
txt_3_1.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		494 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/txt_3_1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8a2154f4829cd2305592565fae2a9d8e90734bee6f956d908d4d49fcc0989a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 23:39:53 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:22 GMT
server
sffe
age
50485
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
494
x-xss-protection
0
expires
Wed, 09 Jun 2021 23:39:53 GMT
txt_3_2.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		898 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/txt_3_2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1bdf3ae523bb5e9cd69c4212f4e2326abf8ae52e733e6dc5cc0e2c87b18550cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 11:10:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:22 GMT
server
sffe
age
9037
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
898
x-xss-protection
0
expires
Thu, 10 Jun 2021 11:10:41 GMT
txt_3_3.png
s0.2mdn.net/8243536/1617784462553/300x250/images/ Frame 11E7 		677 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8243536/1617784462553/300x250/images/txt_3_3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faed7feea3c6339f73296e2f975296d75754c2542432492e1c603a0b1f81b9eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/8243536/1617784462553/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 15:05:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Apr 2021 08:34:23 GMT
server
sffe
age
81377
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
677
x-xss-protection
0
expires
Wed, 09 Jun 2021 15:05:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 22E3 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1berfrtTCCCyn8w14ur9bPecrCip4uFBVYBP-KiGUQeTRs0h5keHJ2qdUXOUQIV17TBUu5crOUaokeSVg_4_dVlrI4smwHNQLHjeAJOqClk2zM3JqZw&sig=Cg0ArKJSzD1r0Z2J-s4dEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=303&vt=11&dtpt=224&dett=3&cstd=70&cisv=r20210607.43756&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
px.moatads.com/ Frame 22E3 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=HEINEKEN_DCM_MASTER_DISPLAY1&hp=1&pxm=4&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.msn.com&lp=https%3A%2F%2Fwww.msn.com&t=1623246078247&de=974525089656&m=0&ar=c498f16-clean&iw=623b6c1&q=2&cb=0&ym=0&cu=1623246078247&ll=2&lm=2&ln=1&r=0&em=0&en=0&d=25707498%3A4175281%3A302682492%3A148845848&zMoatMarket=PL&zGSRC=1&gu=https%3A%2F%2Fwww.msn.com%2F&id=0&ii=9&bo=msn.com&bd=msn.com&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=heinekenpldcmdisplay24614018836&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A-%3A-%3A0%3A184&fs=191618&na=1534407717&cs=0
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 09 Jun 2021 13:41:18 GMT
pixel.gif
px.moatads.com/ Frame 22E3 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F8243536%2F1617784462553%2F300x250%2Findex.html&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=4156367102&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-D%2BMlZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=1-pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.msn.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fwww.msn.com&lp=https%3A%2F%2Fwww.msn.com&t=1623246078247&de=974525089656&cu=1623246078247&m=99&ar=c498f16-clean&iw=623b6c1&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A184&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=69&cd=0&ah=69&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=25707498%3A4175281%3A302682492%3A148845848&bo=msn.com&bd=msn.com&gw=heinekenpldcmdisplay24614018836&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=PL&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=191618&na=405637496&cs=0
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 09 Jun 2021 13:41:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C8B2 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bq5bz_cTAYOnMNPrk7_UPrd2HqAcAAAAAOAHgBAI&bg=!kJOlk9fNAAY6sG-_OrA7ACkAdvg8WihqvT_BgOaxeVaMxJgD281BD1R-wREaSAqJCctFgue-_7MH1gIAAAFGUgAAAA5oAQcKAPDScvlQL1u6CgCbg57ELHV7N2u2R_SvOLoyhXeNKvER9cfZHp_7vrcKWWybZiPA5RRFNpjWYciqeDZKXoG2be1KA1Vd-DjfN2XnBwmxxBSUm1_Llsi7Z7i7EUwHPJsotnCFAqqp7dtC-W4Fwzov5-eg8ke_jsZ9XA89HWd0W6wOPydcUfBQW9Y80tNLopGOHqbWIlM_FgMyYUHHgxM5XlFNUn3J6jNIecu4FWaFzBEBVGRI7NyY9irHFoGEXI_2qulKEVi_91X0sjsN7PTDWMMSQZrUjZgbRLi2JUjaZhsbe0HPXfR0vDZBJzWo8AQIdE6ZApjHyIplYGXTmBT7kVh6hGCOV99YtHOP9KIRHHaVZUUvgHGOJB_jVq1oT4JlYmDLkfcVCgnmKPxrnh3IqT5ld9wuOcCXVcLLWlWZgzHzEUU73NlpIC9kMpy3KQnFxHJJi24eL8fypU6__XBiPlvVPO4B3p7fWjbeU7HCMu-wCJfOVGw59gHbwxVdg4g6hTSKWuFEepWaQgxTTkdwwgwuyelOW31AjLIs05uveK0MqhPZp9kskk_f72MUwa-JLnwGShn-JH27s9KElm83-oZ7-Ld088FSqjLV6IKfktkt9YPGsOXn1Edo2FX4ojaGKl0QZN0XToV3OyR5JPKOaSJUEsdjPasE3DKiiipD3c2b8neIlcsaEUKw_3iX5adkudaxLt2j_BVkJg_P2ziE5WUOJNaN81z6GAdRDCmzwm4tzMcFhjHzCsF_97DsGR2kg1998DqyCLhQ--_lL8OsETWSX0EGWc51EsxEtFSCvU0S72Vblqi4nQO5AZZoeqDji9hHhjSQ_a4N9jnK-mfQaPInPax-w1VrwTTXvjPYKSQ6yUt3O7gchmmI32VF3UciSHlsiV0lvg5PUo4fRf_FF4Ys4k124Irp6YVMZ2Nn1ePbZ0qYW5_x92DzZAIud4BLTXDiL9npnBejm4LZJt33N8k_RJLoZhrT5EIHG8W4JcWiAH48QdO_Jw7Dcd92PqJVKMi9EhM24YFVMH5ogXmzW2m-UOLxRen8UxPNUTiONjINt1vpS2ju2DSUavhxCmtK0LUOA3as42F_Hs782ZdRh5F728kSEzEkNoMST1sKf3FrTfUl5DtJwxdc1GWG8sW5Shl7UpIjSvK5FhPbKLR62X6U-BWBDEuy7wzDJaKMUYzg88GhgDOJXuxGpUy1
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 22E3 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=4156367102&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-D%2BMlZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=1-pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.msn.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fwww.msn.com&lp=https%3A%2F%2Fwww.msn.com&t=1623246078247&de=974525089656&cu=1623246078247&m=213&ar=c498f16-clean&iw=623b6c1&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A0%3A184&aa=0&ad=63&cn=0&gk=63&gl=0&ik=63&ic=63&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=69&cd=69&ah=69&am=69&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=25707498%3A4175281%3A302682492%3A148845848&bo=msn.com&bd=msn.com&gw=heinekenpldcmdisplay24614018836&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=PL&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=191618&na=1073267773&cs=0
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N478002.2100152SMGPROGRAMMATIC/B25707498.302682492;dc_ver=75.217;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;nel=1;dc_adk=1310627930;ord=ptziss;click0=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D46597878%3Bcrtbwp%3D0.713285%3Bcrtbdata%3D74PxiNMqFgCMrdaZWLBQwk57G00pP5IugIDPzZmKOjmcc4z9aOgsI33b0s9fuPccLF78BRB-xLInfwGxoWuYLKC4Cl8SAuCmVDjp98LmOedjs3LzooiWljNsCJ-xuVr50FduppZLh9L2m61I61OZJS6UJbfbokwAblEFAyu68pCYQyU-6GGI91pOOZgcTRRRmJSzI-1olfDsxQbu7Z8DRq94T00tGTK0QcSbD5b4g0jVSAsuTWWRy8PqQOwfnCJ6aCKKa4o_ISjP7iLRi_lcogC9isW1FQa6N5NhZ8U17TY1%3Badfibeg%3D0%3Bcdata%3Dc1qs08KFh_JObU9fDjTIv_9ktZxsB0MVuYmmxer2deKwoZno2oZMNivZhEBkHI_cJoG9QWsDzBl7bdp-DsExYsX4De8FoXoTV-xGKFmUIVGCMRQa9RxpI89TQ7S7SduoUMT965YRHQrJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.msn.com%252fen-us%252fnews%252fpolitics%252ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252far-AAKPSVY%3BC%3D1%3Bcpdir%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY$0;xdt=0;crlt=sFqR2J9d9G;gcsr=m;sttr=34;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 09 Jun 2021 13:41:18 GMT
sp-frame.html
tag.idsync.analytics.yahoo.com/ Frame B6E0 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Requested by
Host: jac.yahoosandbox.com
URL: https://jac.yahoosandbox.com/0.6.1/jac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.51.15 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D5A) /
Resource Hash
65aa946829133f2163ed351882e770c0e7651c8c95fac3c53aa78e02a938b7ca

Request headers

:method
GET
:authority
tag.idsync.analytics.yahoo.com
:scheme
https
:path
/sp-frame.html?referrer=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

content-encoding
gzip
age
132
content-type
text/html
date
Wed, 09 Jun 2021 13:41:18 GMT
etag
"9fad51d2a83b0a4de3eb75724ba26b2c+gzip"
last-modified
Mon, 23 Mar 2020 22:06:06 GMT
server
ECS (lcy/1D5A)
vary
Accept-Encoding
x-amz-id-2
E1i3qeTDVYlqLUbxkyh192gVkCKjBbSE1ionQGVtKKingTscUAeW8xhLEIN665ht+TlivtDl+5Y=
x-amz-request-id
G2FGQT5DDN28Y9SZ
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
3087
cms
cms.analytics.yahoo.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=MSFT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
irisbannerajax
www.msn.com/en-us/news/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/news/irisbannerajax?position=top&canvas=views
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
76d96ef49975881812fe74a15031f8f1c7e340f3b3a443ad341cb4c631f0dce9
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:path
/en-us/news/irisbannerajax?position=top&canvas=views
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
content-type
html
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.msn.com
referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
html

Response headers

strict-transport-security
max-age=1209600; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
x-activity-id
b3c26d15-5543-466a-8998-6974054bd066
vary
User-Agent
content-length
2203
x-xss-protection
1
x-ua-compatible
IE=Edge;chrome=1
pragma
no-cache
x-aspnetmvc-version
5.2
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 54, sn: neurope-prod-entertainment, dt: 2021-06-09T05:07:47.0440407Z, bt: 2021-06-08T00:13:25.3733084Z}
date
Wed, 09 Jun 2021 13:41:18 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-security-policy
default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
set-cookie
_EDGE_S=F=1; path=/; httponly; domain=msn.com _EDGE_V=1; path=/; httponly; expires=Mon, 04-Jul-2022 13:41:18 GMT; domain=msn.com MUID=24557D5EBBF263F439D26D0FBAEB628C; samesite=none; path=/; secure; expires=Mon, 04-Jul-2022 13:41:18 GMT; domain=msn.com
x-msedge-ref
Ref A: B3C26D155543466A89986974054BD066 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:18Z
x-appversion
20210608_21624174
expires
-1
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
BB196yD8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8.img?h=100&w=100&m=6&q=60&u=t&o=t&l=f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
82228b8d5b432fc4435e5e1ce58411bfb13eb9de82978f377add97a7aba3bcd5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:39:03 GMT
x-datacenter
northeu
x-source-length
97757
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431808
x-activityid
74c93cae-0ad0-4324-9fbc-94702a79b3f3
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8?h=100&w=100&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
3194
expires
Mon, 14 Jun 2021 13:38:06 GMT
vglnk.js
cdn.viglink.com/api/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:a10d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1628572
cf-ray
65cac6d71e1d4d89-FRA
content-length
28567
x-amz-id-2
whnB+vg77noK5lQe7otGVePS9AitQ9hdwAgqmMuhEkkavWDzrHBL8QzrbPGAeVvg3QNIIasAhP0=
last-modified
Wed, 02 Dec 2020 18:57:12 GMT
server
cloudflare
etag
"072eaf64a771815874455704fca9301b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
32GRTD1DKPEMMRGQ
cache-control
public, max-age=604800
cf-request-id
0a929a9a6b00004d8975b86000000001
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 16 Jun 2021 13:41:18 GMT
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
silentpassport
www.msn.com/en-us/news/secure/ Frame 8A27
Redirect Chain
  • https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&checkda=1&ct=1623246074&rver=7.0.6730.0&wp=lbi&wreply=https%3a%2f%2fwww.msn.com%2fen-us%2fnews%2fsecure%2fsilentpassport%3fsecure%3dtrue&lc=1...
  • https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
239 B
719 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
Security Headers
Name Value
X-Xss-Protection 1

Request headers

:method
GET
:authority
www.msn.com
:scheme
https
:path
/en-us/news/secure/silentpassport?secure=true&lc=1033
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
_SS=SID=00; MUID=3785012B6FD16E5A30AF117A6EC86FC7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

cache-control
private, no-transform
content-length
185
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
User-Agent
access-control-allow-origin
*
x-aspnetmvc-version
5.2
x-appversion
20210608_21624174
x-activity-id
e9004cd8-9696-447b-bfd2-c7020e08cc8d
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 58, sn: neurope-prod-entertainment, dt: 2021-06-09T05:07:22.9602208Z, bt: 2021-06-08T00:13:25.3733084Z}
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
x-powered-by
ASP.NET
access-control-allow-methods
HEAD,GET,OPTIONS
x-xss-protection
1
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: E9004CD89696447BBFD2C7020E08CC8D Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:18Z
date
Wed, 09 Jun 2021 13:41:18 GMT

Redirect headers

Cache-Control
no-store, no-cache
Pragma
no-cache
Content-Length
0
Content-Type
text/html; charset=utf-8
Expires
Wed, 09 Jun 2021 13:40:18 GMT
Location
https://www.msn.com/en-us/news/secure/silentpassport?secure=true&lc=1033
P3P
CP="DSP CUR OTPi IND OTRi ONL FIN"
Set-Cookie
uaid=3d23c2bdd4c24a0da58e21551b79c85c; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly MSPRequ=id=1184&lt=1623246078&co=1; domain=login.live.com; Secure; path=/; SameSite=None; HttpOnly
Referrer-Policy
strict-origin-when-cross-origin
x-ms-route-info
R3_BAY
x-ms-request-id
76ef21c3-7e61-49ff-ba38-13b042091fda
PPServer
PPV: 30 H: BY1PPF1D6856E0F V: 0
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1; mode=block
Date
Wed, 09 Jun 2021 13:41:18 GMT
getuid
eb2.3lift.com/
Redirect Chain
  • https://eb2.3lift.com/mapuid?suid=null&sid=16
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.250.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=
date
Wed, 09 Jun 2021 13:41:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
all.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d8b61db9fedc4018e3a7c24488090f4589c350e079bd7b45b7d732d7eac29d67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
N/HaUnCWjaKXudOkZHeYCg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
TfC9U0KC2GuuyagWpLrF/qGIcJCw/uWO/MoEV76eEA8g8WDXO3JeG5kAPVV9C9IrWPxYY0N2IBfYXv2vTxvyBg==
x-fb-trip-id
686109401
x-fb-content-md5
6aed642be6d29ae5d2c697c9faf63a8b
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 09 Jun 2021 13:41:18 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c6dc0e7a87a1a1ebb3757cbfa1af7742"
timing-allow-origin
*
expires
Wed, 09 Jun 2021 13:43:18 GMT
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
en-us.svg
apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/
Redirect Chain
  • https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us?
  • https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.136.201 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:20 GMT
Last-Modified
Wed, 29 Apr 2020 21:18:39 GMT
Server
AmazonS3
x-amz-request-id
RZZGTKVYGKX9NRHX
ETag
"2928664fe1fc6aca88583a6f606d60ba"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
10804
x-amz-id-2
RsWQqUzk/ZRfCzd+cAaqvHAW3DuR0n7NoUU5NJJaiPuCou0s0ApnC5EM32Z07lccfoEo26TVsWw=

Redirect headers

location
https://apple-resources.s3.amazonaws.com:443/media-badges/download-on-the-app-store/black/en-us.svg
date
Wed, 09 Jun 2021 13:41:18 GMT
server
awselb/2.0
content-length
134
content-type
text/html
en_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/
Redirect Chain
  • https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png
  • https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 05:15:00 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/webmaster/play_google
content-type
image/png
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13957
x-xss-protection
0
expires
Wed, 09 Jun 2021 13:41:18 GMT

Redirect headers

date
Wed, 09 Jun 2021 13:41:18 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
284
x-xss-protection
0
csw-polyfills.js
d2zqfs55y95cft.cloudfront.net/jspoll/5/
Redirect Chain
  • https://www138.civicscience.com/jspoll/4/civicscience-widget.js
  • https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
112 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zqfs55y95cft.cloudfront.net/jspoll/5/csw-polyfills.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:f400:f:c7b3:ce40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c366478fce0563163e9f4162e2ad33a64d91795dcb98f963e492322faca62969

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 14:49:58 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 14:49:07 GMT
server
AmazonS3
age
82298
etag
W/"604c032cdb71e366aafbf948ea344c13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a19127e21dc5a939819061334abff380.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-amz-cf-id
AAuHRpLLnvR-KI3HCwkdacEJ5knYBEF4det5yy_N1E5RJOGRQl785A==

Redirect headers

location
https://d2zqfs55y95cft.cloudfront.net:443/jspoll/5/csw-polyfills.js
date
Wed, 09 Jun 2021 13:41:18 GMT
server
awselb/2.0
content-length
110
content-type
text/html
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://www.bizographics.com/collect/?fmt=gif&pid=7850
  • https://px.ads.linkedin.com/collect?fmt=gif&pid=7850
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Ffmt%3Dgif%26pid%3D7850%26liSync%3Dtrue
  • https://px.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true
  • https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQK57_vOYnaVNAAAAXnxAYdoiP-VOb6ktaxuCN7bpbAB3h6W-gjAWV6T-5W1PjK2cWlTO1vQ
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQK57_vOYnaVNAAAAXnxAYdoiP-VOb6ktaxuCN7bpbAB3h6W-gjAWV6T-5W1PjK2cWlTO1vQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
image/gif
content-length
65
x-li-uuid
t1LKrLXthhagj929VSsAAA==

Redirect headers

date
Wed, 09 Jun 2021 13:41:19 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?fmt=gif&pid=7850&liSync=true&e_ipv6=AQK57_vOYnaVNAAAAXnxAYdoiP-VOb6ktaxuCN7bpbAB3h6W-gjAWV6T-5W1PjK2cWlTO1vQ
x-li-proto
http/2
x-li-pop
prod-eda6
content-length
0
x-li-uuid
8r44k7XthhawviKO3CoAAA==
msftsync.html
cdn.adaptv.advertising.com/msft/ Frame 4DF8 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.adaptv.advertising.com/msft/msftsync.html
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.28 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35DC) /
Resource Hash
6c2ed44aebff03950a3d4d6c072af4606092c735784617145c3723bc7be860a3

Request headers

:method
GET
:authority
cdn.adaptv.advertising.com
:scheme
https
:path
/msft/msftsync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

accept-ranges
bytes
age
563719
content-type
text/html
date
Wed, 09 Jun 2021 13:41:18 GMT
etag
"3e0945d7410acb79f4bc1c066c83cbbc"
last-modified
Wed, 22 Jan 2020 16:26:35 GMT
nel
{"report_to": "default", "max_age": 604800, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.01}
report-to
{"group": "default", "max_age":604800, "endpoints":[{"url":"https://report.vdms.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
server
ECAcc (lhd/35DC)
x-amz-id-2
DKQFUmfIX0GwmvCyKeF9H7ENMij4FIb81V7gwAqMFNwXA0ATVeENhQUkxIIEmxgWS2VxefVipLk=
x-amz-replication-status
COMPLETED
x-amz-request-id
N6TNY5TCDRW4CPQ2
x-amz-server-side-encryption
AES256
x-amz-version-id
zqeLDDuJFBlGL7Xo4iS44TeBMv3TBu.Q
x-cache
HIT
content-length
1126
startup.db3ebd3cc14ff5c74d83.js
assets.msn.com/bundles/v1/hybrid/latest/startup/ 		110 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/hybrid/latest/startup/startup.db3ebd3cc14ff5c74d83.js
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.239.57 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dfaa7ecbb1c9cbe74f4bed2316ed3f72f8dfb1ad8f76ae67b0a99500fb5c6f1e

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 09 Jun 2021 13:41:18 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
Nx+lhfucVnR3HGbugP4hQQ==
server-timing
30
content-length
26449
x-ms-lease-status
unlocked
last-modified
Tue, 08 Jun 2021 15:13:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D92A8FF30B5066
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":https://deff.nelreports.net/api/report?cat=msn}]}
content-type
application/javascript
x-ms-request-id
1df54ac4-601e-00ea-4279-5c16fa000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
184.25.239.53
x-ms-version
2009-09-19
akamai-request-id
d26ec0e4
msnhomepagehistory.aspx
www.bing.com/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/msnhomepagehistory.aspx?_=1623246076168
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:18 GMT
content-encoding
br
x-msedge-ref
Ref A: 2B47E1B61AEF4E499F43BDEB7FB0A4D9 Ref B: VIEEDGE1410 Ref C: 2021-06-09T13:41:18Z
x-snr-routing
1
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
access-control-allow-origin
https://www.msn.com
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/plain; charset=utf-8
content-length
6
expires
-1
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
dsajax
www.msn.com/en-us/news/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/news/dsajax?workflow=ContentRecirculation&contentType=Related%3btrending&fvMode=1&mock=false&fafdh=flex_ar&fdhead=msnallexpusers%2cmuidflt46cf%2cmuidflt48cf%2cmuidflt52cf%2cmuidflt55cf%2cmuidflt57cf%2cstartedge2cf%2caudexedge2cf%2cpnehp2cf%2caudexhp2cf%2cbingcollabhp1cf%2cbingcollabhp2cf%2ccompliancehp1cf%2cstarthz1cf%2cartgly1cf%2cartgly4cf%2conetrustpoplive%2c1s-bing-news%2cvebudumu04302020%2cbbh20200521msn%2cmsnsports3cf%2cweather4cf%2cprg-1sw-halfbtn%2c1s-winblis%2c1s-winblisp1%2cprg-adspeek%2cprg-sync-wea2%2ccsmoney7cf&count=4&skip=0&promoRatio=0.25&contentId=AAKPSVY&startIndex=0&item=dynamic_rightrail_feed_mode_enabled:1&ver=20210608_21624174
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
446a11f652a238799143d22dd87a255ad9d0cb087d16df3713ca3f85ce08609e
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; report-uri /en-us/news/42aeaf46-e41c-43a3-b56c-8bb130117068/_csp;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:path
/en-us/news/dsajax?workflow=ContentRecirculation&contentType=Related%3btrending&fvMode=1&mock=false&fafdh=flex_ar&fdhead=msnallexpusers%2cmuidflt46cf%2cmuidflt48cf%2cmuidflt52cf%2cmuidflt55cf%2cmuidflt57cf%2cstartedge2cf%2caudexedge2cf%2cpnehp2cf%2caudexhp2cf%2cbingcollabhp1cf%2cbingcollabhp2cf%2ccompliancehp1cf%2cstarthz1cf%2cartgly1cf%2cartgly4cf%2conetrustpoplive%2c1s-bing-news%2cvebudumu04302020%2cbbh20200521msn%2cmsnsports3cf%2cweather4cf%2cprg-1sw-halfbtn%2c1s-winblis%2c1s-winblisp1%2cprg-adspeek%2cprg-sync-wea2%2ccsmoney7cf&count=4&skip=0&promoRatio=0.25&contentId=AAKPSVY&startIndex=0&item=dynamic_rightrail_feed_mode_enabled:1&ver=20210608_21624174
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
text/html, */*; q=0.01
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.msn.com
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
:method
GET
Accept
text/html, */*; q=0.01
Referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=1209600; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
x-activity-id
42aeaf46-e41c-43a3-b56c-8bb130117068
vary
User-Agent
content-length
1342
x-xss-protection
1
x-ua-compatible
IE=Edge;chrome=1
pragma
no-cache
x-aspnetmvc-version
5.2
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 74, sn: neurope-prod-entertainment, dt: 2021-06-09T06:06:56.2705348Z, bt: 2021-06-08T00:13:25.3733084Z}
date
Wed, 09 Jun 2021 13:41:18 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-security-policy
default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content; report-uri /en-us/news/42aeaf46-e41c-43a3-b56c-8bb130117068/_csp;
set-cookie
_EDGE_S=F=1; path=/; httponly; domain=msn.com _EDGE_V=1; path=/; httponly; expires=Mon, 04-Jul-2022 13:41:18 GMT; domain=msn.com MUID=298EA637D5906C90390EB666D4896D91; samesite=none; path=/; secure; expires=Mon, 04-Jul-2022 13:41:18 GMT; domain=msn.com
x-msedge-ref
Ref A: 42AEAF46E41C43A3B56C8BB130117068 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:18Z
x-appversion
20210608_21624174
expires
-1
AAKS0gv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKS0gv.img?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=1179&y=706
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ac51679a51565976c4a80cb3d2514ea070737f631d60614407c74e2c3e3982e9
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:36:13 GMT
x-datacenter
northeu
x-source-length
576812
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431653
x-activityid
bf17d437-65af-402b-a448-09310eaf824c
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKS0gv?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=1179&y=706
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2615
expires
Mon, 14 Jun 2021 13:35:31 GMT
AAKS0cU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKS0cU.img?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=1444&y=735
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
458296406a6b63acbfd773ffe9ebbdd340db99afd4be22cbb1462e42c4bc72c3
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:34:25 GMT
x-datacenter
northeu
x-source-length
222372
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431586
x-activityid
ddb0cdc7-665d-4cda-bf6b-e2fd6a3a00d2
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKS0cU?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=1444&y=735
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2240
expires
Mon, 14 Jun 2021 13:34:24 GMT
AAKRXQB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXQB.img?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=2124&y=1223
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e35bc645e327b528c90833ba64f9e8266cf3fec4df23929631aa0f6b268b9a1c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:35:30 GMT
x-datacenter
northeu
x-source-length
283099
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431592
x-activityid
fdd8bea5-22b7-4100-90d5-57e9531047ba
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXQB?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=2124&y=1223
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
1620
expires
Mon, 14 Jun 2021 13:34:30 GMT
BB10dZOw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		918 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZOw.img?h=40&w=40&m=6&q=60&u=t&o=t&l=f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
faf6e5eba2aa8af5a8d630efa1b82ef0564932ee94e95a2633f7410078d13869
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB10dZOw
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Fri, 04 Jun 2021 17:50:08 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
3508
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14852
x-activityid
1eaacb87-f8ad-4fe3-b1f3-cdfe2d4d09c5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZOw?h=40&w=40&m=6&q=60&u=t&o=t&l=f
content-length
918
expires
Wed, 09 Jun 2021 17:48:50 GMT
oneriverajax
www.msn.com/en-us/news/ 		45 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/news/oneriverajax?xd-name=ArticlePageOneRiver&startIndex=0&count=25&contentId=AAKPSVY&page-mode=Normal&pageIndex=0&pvid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd-mode=Flexible&telemetrystartindex=116&ver=20210608_21624174
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
0a7881eaeaeada8d5434784740f02389c19fdef64f4b31d197c95d35860726a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-fetch-mode
cors
origin
https://www.msn.com
accept-encoding
gzip, deflate, br
accept-language
en-US
:authority
www.msn.com
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
_SS=SID=00
content-length
192
:path
/en-us/news/oneriverajax?xd-name=ArticlePageOneRiver&startIndex=0&count=25&contentId=AAKPSVY&page-mode=Normal&pageIndex=0&pvid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd-mode=Flexible&telemetrystartindex=116&ver=20210608_21624174
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
ajaxevent
1
referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
ajaxevent
1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=1209600; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
x-activity-id
f36a2bc0-b836-4e7a-b76b-06f62f3e9c76
vary
User-Agent
content-length
7626
x-xss-protection
1
x-ua-compatible
IE=Edge;chrome=1
pragma
no-cache
x-aspnetmvc-version
5.2
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 26, sn: neurope-prod-entertainment, dt: 2021-06-05T04:50:56.4168922Z, bt: 2021-06-08T00:13:25.3733084Z}
date
Wed, 09 Jun 2021 13:41:18 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-security-policy
default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
set-cookie
_EDGE_S=F=1; path=/; httponly; domain=msn.com _EDGE_V=1; path=/; httponly; expires=Mon, 04-Jul-2022 13:41:18 GMT; domain=msn.com MUID=3785012B6FD16E5A30AF117A6EC86FC7; samesite=none; path=/; secure; expires=Mon, 04-Jul-2022 13:41:18 GMT; domain=msn.com
x-msedge-ref
Ref A: F36A2BC0B8364E7AB76B06F62F3E9C76 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:18Z
x-appversion
20210608_21624174
expires
-1
BB196yD8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8.img?h=100&w=100&m=6&q=60&u=t&o=t&l=f
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
82228b8d5b432fc4435e5e1ce58411bfb13eb9de82978f377add97a7aba3bcd5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:39:03 GMT
x-datacenter
northeu
x-source-length
97757
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431808
x-activityid
74c93cae-0ad0-4324-9fbc-94702a79b3f3
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8?h=100&w=100&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
3194
expires
Mon, 14 Jun 2021 13:38:06 GMT
TaboolaCookieSyncScript.js
cdn.taboola.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/TaboolaCookieSyncScript.js
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f28dd05cfc19c97e6194fd329ab8df8683292bf11c71baf9bb5e1900f9a39

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
J2E2dN3jA05LkHx65JgvIowPPtRAoVST
content-encoding
gzip
etag
"80de50a7c3daad622569c9ffb4954f7f"
age
16800
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
821
x-amz-id-2
By/+vbSk3cgZxVDwzA/16CjTp/TxewEQIDKlzMnSUeAwfzBsc6O/JZP6ora4oP9zaJ1X/VylYXw=
x-served-by
cache-fra19142-FRA
last-modified
Sun, 15 Nov 2020 12:35:39 GMT
server
AmazonS3
x-timer
S1623246079.812944,VS0,VE0
date
Wed, 09 Jun 2021 13:41:18 GMT
vary
Accept-Encoding
x-amz-request-id
FVQMWTHEPPEYCBBR
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
38
x-cache-hits
341
MSNIdSync.js
widgets.outbrain.com/external/publishers/msn/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/external/publishers/msn/MSNIdSync.js
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-107.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bb39787d42d16bed2e28e072e0d372639e127d9cc9333859f8661ad26b968768

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 10:47:44 GMT
server
AkamaiNetStorage
etag
"0f6a98a2a3c197966641f06e0f58da73:1622114124.81799"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2155
sync.js
ib.3lift.com/ 		275 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.3lift.com/sync.js
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.174.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-174-29.cdg50.r.cloudfront.net
Software
/
Resource Hash
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:29:06 GMT
via
1.1 575cacb0734545eaea94b948deff0e06.cloudfront.net (CloudFront)
last-modified
Wed, 09 Jun 2021 13:29:06 GMT
age
732
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=900
x-rev
fbdf79a
x-amz-cf-pop
CDG50-P1
content-length
275
x-amz-cf-id
3TT057npC2bvhZOQ0atrmHfuMaLKdlB27_Bc15b82AybtX73Fr2Hng==
x-served-by
impression-bus6.us_east.prod
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
all.js
connect.facebook.net/en_US/ 		221 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=3d6fdadf4653245dc18e9a8aa7e4e6b8&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d6900ae0c2e0f71924e242fca587ef37bd30b8e02b126f5f5a43259e7022924
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.msn.com
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5PzYN0eY4MjronwRwcjYZw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
66276
x-fb-rlafr
0
x-fb-debug
Kp/XOGVxTGGwaLZVKi3Wu7v49uX5B8sc7MEaMyE80tbeN5+bmQq5nty9+/7rOvsSh4iLjIlSUd9VVopGrzyu+Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d396cd5e2f0507bd1924cc206edf899f
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 09 Jun 2021 13:41:18 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3554944e961fb0e42426a2773f65c40b"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 Jun 2022 12:05:31 GMT
ping
api.viglink.com/api/ 		316 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/ping
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.164.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-164-24.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
2464ed35e5167d0cf041eb0fad7a077efd5a069e36320d7f10277cd29b23a41f

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:18 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
316
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
web.vortex.data.msn.com/collect/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://web.vortex.data.msn.com/collect/v1?$mscomCookies=false
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
40.77.226.250 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.msn.com
Access-Control-Allow-Headers
Accept, Authorization, Content-Type, Origin, X-Xbl-Contract-Version, X-Xbl-Device-Type, Xbl-Authz-Actor-10, WithCredentials
Access-Control-Allow-Credentials
true
Impression
arc.msn.com/v3/Delivery/Events/ 		0
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://arc.msn.com/v3/Delivery/Events/Impression?PID=425145535&TID=700360077&CID=128000000001902709&BID=471612618&PG=PC0001WD69.0000000BZC&TPID=425145535&REQASID=C7FECF147220457DA4032266CB59D12F&ASID=77913a0120da45779e4311f8041074f5&SLOT=1&REQT=20210609T134118&MA_Score=2&&DS_EVTID=77913a0120da45779e4311f8041074f5&BCNT=1&PG=PC0001WD69.0000000BZC&UNID=10837393&MAP_TID=FB1A4FA7-43DC-4F3E-A592-2BB35F780342&NCT=1&ASID=C7FECF147220457DA4032266CB59D12F&REQASID=C7FECF147220457DA4032266CB59D12F&ARC=1&EMS=1&LOCALE=EN-US&COUNTRY=US&HTD=-1&LANG=1033&DEVLANG=EN&CIP=40.127.197.1&OPTOUTSTATE=0&HTTPS=1&MARKETBASEDCOUNTRY=US&CFMT=&H=0&W=0&FESVER=1.3&PL=EN-US&ISSIGNEDIN=0&BROWSER=2&ISMOBILE=0&OPSYS=WIN10&MSN_CANVAS=9&CHNL=CFD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.82.209.183 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/xml; charset=utf-8
cache-control
no-store, no-cache
date
Wed, 09 Jun 2021 13:41:18 GMT
content-length
0
expires
Mon, 01 Jan 0001 00:00:00 GMT
RE4qstT
img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4qstT?ver=7e33
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c18b Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6cad1e3bce485d80b4fd9e50d27d4270dfb6d1b15223caf0884ab94efb60edcb
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
am:RE4qstT
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 11:42:28 GMT
timing-allow-origin
*
x-datacenter
NorthEU
x-source-length
2629
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=424918
x-activityid
0867df51-736d-4791-8b07-76390534158f
x-deployment
a89a5014e89c41b7b60a64d7ee950637
content-location
https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE4qstT?ver=7e33
content-length
2629
expires
Mon, 14 Jun 2021 11:43:16 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=132970837947&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=3d6fdadf4653245dc18e9a8aa7e4e6b8&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
VnIcuIOXYEHFKrHtjODkRUKxGlhNqVcFlf1PsCvHG1GJvofo6zPYIIk3jTKt/ciSJ2x4SRc93037Cs7r6K86Qg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 09 Jun 2021 13:41:18 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
AAKS0gv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKS0gv.img?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=1179&y=706
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ac51679a51565976c4a80cb3d2514ea070737f631d60614407c74e2c3e3982e9
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:36:13 GMT
x-datacenter
northeu
x-source-length
576812
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431653
x-activityid
bf17d437-65af-402b-a448-09310eaf824c
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKS0gv?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=1179&y=706
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2615
expires
Mon, 14 Jun 2021 13:35:31 GMT
page.php
www.facebook.com/plugins/ Frame 51D5 		48 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=3d6fdadf4653245dc18e9a8aa7e4e6b8&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
014362aee0fef3d28f6c7a00d395636bc49358ccfba53ca732f4b75c7e0772f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
x-xss-protection
0
content-encoding
br
x-content-type-options
nosniff
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}
strict-transport-security
max-age=15552000; preload
expires
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
8T9gTcD9Pyn6P1c0Vlo3m4Kgkcsb+NxVzvxoJMEIboRky/Ka8SgrBTg+/SEr47v+nLmBlfw06Hiz/gdy6DWcmA==
date
Wed, 09 Jun 2021 13:41:18 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
AAKS0cU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKS0cU.img?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=1444&y=735
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
458296406a6b63acbfd773ffe9ebbdd340db99afd4be22cbb1462e42c4bc72c3
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:34:25 GMT
x-datacenter
northeu
x-source-length
222372
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431586
x-activityid
ddb0cdc7-665d-4cda-bf6b-e2fd6a3a00d2
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKS0cU?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=1444&y=735
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
2240
expires
Mon, 14 Jun 2021 13:34:24 GMT
vendor.92511544b474e7940b73.js
assets.msn.com/bundles/v1/hybrid/latest/startup/ 		2 MB
456 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/hybrid/latest/startup/vendor.92511544b474e7940b73.js
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.239.57 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0dad74e37c9127f70c190861759fbd6237962aae702902d99d346dc69bbbc18a

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 09 Jun 2021 13:41:18 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
Q6TJksQ7ab0v5pEuoop4uA==
server-timing
30
content-length
465770
x-ms-lease-status
unlocked
last-modified
Tue, 08 Jun 2021 15:13:17 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D92A8FF2155281
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":https://deff.nelreports.net/api/report?cat=msn}]}
content-type
application/javascript
x-ms-request-id
1df56ba8-601e-00ea-5f79-5c16fa000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
184.25.239.53
x-ms-version
2009-09-19
akamai-request-id
d26ec27a
AAKRXQB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXQB.img?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=2124&y=1223
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e35bc645e327b528c90833ba64f9e8266cf3fec4df23929631aa0f6b268b9a1c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:35:30 GMT
x-datacenter
northeu
x-source-length
283099
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431592
x-activityid
fdd8bea5-22b7-4100-90d5-57e9531047ba
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXQB?h=75&w=75&m=6&q=60&u=t&o=t&l=f&x=2124&y=1223
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
1620
expires
Mon, 14 Jun 2021 13:34:30 GMT
BB10dZOw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		918 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZOw.img?h=40&w=40&m=6&q=60&u=t&o=t&l=f
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
faf6e5eba2aa8af5a8d630efa1b82ef0564932ee94e95a2633f7410078d13869
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB10dZOw
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Fri, 04 Jun 2021 17:50:08 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
3508
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14852
x-activityid
1eaacb87-f8ad-4fe3-b1f3-cdfe2d4d09c5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZOw?h=40&w=40&m=6&q=60&u=t&o=t&l=f
content-length
918
expires
Wed, 09 Jun 2021 17:48:50 GMT
4c-b97298-68ddb2ab
static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c... 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f84ed511d15151448ad5677b9278e5d8000a65ef98be3c97c4ff0515ec29a827
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-S2
2021-06-08T20:43:22
X-Powered-By
ASP.NET
X-Activity-Id
00000000-d957-4bf6-a678-80fee8af9707
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
9806
X-XSS-Protection
1
X-AspNetMvc-Version
5.2
Last-Modified
Tue, 08 Jun 2021 20:43:22 GMT
Server
Microsoft-IIS/8.5
X-Az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 50, sn: neurope-prod-entertainment, dt: 2021-06-08T05:07:33.6757924Z, bt: 2021-06-08T00:13:25.3733084Z}
X-FRAME-OPTIONS
SAMEORIGIN
X-S1
2021-06-08T20:43:22
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform, max-age=31474836
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
Timing-Allow-Origin
*
X-AppVersion
20210608_21624174
Expires
Wed, 08 Jun 2022 20:41:54 GMT
f4-697f29-5de3d677
static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-75c9b9eb/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/f5-5c0439-ecdc80c3/9c-ab9525-ebb81256/7d-a8... 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-75c9b9eb/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/f5-5c0439-ecdc80c3/9c-ab9525-ebb81256/7d-a8907f-df02ef6a/de-0ae0e7-ae503b62/f4-697f29-5de3d677?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b0f7332988ac4e7c5356c2477e1a2ca05b562be9d3bb8cb5ce46e156bd66e700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-S2
2021-06-08T20:43:22
X-Powered-By
ASP.NET
X-Activity-Id
00000000-a61b-4d80-b1e3-18189239403c
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
5262
X-XSS-Protection
1
X-AspNetMvc-Version
5.2
Last-Modified
Tue, 08 Jun 2021 20:43:22 GMT
Server
Microsoft-IIS/8.5
X-Az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 51, sn: neurope-prod-entertainment, dt: 2021-06-08T05:07:03.3210839Z, bt: 2021-06-08T00:13:25.3733084Z}
X-FRAME-OPTIONS
SAMEORIGIN
X-S1
2021-06-08T20:43:22
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform, max-age=31474989
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
Timing-Allow-Origin
*
X-AppVersion
20210608_21624174
Expires
Wed, 08 Jun 2022 20:44:27 GMT
BB1fiubo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1fiubo.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8e210b05ab927f220ac2b2e16d986a5614d7d5c9c6026f134cb424fb1bf19c5f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Sat, 05 Jun 2021 07:48:19 GMT
x-datacenter
northeu
x-source-length
176671
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=65140
x-activityid
dd61e5f7-1b06-43da-aae6-6bbdd1df3a11
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1fiubo?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
9995
expires
Thu, 10 Jun 2021 07:46:58 GMT
BB1dOnJd.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dOnJd.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
da0928dea4976dc15ee6f8254af7fddc94da6b234e0eb8f0814f61f512452366
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 04:31:26 GMT
x-datacenter
northeu
x-source-length
116184
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=399008
x-activityid
ef985585-1b6c-448a-87d6-3641fbbbb06b
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1dOnJd?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
7454
expires
Mon, 14 Jun 2021 04:31:26 GMT
AAKz0TU.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKz0TU.img?h=350&w=624&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
36f22ebfd62a55586c17e3818117aac31127d3ceacd8b3944eca3fe0c405cbaf
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Mon, 07 Jun 2021 21:40:20 GMT
x-datacenter
northeu
x-source-length
351817
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=287991
x-activityid
b4e601f0-98ff-497b-8bd5-f5183edc9f1b
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKz0TU?h=350&w=624&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
68697
expires
Sat, 12 Jun 2021 21:41:09 GMT
BB196yD8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
41a293ee2e64aa6bbff0bd827041b362b45c91833b96fb41be73fe0b8a1ed82a
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:36:52 GMT
x-datacenter
northeu
x-source-length
97757
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431669
x-activityid
adbe5fd4-c370-48ef-867f-16346f86299a
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
10631
expires
Mon, 14 Jun 2021 13:35:47 GMT
BBUvpML.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		842 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBUvpML.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c6b165b133c62b968cc7919c29ea86cb59affb23b467cd34d9178c4915ade748
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Sun, 06 Jun 2021 19:23:46 GMT
x-datacenter
northeu
x-source-length
941
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=193250
x-activityid
916502fe-69b4-43ac-99bd-ea9b4aaeff46
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBUvpML?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
842
expires
Fri, 11 Jun 2021 19:22:08 GMT
AAKQmHF.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQmHF.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=531&y=177
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34ea8f98b482479fd19b39a179f65f98b2e3bac966c103f9f08da20f2acf7859
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Tue, 08 Jun 2021 21:22:53 GMT
x-datacenter
northeu
x-source-length
643481
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=373239
x-activityid
9c9ede92-a129-4d6b-8039-9bd59db77952
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQmHF?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=531&y=177
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
10482
expires
Sun, 13 Jun 2021 21:21:57 GMT
AAywGC0.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		659 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
50e64629de25349b4a706a8c0c652ff6d4776aa3251a9ab6c7a910531a2adcee
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 03:02:48 GMT
x-datacenter
northeu
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=393759
x-activityid
d7c102e9-56c1-44b5-b59d-c59563d0aa96
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywGC0?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
659
expires
Mon, 14 Jun 2021 03:03:57 GMT
AAKRHjK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRHjK.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=777&y=256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f71c8584d8622b3c3e7993e9fba61c851b359be9e1d39b51353e570be1788137
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:14:08 GMT
x-datacenter
northeu
x-source-length
138629
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430359
x-activityid
cacd709b-6a37-43d1-a440-95610c6440b1
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRHjK?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=777&y=256
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
9179
expires
Mon, 14 Jun 2021 13:13:57 GMT
AABiyAn.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		758 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABiyAn.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0cb2ed0969537b3d538940fc991d4e470d6fa49353f6a05268d3edede5a716df
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AABiyAn
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Sat, 05 Jun 2021 15:22:44 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
951
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=92473
x-activityid
a5327c74-ec58-4670-a074-1440882acd5e
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABiyAn?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
758
expires
Thu, 10 Jun 2021 15:22:31 GMT
AAKRCaG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRCaG.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f02c6cf687023950741438f056d29eb251863744af0f2cad65d59e5f25ecb5ea
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 12:20:56 GMT
x-datacenter
northeu
x-source-length
261919
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427199
x-activityid
79b9c3f0-6c51-493a-9901-f1b2d1d1e40d
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRCaG?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
5436
expires
Mon, 14 Jun 2021 12:21:17 GMT
BB17VHmX.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		451 B
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB17VHmX.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a85a0fdd19dd778f589da6f44b3db2a98ba3b5e0d729789144fa9cd9c4633099
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Mon, 07 Jun 2021 06:03:35 GMT
x-datacenter
northeu
x-source-length
1841
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=231814
x-activityid
a962de36-496e-4671-b65b-fecde3864081
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB17VHmX?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
451
expires
Sat, 12 Jun 2021 06:04:52 GMT
BB1gI0qy.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1gI0qy.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b4272b706822e1d90495302524634f56c8918540c7e7873419372f2c5123faa8
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Sun, 06 Jun 2021 06:56:39 GMT
x-datacenter
northeu
x-source-length
152814
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=148478
x-activityid
72eed5e7-ee54-4eb9-8a41-7acbb357e5dc
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1gI0qy?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
6174
expires
Fri, 11 Jun 2021 06:55:56 GMT
BB1faYfw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1faYfw.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
01d076574b05a66724843fa1d23f51ec0d0f7159568c8b9db11473e5eca7f4fa
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Tue, 08 Jun 2021 04:40:24 GMT
x-datacenter
northeu
x-source-length
190129
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=313095
x-activityid
4bc46e6c-4a17-4bff-8f01-1515db36c3f0
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1faYfw?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
9646
expires
Sun, 13 Jun 2021 04:39:33 GMT
BB1eLvnv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1eLvnv.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b9c65df1df73a1ad15251333de72874d2d3ec17d12ecddf904a812746d9e18fb
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Tue, 08 Jun 2021 09:43:14 GMT
x-datacenter
northeu
x-source-length
34548
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=331339
x-activityid
775ea05c-8473-4a10-8d6e-9acc4a5fbfb3
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1eLvnv?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
5303
expires
Sun, 13 Jun 2021 09:43:37 GMT
BB15d3UJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB15d3UJ.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c07ffbb18d8db65724192f8986f21516d3cdced57827a11bd4c94956aedcaadb
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Tue, 08 Jun 2021 04:52:06 GMT
x-datacenter
northeu
x-source-length
139141
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=313888
x-activityid
821a88d1-a34d-465b-bb2a-39a5f0793e05
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB15d3UJ?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
6806
expires
Sun, 13 Jun 2021 04:52:46 GMT
AAKRQeP.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRQeP.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2cc1883f7d43b74fe0f2f165002cec5894775ae34194a5620da0100dab4d5062
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:26:30 GMT
x-datacenter
northeu
x-source-length
281760
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431036
x-activityid
4b6f87cd-5f38-4176-8b5b-248b0b449599
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRQeP?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
7270
expires
Mon, 14 Jun 2021 13:25:14 GMT
BB10dZNR.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		232 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
377885e3a518aafb3bc278e2ef13de8218503f368a9e5ffa993843fa33a6dd1f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Sun, 06 Jun 2021 08:26:39 GMT
x-datacenter
northeu
x-source-length
1138
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=153912
x-activityid
f2fdeed7-5b9e-420e-87e1-219eef7a9856
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZNR?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
232
expires
Fri, 11 Jun 2021 08:26:30 GMT
AAKQi3G.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQi3G.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1948&y=838
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2af2531528216dd20304be1fc69fac023afba4e01d50dbbd21c842a6fb48c168
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 10:40:26 GMT
x-datacenter
northeu
x-source-length
808101
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=421157
x-activityid
5a72f67b-8be7-4719-b945-23235502487e
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQi3G?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1948&y=838
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
10911
expires
Mon, 14 Jun 2021 10:40:35 GMT
BBNvr53.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		633 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
58a5b43acbbb92f70e045fd526733f71e2d9328a325140a2e93489398ca1f302
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Sun, 06 Jun 2021 18:48:55 GMT
x-datacenter
northeu
x-source-length
592
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=191221
x-activityid
3ecdf6f1-7351-4723-b105-50014a3a58f5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBNvr53?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
633
expires
Fri, 11 Jun 2021 18:48:19 GMT
AAKRXy2.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXy2.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=2604&y=2224
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c0cafd570fa040d73f9f001e507a311996c5c8c4af794655260f7017da4287f5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:24:22 GMT
x-datacenter
northeu
x-source-length
686627
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430929
x-activityid
ce3a6f43-a93e-47ab-8597-9cfded600b56
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXy2?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=2604&y=2224
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
6800
expires
Mon, 14 Jun 2021 13:23:27 GMT
AACl4vY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		690 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl4vY.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a4821ce434a205521d97f3183a539f1faf2f9f089f887bb4fcfedc1b9c8b345c
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 12:25:36 GMT
x-datacenter
northeu
x-source-length
4142
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=427467
x-activityid
59d18529-a549-4ca2-9bc2-b0d2362ac307
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AACl4vY?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
690
expires
Mon, 14 Jun 2021 12:25:45 GMT
AAKRSTJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRSTJ.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=430&y=269
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f472b31bb079b961cf7ceee1ec03484853104936a0e06aac3f03218ab56897
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:30:21 GMT
x-datacenter
northeu
x-source-length
80972
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431421
x-activityid
add855c8-5a20-435f-82fe-24dba9e52a11
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRSTJ?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=430&y=269
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
8241
expires
Mon, 14 Jun 2021 13:31:39 GMT
BB18qTPD.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		327 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1b9703d8da6daed5840900fbedf403f29a2debaf73c47c1862f4d476d777178b
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB18qTPD
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Sat, 05 Jun 2021 06:36:12 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
142
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=60908
x-activityid
813e76e3-f7b2-4e86-a033-a26a77e156f4
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18qTPD?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
327
expires
Thu, 10 Jun 2021 06:36:26 GMT
AAKRZRR.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRZRR.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=604&y=300
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0cbd71ec002548fb306d83a8895cbbf088f04bba2a098eb1a55a41a265be83fc
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:19:35 GMT
x-datacenter
northeu
x-source-length
292050
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430660
x-activityid
72e18f5c-3fca-48df-840f-4b7756872093
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRZRR?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=604&y=300
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
16899
expires
Mon, 14 Jun 2021 13:18:58 GMT
BBO6J5d.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		379 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBO6J5d.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f627478c6e4ac9815268c380654eaa3c80a5beef646a7b96d36baa5002649335
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Sun, 06 Jun 2021 01:35:32 GMT
x-datacenter
northeu
x-source-length
368
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=129248
x-activityid
fe65106f-204d-4747-a09b-46263713fba9
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBO6J5d?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
379
expires
Fri, 11 Jun 2021 01:35:26 GMT
AAyZ1Xv.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAyZ1Xv.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0e7b377b03545a212457978c5f321246c4d133aba42a09c566e0d9b7d855d146
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Sat, 05 Jun 2021 18:02:27 GMT
x-datacenter
northeu
x-source-length
205925
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=102074
x-activityid
f023b70a-8c10-4a3d-970c-6ba4834c9dde
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAyZ1Xv?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
14641
expires
Thu, 10 Jun 2021 18:02:32 GMT
AAKRXmY.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXmY.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1042&y=936
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a921bd4a3b16bb414ae0d2c5b21d8771c850fa5c93bd7c351594928139bc5918
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:20:36 GMT
x-datacenter
northeu
x-source-length
598243
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430798
x-activityid
6473d242-450f-4904-bf8c-bf48e384cc5e
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXmY?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1042&y=936
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
11478
expires
Mon, 14 Jun 2021 13:21:16 GMT
BBAJ56P.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		825 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBAJ56P.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eb1a6b8c2beb495046dae0e5722e319786ab78d9a5d75b00dfa1050cbea829b8
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Mon, 07 Jun 2021 20:10:37 GMT
x-datacenter
northeu
x-source-length
18777
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=282539
x-activityid
c9e517e3-0c37-473f-afdf-b723ff6b0b5b
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBAJ56P?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
825
expires
Sat, 12 Jun 2021 20:10:17 GMT
e151e5.gif
static-entertainment-neu-s-msn-com.akamaized.net/sc/9b/ 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/9b/e151e5.gif
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:18 GMT
Last-Modified
Wed, 19 Aug 2020 20:46:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"027c66976d61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=6342425
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-XSS-Protection
1
BB1fiubo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1fiubo.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8e210b05ab927f220ac2b2e16d986a5614d7d5c9c6026f134cb424fb1bf19c5f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Sat, 05 Jun 2021 07:47:30 GMT
x-datacenter
northeu
x-source-length
176671
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=65169
x-activityid
44e21c61-75cf-4041-9d59-d8f279a80c83
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1fiubo?h=174&w=300&m=6&q=60&u=t&o=t&l=f
content-length
9995
expires
Thu, 10 Jun 2021 07:47:27 GMT
BB196yD8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
41a293ee2e64aa6bbff0bd827041b362b45c91833b96fb41be73fe0b8a1ed82a
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Wed, 09 Jun 2021 13:38:23 GMT
x-datacenter
northeu
x-source-length
97757
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431863
x-activityid
2fd41f0e-a1f5-44f7-a1a7-27441b3d315c
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8?h=174&w=300&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
10631
expires
Mon, 14 Jun 2021 13:39:01 GMT
AAKQoQb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQoQb.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c1ad358a79a0c93355409816a769a2033035ff756a541904e6ef44da15e3456d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:18 GMT
last-modified
Tue, 08 Jun 2021 21:45:13 GMT
x-datacenter
northeu
x-source-length
114716
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=374621
x-activityid
0095a5d0-a655-4156-91e7-36181e3f5eda
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQoQb?h=174&w=300&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
4131
expires
Sun, 13 Jun 2021 21:44:59 GMT
pixels
service.idsync.analytics.yahoo.com/sp/v0/ Frame B6E0 		13 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.idsync.analytics.yahoo.com/sp/v0/pixels?referrer=https%3A%2F%2Fwww.msn.com%2F
Requested by
Host: tag.idsync.analytics.yahoo.com
URL: https://tag.idsync.analytics.yahoo.com/sp-frame.html?referrer=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tag.idsync.analytics.yahoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
ATS/7.1.2.128
Age
0
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://tag.idsync.analytics.yahoo.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
c.gif
c.bing.com/ Frame 4DF8 		42 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?aol_uid=nocookie&Red3=MSAOL_pd
Requested by
Host: cdn.adaptv.advertising.com
URL: https://cdn.adaptv.advertising.com/msft/msftsync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://cdn.adaptv.advertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:18 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: 5493B8DCCC7A4EB593217E24B5AEE0EB Ref B: FRAEDGE1321 Ref C: 2021-06-09T13:41:18Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
AD5a2s9MmAB.css
www.facebook.com/rsrc.php/v3/yv/l/0,cross/ Frame 51D5 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yv/l/0,cross/AD5a2s9MmAB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33c4d08388d6d96ef7d9686c87b96813db25b70791ae1fc620e7120f49d0aec3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 22:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vsKt8TNfQZXx6KsBJlSTJA==
cross-origin-resource-policy
cross-origin
content-length
4595
x-fb-rlafr
0
x-fb-debug
bubYRkIlbX81o/fiLYCGiN9eQ5r6cLZNJ2+eizhR907Fmta9QSW+v2DOHAxziedooOWTyrKCDZopsrEl0snBRw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 08 Jun 2022 22:55:18 GMT
ggzcJLJkhSr.css
www.facebook.com/rsrc.php/v3/y2/l/0,cross/ Frame 51D5 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y2/l/0,cross/ggzcJLJkhSr.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 26 May 2021 21:31:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ywe+5CCuBA6nTAXpv0OCFQ==
cross-origin-resource-policy
cross-origin
content-length
1102
x-fb-rlafr
0
x-fb-debug
nl9zIMcqcteQnWOm3cQ7sSvnzT4T1EQ/zh1xCxE2tQPuCP1E32IlNYiD3mVPuxJmOolNmtWLYkElguw+6F0D+w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 May 2022 21:31:49 GMT
rE55S7ybx7R.css
www.facebook.com/rsrc.php/v3/y5/l/0,cross/ Frame 51D5 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y5/l/0,cross/rE55S7ybx7R.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9cb948b81642df006808c41aa350532f67aa1200f51f006544c2c2ca8746cbb6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 22:56:57 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
e4rTdIaHqtGoiHIjjNnioA==
cross-origin-resource-policy
cross-origin
content-length
2019
x-fb-rlafr
0
x-fb-debug
/6fIvok4CBI2C2CYlm0NeLLGwxwkZvRQUQYkPkm2IzUBb1ZgbCeqLS/rd41rkTQ2fBsV6m5S9kR9TIAUPip4JQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 08 Jun 2022 22:56:57 GMT
mN8-gFiYmm3.js
www.facebook.com/rsrc.php/v3/y0/r/ Frame 51D5 		293 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y0/r/mN8-gFiYmm3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
161d6a8c4bd0ecd29d2265fcc4c94184a0c0429630b1f086c00fdb1902a9c380
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 07 Jun 2021 23:19:11 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
eswN4V6szo7JSf8Wt7HIzA==
cross-origin-resource-policy
cross-origin
content-length
81495
x-fb-rlafr
0
x-fb-debug
VSz4toFqi5J4thw6NjMzs5Id9bMyCiFCJx5oPjJlbwIGsWIHVzokDLG+o22DeePnBQ169H9bQkBrJk6XDrGpYA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 07 Jun 2022 23:19:11 GMT
IEOQM8FL8ot.js
www.facebook.com/rsrc.php/v3/yr/r/ Frame 51D5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 30 May 2021 19:19:45 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy
cross-origin
content-length
1630
x-fb-rlafr
0
x-fb-debug
CMH21b+5ZA/+PdaaN50C9WAP7g0K7OUlN9SDpzQSOjLwUiPFD5dIt1guG++IYd3hkoNDfgNUdetRQN/7udo16g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 30 May 2022 19:19:45 GMT
LDIDWlUlAG9.js
www.facebook.com/rsrc.php/v3/yd/r/ Frame 51D5 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yd/r/LDIDWlUlAG9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56766cebd19e526d59965412d4744818753abe2b9030407f0580eeaf029fff33
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 03 Jun 2021 02:18:29 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zCLO5QjrkLcH6FDlzNjdyg==
cross-origin-resource-policy
cross-origin
content-length
20222
x-fb-rlafr
0
x-fb-debug
2dh3ah+fi91frFYkWqnPB9ibq3zDGsGTLnSSra+icxys/wy7jkqZCEN1H0a6+cQRGet4hbx79Xgg+VJbuhlBUw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Jun 2022 02:18:29 GMT
KRTAHo949Uf.js
www.facebook.com/rsrc.php/v3iEpO4/ye/l/en_US/ Frame 51D5 		126 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/ye/l/en_US/KRTAHo949Uf.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8e2bd46c24371461d74e358678ce7946839bae86e11e0764d4886db0e9ee7bf5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 22:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
iSHopIr7K5Bx7dU3nM5A4w==
cross-origin-resource-policy
cross-origin
content-length
35938
x-fb-rlafr
0
x-fb-debug
hDepZgluNuz/5ItpdeBWMovYehNNpqw0NPneeJxwU8RZMrAMUntqdOu12JDmrVdJ87W+UOIy+8ggs5j89C5Krg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 08 Jun 2022 22:58:36 GMT
1383213_10152367113716409_4382557432445633691_n.png
scontent-frt3-2.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame 51D5 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/1383213_10152367113716409_4382557432445633691_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=QLSs0xFTfswAX-LRvqp&_nc_ht=scontent-frt3-2.xx&tp=30&oh=e16a0ee5234c3ea5acd991d4aac9987a&oe=60E82610
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8c81f9ffd8ec55cb125605458d2e05edbc392df31eccb74a96e02342d57d70e3

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
174246501
date
Wed, 09 Jun 2021 13:41:18 GMT
x-fb-trip-id
686109401
last-modified
Mon, 08 Sep 2014 15:36:58 GMT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3438259527
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1620
IcaTm-jFAR8.js
www.facebook.com/rsrc.php/v3/yP/r/ Frame 51D5 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yP/r/IcaTm-jFAR8.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/y0/r/mN8-gFiYmm3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b26263e492d4334076354b0db27917b73fdf99ca6f24ecb267ddca57a40138b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?adapt_container_width=false&app_id=132970837947&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c943a7b77f2fc%26domain%3Dwww.msn.com%26origin%3Dhttps%253A%252F%252Fwww.msn.com%252Ff13fbea9b385c7c%26relation%3Dparent.parent&container_width=0&hide_cover=true&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&locale=en_US&sdk=joey&show_facepile=true&show_posts=false&small_header=true&width=450
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 05 Jun 2021 19:01:29 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XfPy4s+vkyIdTYCGlL45zw==
cross-origin-resource-policy
cross-origin
content-length
2240
x-fb-rlafr
0
x-fb-debug
7UcnL0z/DtadDgwJRqyW/pQfQEKyCwDZMkFGKE47Z0U7LjEsESDQ7eXFUYUlJmavN3AqfBj7Z2PbVwDQvH4A3A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 05 Jun 2022 19:01:29 GMT
domains
api.viglink.com/api/ 		41 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.164.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-164-24.eu-west-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
46707e53efd4b9b3275f36612378a292b40dee64681f7716a7b5925d18bbf24f

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:18 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript;charset=UTF-8
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 7343 		35 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=1434423295419448847@@46597878,268072975519621521,100|1095|0|0|0|0|0|0|0||43|0|409|b3cbf4f2b3a74aefb65c1bde40829fc4_b3cbf4f2b3a74aefb65c1bde40829fc4-1|||1|0|0|uUVVmBLVH4VX7EYoWZQhUYIxFBr1HGkjz1NDtLtJ26hQxP3rlhEdCskllzAqADQrA7z_uuw_WOM1|||11|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.msn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sync
eb2.3lift.com/ Frame 9EE1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ib.3lift.com
URL: https://ib.3lift.com/sync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.250.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ce565175b007ef13b3c9b4fcf82d5f9c66b71d81e4b79cfae4412b6f20bea4e5

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=5065624763703297008
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
content-type
text/html; charset=utf-8
content-length
477
set-cookie
sync=CgoIgQIQ5ImGiJ8vCgoIkQIQ5ImGiJ8vCgoI4gEQ5ImGiJ8vCgoIkgIQ5ImGiJ8vCgoI5gEQ5ImGiJ8vCgoIhwIQ5ImGiJ8vCgkIOhDkiYaIny8KCQgLEOSJhoifLwoJCF8Q5ImGiJ8vCgkIHxDkiYaIny8=; Max-Age=7776000; Expires=Tue, 07 Sep 2021 13:41:19 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=5065624763703297008; Max-Age=7776000; Expires=Tue, 07 Sep 2021 13:41:19 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
/
b1sync.zemanta.com/usersync/msn/ 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/msn/?puid=1CA5EC2DDA9662691073FC7CDB8F631A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:19 GMT
Content-Length
26
Content-Type
image/gif
trends
www.bing.com/api/v1/mediation/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/api/v1/mediation/trends?appid=B5DB19752CCFB2A8DBC11E7390600F78C2B22A56&q=%7B%22ext%22%3A%7B%22pageType%22%3A%22article_desktop%22%2C%22appId%22%3A%22B5DB19752CCFB2A8DBC11E7390600F78C2B22A56%22%7D%2C%22id%22%3A%22aadb0927f1a94e7f8b1298ed05eeff6b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22aadb0927f1a94e7f8b1298ed05eeff6b%22%7D%5D%2C%22site%22%3A%7B%22cat%22%3A%5B%22trendingrecs%22%5D%2C%22content%22%3A%7B%22url%22%3A%22https%3A%2F%2Fwww.msn.com%2F%22%7D%2C%22domain%22%3A%22www.msn.com%22%2C%22keywords%22%3A%22default%22%2C%22page%22%3A%22https%3A%2F%2Fwww.msn.com%2F%22%2C%22publisher%22%3A%7B%22ext%22%3A%7B%22adunitid%22%3A11714591%2C%22propertyid%22%3A10319710%2C%22formcode%22%3A%22MSNBT3%22%2C%22partnercode%22%3A%22BT04%22%7D%2C%22id%22%3A%2217160724%22%2C%22name%22%3A%22MSN%22%7D%7D%7D
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:202c::200 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
90be81d47338de9c75bddaa23f5f9e94b3937103d0711990b8427c92a70f308c

Request headers

Accept
*/*
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:18 GMT
x-msedge-ref
Ref A: 5FB84E7DEA804B458AF7D383F0EB4DF5 Ref B: VIEEDGE1410 Ref C: 2021-06-09T13:41:19Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.msn.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
1724
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 22E3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoN9_9SNiAgeU29EE2QZskh9-cXNOW90g-zQPs1ZHebp9C_SSuta4bzdAE8DEmkCalc0pASYcWlw&sig=Cg0ArKJSzHCv2loPFTR2EAE&id=lidar2&mcvt=1190&p=0,0,250,300&mtos=1190,1190,1190,1190,1190&tos=1190,0,0,0,0&v=20210607&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=34&adk=1310627930&rs=6&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
social.acdc28fcc2614815ff15.js
assets.msn.com/bundles/v1/hybrid/latest/social/ 		707 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.239.57 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
bc77ae02c87baa4bce9c51e00962bfd98d6e58bb58cb65179d53c5a0dd3af0e5

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 09 Jun 2021 13:41:19 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-md5
3rLLv4ifeeaT/RAgdwpycw==
server-timing
30
content-length
184909
x-ms-lease-status
unlocked
last-modified
Tue, 08 Jun 2021 15:13:16 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D92A8FF1335543
vary
Origin
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":https://deff.nelreports.net/api/report?cat=msn}]}
content-type
application/javascript
x-ms-request-id
1df59883-601e-00ea-6679-5c16fa000000
cache-control
public, no-transform, max-age=31535892
akamai-server-ip
184.25.239.53
x-ms-version
2009-09-19
akamai-request-id
d26ec69d
jot
www138.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www138.civicscience.com/jot?j=3733995863.1493308250&n=0&s=poll&t=created&d=%7B%22target%22%3A%22dc47b0af-1755-c124-4d1b-758f0eee9014%22%2C%22instance%22%3A%22civsci-id-76398579%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A0%2C%22cy%22%3A1985%7D
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.109.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-109-238.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
bootstrap
www138.civicscience.com/widget/api/2/ 		303 B
411 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www138.civicscience.com/widget/api/2/bootstrap?target=dc47b0af-1755-c124-4d1b-758f0eee9014&instance=civsci-id-76398579&context=%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY&mv=5&_=1623246079336&callback=jsonp_1623246079336_54932
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.109.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-109-238.compute-1.amazonaws.com
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
b59f80261f2438879cc976c65abba14549c02b679ddeaf0ef01d81cba1750b9e

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
content-encoding
gzip
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.2.34
x-powered-by
PHP/7.2.34
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
generic
match.adsrvr.org/track/cmf/ Frame 9EE1 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 9EE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=1&gdpr_consent=&google_tc=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFyS6Xixd5DZq9dNZyHBdnI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFyS6Xixd5DZq9dNZyHBdnI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.250.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFyS6Xixd5DZq9dNZyHBdnI&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9EE1
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTA2NTYyNDc2MzcwMzI5NzAwOA%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTA2NTYyNDc2MzcwMzI5NzAwOA%3D%3D&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTA2NTYyNDc2MzcwMzI5NzAwOA%3D%3D&google_tc=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTA2NTYyNDc2MzcwMzI5NzAwOA%3D%3D&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.bing.com/ Frame 9EE1 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=5065624763703297008&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: E3BA80F0990747BAAF2B038F794D4F6E Ref B: FRAEDGE1321 Ref C: 2021-06-09T13:41:19Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 9EE1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/5065624763703297008?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-DfWmO0JE2oQi2vRR8UlNlbRWMUZAEptpRZQ.tx6IHA--~A&dongle=0883
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-DfWmO0JE2oQi2vRR8UlNlbRWMUZAEptpRZQ.tx6IHA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.250.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 09 Jun 2021 13:41:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-DfWmO0JE2oQi2vRR8UlNlbRWMUZAEptpRZQ.tx6IHA--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 9EE1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3744072739603064518&dongle=4d58&gdpr=1&gdpr_consent=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3744072739603064518&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.250.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:19 GMT
X-Proxy-Origin
217.138.209.52; 217.138.209.52; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.133:80
AN-X-Request-Uuid
d1dcaf50-4ba3-4cd0-b51a-7db8bf2ae1bd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=3744072739603064518&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 9EE1
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=5065624763703297008
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=5065624763703297008&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=5065624763703297008&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:19 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=5065624763703297008&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 9EE1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.250.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 9EE1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=5065624763703297008
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 9EE1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=5065624763703297008
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
BB196yD8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
41a293ee2e64aa6bbff0bd827041b362b45c91833b96fb41be73fe0b8a1ed82a
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:36:52 GMT
x-datacenter
northeu
x-source-length
97757
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431668
x-activityid
adbe5fd4-c370-48ef-867f-16346f86299a
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
10631
expires
Mon, 14 Jun 2021 13:35:47 GMT
AAKQmHF.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQmHF.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=531&y=177
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
34ea8f98b482479fd19b39a179f65f98b2e3bac966c103f9f08da20f2acf7859
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Tue, 08 Jun 2021 21:22:53 GMT
x-datacenter
northeu
x-source-length
643481
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=373238
x-activityid
9c9ede92-a129-4d6b-8039-9bd59db77952
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQmHF?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=531&y=177
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
10482
expires
Sun, 13 Jun 2021 21:21:57 GMT
AAKRHjK.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRHjK.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=777&y=256
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f71c8584d8622b3c3e7993e9fba61c851b359be9e1d39b51353e570be1788137
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:14:08 GMT
x-datacenter
northeu
x-source-length
138629
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430358
x-activityid
cacd709b-6a37-43d1-a440-95610c6440b1
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRHjK?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=777&y=256
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
9179
expires
Mon, 14 Jun 2021 13:13:57 GMT
AAKRQeP.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRQeP.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2cc1883f7d43b74fe0f2f165002cec5894775ae34194a5620da0100dab4d5062
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:26:30 GMT
x-datacenter
northeu
x-source-length
281760
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431035
x-activityid
4b6f87cd-5f38-4176-8b5b-248b0b449599
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRQeP?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
7270
expires
Mon, 14 Jun 2021 13:25:14 GMT
AAKQi3G.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQi3G.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1948&y=838
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2af2531528216dd20304be1fc69fac023afba4e01d50dbbd21c842a6fb48c168
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 10:40:26 GMT
x-datacenter
northeu
x-source-length
808101
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=421156
x-activityid
5a72f67b-8be7-4719-b945-23235502487e
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQi3G?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1948&y=838
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
10911
expires
Mon, 14 Jun 2021 10:40:35 GMT
oneriverajaxpage
www.msn.com/en-us/news/ 		31 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/news/oneriverajaxpage?xd-name=ArticlePageOneRiver&startIndex=18&count=25&contentId=AAKPSVY&page-mode=Normal&pageIndex=1&pvid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd-mode=Flexible&telemetrystartindex=161&ver=20210608_21624174&ou=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
65f3912b35fa4ccd6ace1f5ba2de792b6862a59a81f39d6179ce6ad0f5e8d081
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-fetch-mode
cors
origin
https://www.msn.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
_SS=SID=00; _EDGE_S=F=1; _EDGE_V=1; MUID=298EA637D5906C90390EB666D4896D91; MC1=GUID=1ebdd420f6ef47d2981e69a9701427c9&HASH=1ebd&LV=202106&V=4&LU=1623246078771; MS0=5fdf5e894b8a44fba081e8fa97f9bc27
content-length
1739
:path
/en-us/news/oneriverajaxpage?xd-name=ArticlePageOneRiver&startIndex=18&count=25&contentId=AAKPSVY&page-mode=Normal&pageIndex=1&pvid=aadb0927f1a94e7f8b1298ed05eeff6b&rnd-mode=Flexible&telemetrystartindex=161&ver=20210608_21624174&ou=https%3A%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
text/html, */*; q=0.01
cache-control
no-cache
:authority
www.msn.com
referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
text/html, */*; q=0.01
Referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=1209600; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
x-activity-id
18e1705d-2b78-4e9b-9660-d549bc7449e3
vary
User-Agent
content-length
6386
x-xss-protection
1
x-ua-compatible
IE=Edge;chrome=1
pragma
no-cache
x-aspnetmvc-version
5.2
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 26, sn: neurope-prod-entertainment, dt: 2021-06-05T04:50:56.4168922Z, bt: 2021-06-08T00:13:25.3733084Z}
date
Wed, 09 Jun 2021 13:41:19 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-security-policy
default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
x-msedge-ref
Ref A: 18E1705D2B784E9B9660D549BC7449E3 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:19Z
x-appversion
20210608_21624174
expires
-1
AAKRCaG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRCaG.img?h=350&w=624&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
afaa6abf424b31172f2c88864e2e3059b547b08a80b81a481efff1b94fea7f65
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 12:33:22 GMT
x-datacenter
northeu
x-source-length
261919
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427947
x-activityid
fa0275e2-69cc-4ae9-aa10-d889d04e9c08
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRCaG?h=350&w=624&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
16321
expires
Mon, 14 Jun 2021 12:33:46 GMT
AAKRXy2.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXy2.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=2604&y=2224
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c0cafd570fa040d73f9f001e507a311996c5c8c4af794655260f7017da4287f5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:24:22 GMT
x-datacenter
northeu
x-source-length
686627
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430928
x-activityid
ce3a6f43-a93e-47ab-8597-9cfded600b56
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXy2?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=2604&y=2224
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
6800
expires
Mon, 14 Jun 2021 13:23:27 GMT
AAKRSTJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRSTJ.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=430&y=269
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f472b31bb079b961cf7ceee1ec03484853104936a0e06aac3f03218ab56897
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:30:21 GMT
x-datacenter
northeu
x-source-length
80972
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431420
x-activityid
add855c8-5a20-435f-82fe-24dba9e52a11
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRSTJ?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=430&y=269
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
8241
expires
Mon, 14 Jun 2021 13:31:39 GMT
AAKRZRR.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRZRR.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=604&y=300
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0cbd71ec002548fb306d83a8895cbbf088f04bba2a098eb1a55a41a265be83fc
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:19:35 GMT
x-datacenter
northeu
x-source-length
292050
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430659
x-activityid
72e18f5c-3fca-48df-840f-4b7756872093
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRZRR?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=604&y=300
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
16899
expires
Mon, 14 Jun 2021 13:18:58 GMT
pixel.gif
px.moatads.com/ Frame 22E3 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=4156367102&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-D%2BMlZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=1-pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.msn.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fwww.msn.com&lp=https%3A%2F%2Fwww.msn.com&t=1623246078247&de=974525089656&cu=1623246078247&m=1177&ar=c498f16-clean&iw=623b6c1&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A785%3A184&aa=1&ad=1028&cn=63&gn=1&gk=1028&gl=63&ik=1028&ic=1028&ez=1&co=1028&cp=915&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=915&cd=69&ah=915&am=69&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=25707498%3A4175281%3A302682492%3A148845848&bo=msn.com&bd=msn.com&gw=heinekenpldcmdisplay24614018836&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=PL&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=191618&na=77395256&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 09 Jun 2021 13:41:19 GMT
msnTagScript.js
vidstat.taboola.com/msn/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/msn/msnTagScript.js
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4318e5941775a57d8dde5791a50e868b695af30aa84f4f1b72855f59a4c7c08c

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
via
1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront), 1.1 varnish
age
100066
x-amz-meta-mtime
1619612877
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1619612877
content-encoding
gzip
content-length
5618
x-served-by
cache-fra19142-FRA
last-modified
Wed, 28 Apr 2021 12:27:59 GMT
server
AmazonS3
x-timer
S1623246079.457057,VS0,VE0
etag
"854624fa1565b966b4e07aa71801f12c"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=18000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
JT2VJuubEnVCCmA3KZBXhDCIigqfdwSW5rBvu580Q2jSGpI3vWFBgQ==
x-cache-hits
1872
BB1enwaG
www.msn.com/resolver/api/resolve/v2/configindex/ 		30 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/resolver/api/resolve/v2/configindex/BB1enwaG?targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browsertype%22:%22chrome%22,%22version%22:%2289%22,%22ismobile%22:%22false%22},%22domain%22:%22www.msn.com%22,%22locale%22:{%22language%22:%22en%22,%22script%22:%22%22,%22market%22:%22us%22},%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22articleflex%22,%22pageExperiments%22:[%221s-bing-news%22,%221s-winblis%22,%221s-winblisp1%22,%22prg-1sw-halfbtn%22,%22prg-adspeek%22,%22prg-sync-wea2%22]}&apptype=hybrid&maxDepth=10
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
Kestrel /
Resource Hash
b6462fed18a4eb0f5f81ef72bdd0a61fb990166368e980a0f49f0306a425b5fb

Request headers

:path
/resolver/api/resolve/v2/configindex/BB1enwaG?targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browsertype%22:%22chrome%22,%22version%22:%2289%22,%22ismobile%22:%22false%22},%22domain%22:%22www.msn.com%22,%22locale%22:{%22language%22:%22en%22,%22script%22:%22%22,%22market%22:%22us%22},%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22articleflex%22,%22pageExperiments%22:[%221s-bing-news%22,%221s-winblis%22,%221s-winblisp1%22,%22prg-1sw-halfbtn%22,%22prg-adspeek%22,%22prg-sync-wea2%22]}&apptype=hybrid&maxDepth=10
pragma
no-cache
cookie
_SS=SID=00; _EDGE_S=F=1; _EDGE_V=1; MUID=298EA637D5906C90390EB666D4896D91; MC1=GUID=1ebdd420f6ef47d2981e69a9701427c9&HASH=1ebd&LV=202106&V=4&LU=1623246078771; MS0=5fdf5e894b8a44fba081e8fa97f9bc27
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.msn.com
referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
content-encoding
gzip
etag
"OizcCg2ehO14-yUBgFjcRTdFLsg"
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache
TCP_MISS
content-length
9797
server
Kestrel
x-msedge-ref
Ref A: A845243701324D54B2FF01C11238E9C8 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:19Z
x-crs-buildversion
20210528.1_master
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
cache-control
public, max-age=900
x-fabric-cluster
prodneu
x-cid
7
x-ccc
PL
BB1dqeiP
www.msn.com/resolver/api/resolve/v2/configindex/ 		29 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/resolver/api/resolve/v2/configindex/BB1dqeiP?targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browsertype%22:%22chrome%22,%22version%22:%2289%22,%22ismobile%22:%22false%22},%22domain%22:%22www.msn.com%22,%22locale%22:{%22language%22:%22en%22,%22script%22:%22%22,%22market%22:%22us%22},%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22articleflex%22,%22pageExperiments%22:[%221s-bing-news%22,%221s-winblis%22,%221s-winblisp1%22,%22prg-1sw-halfbtn%22,%22prg-adspeek%22,%22prg-sync-wea2%22]}&apptype=hybrid&maxDepth=10
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
Kestrel /
Resource Hash
5d4fce442637408514d95cec9c7509ce7f1970f9a89440460ae274d20f972d30

Request headers

:path
/resolver/api/resolve/v2/configindex/BB1dqeiP?targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browsertype%22:%22chrome%22,%22version%22:%2289%22,%22ismobile%22:%22false%22},%22domain%22:%22www.msn.com%22,%22locale%22:{%22language%22:%22en%22,%22script%22:%22%22,%22market%22:%22us%22},%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22articleflex%22,%22pageExperiments%22:[%221s-bing-news%22,%221s-winblis%22,%221s-winblisp1%22,%22prg-1sw-halfbtn%22,%22prg-adspeek%22,%22prg-sync-wea2%22]}&apptype=hybrid&maxDepth=10
pragma
no-cache
cookie
_SS=SID=00; _EDGE_S=F=1; _EDGE_V=1; MUID=298EA637D5906C90390EB666D4896D91; MC1=GUID=1ebdd420f6ef47d2981e69a9701427c9&HASH=1ebd&LV=202106&V=4&LU=1623246078771; MS0=5fdf5e894b8a44fba081e8fa97f9bc27
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.msn.com
referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
content-encoding
gzip
etag
"pYKDn9CGOOXRWsLwfjHsd9B0dS0"
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache
TCP_MISS
content-length
9432
server
Kestrel
x-msedge-ref
Ref A: 30D4364D05CB420B84FE029A6328CD2B Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:19Z
x-crs-buildversion
20210528.1_master
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
cache-control
public, max-age=900
x-fabric-cluster
prodneu
x-cid
7
x-ccc
PL
BB1d8Nnn
www.msn.com/resolver/api/resolve/v2/configindex/ 		29 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/resolver/api/resolve/v2/configindex/BB1d8Nnn?targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browsertype%22:%22chrome%22,%22version%22:%2289%22,%22ismobile%22:%22false%22},%22domain%22:%22www.msn.com%22,%22locale%22:{%22language%22:%22en%22,%22script%22:%22%22,%22market%22:%22us%22},%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22articleflex%22,%22pageExperiments%22:[%221s-bing-news%22,%221s-winblis%22,%221s-winblisp1%22,%22prg-1sw-halfbtn%22,%22prg-adspeek%22,%22prg-sync-wea2%22]}&apptype=hybrid&maxDepth=10
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
Kestrel /
Resource Hash
ec0482f2ac15dbcb74a934e396d5036563815032ecb87de9b7ed31dbabd88632

Request headers

:path
/resolver/api/resolve/v2/configindex/BB1d8Nnn?targetScope={%22audienceMode%22:%22adult%22,%22browser%22:{%22browsertype%22:%22chrome%22,%22version%22:%2289%22,%22ismobile%22:%22false%22},%22domain%22:%22www.msn.com%22,%22locale%22:{%22language%22:%22en%22,%22script%22:%22%22,%22market%22:%22us%22},%22os%22:%22windows%22,%22platform%22:%22web%22,%22pageType%22:%22articleflex%22,%22pageExperiments%22:[%221s-bing-news%22,%221s-winblis%22,%221s-winblisp1%22,%22prg-1sw-halfbtn%22,%22prg-adspeek%22,%22prg-sync-wea2%22]}&apptype=hybrid&maxDepth=10
pragma
no-cache
cookie
_SS=SID=00; _EDGE_S=F=1; _EDGE_V=1; MUID=298EA637D5906C90390EB666D4896D91; MC1=GUID=1ebdd420f6ef47d2981e69a9701427c9&HASH=1ebd&LV=202106&V=4&LU=1623246078771; MS0=5fdf5e894b8a44fba081e8fa97f9bc27
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.msn.com
referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
content-encoding
gzip
etag
"bMr19L6VzsNzup1zY4kM8vL5PMA"
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cache
TCP_MISS
content-length
9413
server
Kestrel
x-msedge-ref
Ref A: 887F8290785941A19D777CCEFE77616F Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:19Z
x-crs-buildversion
20210528.1_master
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-type
application/json; charset=utf-8
cache-control
public, max-age=900
x-fabric-cluster
prodneu
x-cid
7
x-ccc
PL
3f-d5526d-e4fed064
static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-/direction=ltr.locales=generic-generic.themes=gray.dpi=resolution1x/ 		728 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/css/d7cb56b9-/direction=ltr.locales=generic-generic.themes=gray.dpi=resolution1x/3f-d5526d-e4fed064?ver=20210608_21624174&fdhead=msnallexpusers,muidflt26cf,muidflt49cf,muidflt259cf,muidflt261cf,muidflt314cf,mmxandroid1cf,startedge3cf,starthp1cf,moneyhp2cf,platagyhz2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports2cf,is-uiprc,csmoney3cf,1s-winblis,1s-bliscontrolw,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f90332ac810baaadc5e1858f6d5086c455cd85bc291060ae11dab7d8005a1e67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-S2
2021-06-09T13:41:19
X-Powered-By
ASP.NET
X-Activity-Id
00000000-4aca-4de8-a754-eb11f0661a18
Connection
keep-alive
Vary
User-Agent,Accept-Encoding
Content-Length
382
X-XSS-Protection
1
X-AspNetMvc-Version
5.2
Last-Modified
Wed, 09 Jun 2021 13:41:19 GMT
Server
Microsoft-IIS/8.5
X-Az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 52, sn: neurope-prod-entertainment, dt: 2021-06-09T05:07:04.4053671Z, bt: 2021-06-08T00:13:25.3733084Z}
X-FRAME-OPTIONS
SAMEORIGIN
X-S1
2021-06-09T13:41:19
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform, max-age=31535955
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
Timing-Allow-Origin
*
X-AppVersion
20210608_21624174
Expires
Thu, 09 Jun 2022 13:40:34 GMT
AAKRQk8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRQk8.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1775&y=1489
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
21b45d73e70f3104bdc08d7479a3f82ffcecbf925d37e4e7469c1780d379a767
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:35:45 GMT
x-datacenter
northeu
x-source-length
7168002
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431621
x-activityid
bdb6716c-f0e4-4793-a49d-29e849a86b51
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRQk8?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1775&y=1489
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
7303
expires
Mon, 14 Jun 2021 13:35:00 GMT
AA38A54.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		410 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA38A54.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cff03603fb64285e200197b56d6b961c5d5b7a9da579e4336233632c237c4557
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA38A54
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 04:38:41 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
367
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=399458
x-activityid
306d260f-43ed-4f55-bc39-800220cc5a06
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA38A54?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
410
expires
Mon, 14 Jun 2021 04:38:57 GMT
BB1go4Ah.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1go4Ah.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
40dcbd96862d4e31a6bf6050530bd2224408a956764762f88e2ab2de10d8517a
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Tue, 08 Jun 2021 13:25:13 GMT
x-datacenter
northeu
x-source-length
214177
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=344583
x-activityid
aa882334-3d59-40e2-8e34-b4c798c1c6c4
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1go4Ah?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
7453
expires
Sun, 13 Jun 2021 13:24:22 GMT
AABp9vq.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		737 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABp9vq.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
69fe8812c398d20582b7982917b6fc110d906e16f427c4eb021c64d5f30711af
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Tue, 08 Jun 2021 01:00:42 GMT
x-datacenter
northeu
x-source-length
2454
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=300020
x-activityid
9b09e9d9-995d-4575-a2a8-7fed1a0e8f04
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AABp9vq?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
737
expires
Sun, 13 Jun 2021 01:01:39 GMT
AAKIno2.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKIno2.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1057&y=666
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
86df2995ec016dabe1a9f14014e0343e13415ad4b3f5fec54c80ac3dd3604cf1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:04:35 GMT
x-datacenter
northeu
x-source-length
244207
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429841
x-activityid
ba92a2da-4bb1-41f1-a811-ec553db0cc9b
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKIno2?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1057&y=666
content-length
5969
expires
Mon, 14 Jun 2021 13:05:20 GMT
BB10dZOG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		308 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZOG.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9c35c9853ea99d94357966d697ae8e434f52f06ebdec142f0482d57dcbbef91f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Mon, 07 Jun 2021 10:56:09 GMT
x-datacenter
northeu
x-source-length
1682
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=249271
x-activityid
383761b3-c38f-49c9-ab4d-09dcaf6c2f7a
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZOG?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
308
expires
Sat, 12 Jun 2021 10:55:50 GMT
BB18ZF6e.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18ZF6e.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=465&y=118
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
76110dba7168535af8b2c5c28c0697a1c35d45d16fc0013292b43e870b5ea029
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Tue, 08 Jun 2021 04:05:04 GMT
x-datacenter
northeu
x-source-length
221516
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=311007
x-activityid
6ca52ff1-2d21-435b-b0ad-b46c000c81a9
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB18ZF6e?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=465&y=118
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
8449
expires
Sun, 13 Jun 2021 04:04:46 GMT
AAKRSxH.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRSxH.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0ae9fc7c054741e064a439791769bf78b911f27a435be57b944e0edcfcfedd5d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:03:51 GMT
x-datacenter
northeu
x-source-length
179122
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429762
x-activityid
d4ac90d0-20af-4da1-9cd0-8c2385feb41b
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRSxH?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
4554
expires
Mon, 14 Jun 2021 13:04:01 GMT
AA8I0Dg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		624 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA8I0Dg.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5af432533decd3960400beccbce92d5aa36d5f2f12f7e20f866b2c633f7e85c9
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Sat, 05 Jun 2021 09:33:33 GMT
x-datacenter
northeu
x-source-length
621
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=71506
x-activityid
b265a2fa-3a2f-41e6-bdd8-777a1baa50b3
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA8I0Dg?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
624
expires
Thu, 10 Jun 2021 09:33:05 GMT
BB1cER3Z.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cER3Z.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
80d46fe33cd75ba6f4c930946bdffb29860cb1114e6ad9b2151e63beb8f2a53b
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:03:48 GMT
x-datacenter
northeu
x-source-length
1682666
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429749
x-activityid
19d3317f-7f40-4aea-82e1-eedebaafb90c
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cER3Z?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
12869
expires
Mon, 14 Jun 2021 13:03:48 GMT
AAywHbG.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		675 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywHbG.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
96d57f7dd7e3b7587f784ad03d44edd105c55741fac607ebaa0a04c0516f0787
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAywHbG
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Sun, 06 Jun 2021 19:12:07 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
18737
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=192608
x-activityid
8c488742-73c7-4b75-9218-75ab8bf9217c
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAywHbG?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
675
expires
Fri, 11 Jun 2021 19:11:27 GMT
AAKRH5o.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRH5o.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ec996d214262151b207e0d0d32b5164293a789bbe27961da9c232d9e5ecaf097
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 12:53:54 GMT
x-datacenter
northeu
x-source-length
92535
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429142
x-activityid
752838a7-f6b6-4ca4-a4cc-66b603077c1e
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRH5o?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
10867
expires
Mon, 14 Jun 2021 12:53:41 GMT
AA3lldo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		696 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA3lldo.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d0b610807fcb88b0d9a053ddc8f985f9eb4a472a8fc3ee3716a823b6c1c721f7
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AA3lldo
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Sun, 06 Jun 2021 04:14:28 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
719
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=138752
x-activityid
73abf1e6-53a8-4efe-9baa-a6c5f7499dc5
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA3lldo?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
696
expires
Fri, 11 Jun 2021 04:13:51 GMT
AAKRHnV.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRHnV.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1250&y=193
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b0202b723d3d8557e0eaa30a18226f23d42d6a5abd9c8a88b2c1d3869972aa12
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:08:34 GMT
x-datacenter
northeu
x-source-length
364047
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430095
x-activityid
259f4994-a4e8-4e6e-9db4-846746829ee0
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRHnV?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1250&y=193
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
12729
expires
Mon, 14 Jun 2021 13:09:34 GMT
AAvcS6D.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAvcS6D.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28fc3eb91dde3de99ffd7a31cd728888eb2dc330c0de927db232fb342fab1a03
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Sat, 05 Jun 2021 19:04:45 GMT
x-datacenter
northeu
x-source-length
1466
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=105746
x-activityid
2b03f212-20c7-47ae-85d6-820e555c5455
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAvcS6D?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
731
expires
Thu, 10 Jun 2021 19:03:45 GMT
AA9SGzO.img
img.s-msn.com/tenant/amp/entityid/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.s-msn.com/tenant/amp/entityid/AA9SGzO.img?h=250&w=300&m=1&q=60&b=white
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
104.108.144.238 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
/
Resource Hash
3f42ebfcc1957008b48c76e3054dc3deb641f56f36a0d56320be5b7b5eea5169
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-CMS-CDNInvalKey
amp:AA9SGzO
Date
Wed, 09 Jun 2021 13:41:19 GMT
X-Source-Length
67921
X-ActivityId
68414180-733d-40a1-8980-621e444cf8e2
Content-Location
https://img.s-msn.com/tenant/amp/entityid/AA9SGzO?h=250&w=300&m=1&q=60&b=white
Connection
keep-alive
X-Deployment
72c3fde762c149e9ae8e86fd76d57772
Content-Length
78414
Last-Modified
Fri, 04 Jun 2021 18:21:25 GMT
X-Datacenter
northeu
X-Frame-Options
deny
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=16806
X-Instance
Resizer.Web_IN_3
Timing-Allow-Origin
*
Expires
Wed, 09 Jun 2021 18:21:25 GMT
BB10dZOw.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZOw.img?h=70&w=70&m=6&q=60&u=t&o=t&l=f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ca3db5806ed49d918b7b106508d7800303a86418066f34de1752d8a154b94c6a
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB10dZOw
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Mon, 07 Jun 2021 05:44:38 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
3508
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=230632
x-activityid
6f34f77a-d60b-4b91-ac05-c55266e10e69
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB10dZOw?h=70&w=70&m=6&q=60&u=t&o=t&l=f
content-length
2029
expires
Sat, 12 Jun 2021 05:45:11 GMT
AAKRN7Z.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRN7Z.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
912c59e8d2f7d32f37aa58e5dd4394f02fd88056f8c56d24bc080c6c48265b32
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 12:23:20 GMT
x-datacenter
northeu
x-source-length
183575
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427366
x-activityid
1aafc0b0-6b85-4564-af46-b56ad832073d
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRN7Z?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
11277
expires
Mon, 14 Jun 2021 12:24:05 GMT
BBY4G4r.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		424 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBY4G4r.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9e07a97beca1bea7a77a1e3e1cb2dbd907ef4785dd18d1620d576226e6bf7719
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BBY4G4r
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 04:52:49 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
1079
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=400316
x-activityid
9443dc7f-b676-4597-91fe-d800b0580930
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBY4G4r?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
424
expires
Mon, 14 Jun 2021 04:53:15 GMT
AAKRKX8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRKX8.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=987&y=527
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b090e9dffaca346cc36a0b210ed773cfd21918e1222dfb2fbb6a0f7c8cfe3190
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 12:22:53 GMT
x-datacenter
northeu
x-source-length
301472
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427256
x-activityid
eb75c619-5d13-4824-9232-30a99949b390
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRKX8?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=987&y=527
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
14310
expires
Mon, 14 Jun 2021 12:22:15 GMT
BB2bztB.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		702 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2bztB.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
513a61cafacf9f95761a4466fd4fbca1bef41cb2df4ba57a908c05cc297bb2a4
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:BB2bztB
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Sun, 06 Jun 2021 11:31:55 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
702
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=165061
x-activityid
64977135-6d49-4945-8e09-e37b7f027835
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB2bztB?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
702
expires
Fri, 11 Jun 2021 11:32:20 GMT
AAKRMSV.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRMSV.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=726&y=373
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c1a84b027dcc7428e5e35dafe8540b1d4c432dbc29c1921c5aa03f0ec3c5800b
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 11:52:58 GMT
x-datacenter
northeu
x-source-length
111398
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=425442
x-activityid
7a290501-dda1-454e-aac0-e76f9b6b61d8
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRMSV?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=726&y=373
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
9483
expires
Mon, 14 Jun 2021 11:52:01 GMT
AAg0OiN.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		914 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAg0OiN.img?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
43e0ac063e44313daee4460ac28af705b3761be8411c1736107f6fa4a918b15d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cms-cdninvalkey
amp:AAg0OiN
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Sun, 06 Jun 2021 01:45:57 GMT
timing-allow-origin
*
x-datacenter
northeu
x-source-length
18952
x-frame-options
deny
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=129926
x-activityid
a9388d0b-3cb2-48b2-9d9e-b5105d93bfb2
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAg0OiN?h=16&w=16&m=6&q=60&u=t&o=t&l=f&f=png
content-length
914
expires
Fri, 11 Jun 2021 01:46:45 GMT
pixel.gif
px.moatads.com/ Frame 22E3 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=4156367102&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-D%2BMlZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=1-pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.msn.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fwww.msn.com&lp=https%3A%2F%2Fwww.msn.com&t=1623246078247&de=974525089656&cu=1623246078247&m=1179&ar=c498f16-clean&iw=623b6c1&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A785%3A184&aa=1&ad=1028&cn=1028&gn=1&gk=1028&gl=1028&ik=1028&ic=1028&ez=1&co=1028&cp=915&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=915&cd=915&ah=915&am=915&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=25707498%3A4175281%3A302682492%3A148845848&bo=msn.com&bd=msn.com&gw=heinekenpldcmdisplay24614018836&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=PL&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=191618&na=365200737&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 09 Jun 2021 13:41:19 GMT
jot
www138.civicscience.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www138.civicscience.com/jot?j=3733995863.1493308250&n=1&s=poll&t=metatarget&d=%7B%22target%22%3A3815%2C%22instance%22%3A%22civsci-id-76398579%22%2C%22isContainerSeen%22%3Afalse%2C%22context%22%3A%22%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY%22%2C%22wx%22%3A0%2C%22wy%22%3A0%2C%22wh%22%3A1200%2C%22ww%22%3A1600%2C%22cx%22%3A0%2C%22cy%22%3A1985%2C%22otarget%22%3A3223%7D
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.109.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-109-238.compute-1.amazonaws.com
Software
Apache/2.4.39 (Amazon) /
Resource Hash

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Fri, 30 Aug 2019 14:44:32 GMT
server
Apache/2.4.39 (Amazon)
accept-ranges
bytes
etag
"0-59156a8fe3400"
content-length
0
content-type
text/plain; charset=UTF-8
BidRHanSer
15.taboola.com/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/BidRHanSer?oid=15&width=29&height=29&revmod=&encoded=1&urlonly=1&noimpr=true&pubid=168627&tagid=1472605&cb=29737909462&cirf=https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY&cisrf=&pageType=text&pstn=Below%20Article%20River%20Video%20-%20Desktop&tagVer=3.2.19&pubnm=msn-msn&muid=1CA5EC2DDA9662691073FC7CDB8F631A&rid=aadb0927f1a94e7f8b1298ed05eeff6b
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/msn/msnTagScript.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
14e2c66bbe5e9e0da3cd7b1ce687d34a5c2b53492b6283cce8cb1872f4f338b4

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
content-encoding
gzip
server
nginx
x-timer
S1623246080.630809,VS0,VE25
machineid
1450
vary
Accept-Encoding
x-cache
MISS
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
x-cache-hits
0
accept-ranges
bytes
x-served-by
cache-fra19142-FRA
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0AF4
Redirect Chain
  • https://ib.adnxs.com/async_usersync_file
  • https://acdn.adnxs.com/dmp/async_usersync.html
52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.msn.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=3744072739603064518
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Mon, 07 Jun 2021 05:03:25 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Wed, 09 Jun 2021 13:41:19 GMT
Age
32658
X-Served-By
cache-lga21962-LGA, cache-hhn4082-HHN
X-Cache
HIT, HIT
X-Cache-Hits
163901, 642094
X-Timer
S1623246080.748444,VS0,VE0
Vary
Accept-Encoding

Redirect headers

Server
nginx/1.17.9
Date
Wed, 09 Jun 2021 13:41:19 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Location
https://acdn.adnxs.com/dmp/async_usersync.html
AN-X-Request-Uuid
521a711e-4b3b-4dde-8c01-1390d8c8a3b5
Set-Cookie
uuid2=3744072739603064518; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 07-Sep-2021 13:41:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
217.138.209.52; 217.138.209.52; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.154:80
v1
match.sharethrough.com/sync/ 		68 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?supply_id=FPB1dLHF&supply_user_id=298EA637D5906C90390EB666D4896D91
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.223.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
68
content-type
image/png
sync
visitor.omnitagjs.com/visitor/ 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9871605be8d4b2a982914bf5c9348e7b&name=MSN&visitor=298EA637D5906C90390EB666D4896D91&external=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
content-length
49
expires
0
target
www138.civicscience.com/widget/api/2/ 		0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www138.civicscience.com/widget/api/2/target?target=dc47b0af-1755-c124-4d1b-758f0eee9014&instance=civsci-id-76398579&context=%2F%2Fwww.msn.com%2Fen-us%2Fnews%2Fpolitics%2Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%2Far-AAKPSVY&mv=5&_=1623246079591&callback=jsonp_1623246079591_99786
Requested by
Host: www138.civicscience.com
URL: https://www138.civicscience.com/jspoll/4/civicscience-widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.109.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-109-238.compute-1.amazonaws.com
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.2.34 / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
x-powered-by
PHP/7.2.34
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.2.34
en_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/
Redirect Chain
  • https://play.google.com/intl/en_us/badges/images/generic/en_badge_web_generic.png
  • https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Oct 2019 05:15:00 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/webmaster/play_google
content-type
image/png
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13957
x-xss-protection
0
expires
Wed, 09 Jun 2021 13:41:19 GMT

Redirect headers

date
Wed, 09 Jun 2021 13:41:19 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
284
x-xss-protection
0
BB1fiubo.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1fiubo.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8e210b05ab927f220ac2b2e16d986a5614d7d5c9c6026f134cb424fb1bf19c5f
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Sat, 05 Jun 2021 07:47:30 GMT
x-datacenter
northeu
x-source-length
176671
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=65168
x-activityid
44e21c61-75cf-4041-9d59-d8f279a80c83
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1fiubo?h=174&w=300&m=6&q=60&u=t&o=t&l=f
content-length
9995
expires
Thu, 10 Jun 2021 07:47:27 GMT
BB196yD8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
41a293ee2e64aa6bbff0bd827041b362b45c91833b96fb41be73fe0b8a1ed82a
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:38:23 GMT
x-datacenter
northeu
x-source-length
97757
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431862
x-activityid
2fd41f0e-a1f5-44f7-a1a7-27441b3d315c
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB196yD8?h=174&w=300&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
10631
expires
Mon, 14 Jun 2021 13:39:01 GMT
AAKQoQb.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQoQb.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c1ad358a79a0c93355409816a769a2033035ff756a541904e6ef44da15e3456d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Tue, 08 Jun 2021 21:45:13 GMT
x-datacenter
northeu
x-source-length
114716
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=374620
x-activityid
0095a5d0-a655-4156-91e7-36181e3f5eda
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKQoQb?h=174&w=300&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
4131
expires
Sun, 13 Jun 2021 21:44:59 GMT
en-us.svg
apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/
Redirect Chain
  • https://tools.applemediaservices.com/api/badges/download-on-the-app-store/black/en-us?
  • https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apple-resources.s3.amazonaws.com/media-badges/download-on-the-app-store/black/en-us.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.136.201 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:20 GMT
Last-Modified
Wed, 29 Apr 2020 21:18:39 GMT
Server
AmazonS3
x-amz-request-id
RZZVN7AYJ9XYSS5Y
ETag
"2928664fe1fc6aca88583a6f606d60ba"
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
10804
x-amz-id-2
vZkO+tV+/iifXlNGz6Ha+rcanaZ2kLURhFk1YcJuqgMNA/vkJHVawX5rM6OM6w4/MmN5fDW9Huk=

Redirect headers

location
https://apple-resources.s3.amazonaws.com:443/media-badges/download-on-the-app-store/black/en-us.svg
date
Wed, 09 Jun 2021 13:41:19 GMT
server
awselb/2.0
content-length
134
content-type
text/html
me
api.msn.com/community/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/users/me?version=1.1&profile=social&verify=false&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
x-fd-features
vebudumu04302020,1s-winblis,prg-adspeek,prg-sync-wea2
x-fd-detection-corpnet
0
x-fd-flight
1ilc=vebudumu04302020,2jii=1s-winblis,2ml4=prg-adspeek,2nv2=prg-sync-wea2
x-activity-id
6FF723B0A892419196D3601925F38E28
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 6FF723B0A892419196D3601925F38E28 Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:19Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
/
api.msn.com/community/urls/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/urls/?cmsid=AAKPSVY&market=en-us&version=1.1&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
x-fd-features
vebudumu04302020,btrecenus,iframeflex,1s-winblis,prg-adspeek,prg-cpship,prg-cpp,prg-northstar,prg-wpo-northstr,prg-sync-wea2,prg-enpeek3,prg-cpp,prg-enpeekhvar3,prg-northstar,prg-wpo-northstr
x-fd-detection-corpnet
0
x-fd-flight
1ilc=vebudumu04302020,275g=btrecenus,2922=iframeflex,2jii=1s-winblis,2ml4=prg-adspeek,2mvw=prg-cpship,2nv2=prg-sync-wea2,2omo=prg-enpeek3
x-activity-id
BB102E86CFB54F2DB934EE414100D7F8
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: BB102E86CFB54F2DB934EE414100D7F8 Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:19Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
me
api.msn.com/community/users/ 		176 B
730 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/users/me?version=1.1&profile=social&verify=false&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
d92f9463e3b01fca3992d546b9abba43398e36cf9b4a3c369d7ebacf72cd068a

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
servertoserverauth
False
ddd-activityid
5e01674e-feeb-4c55-8954-c550274f6cf7
x-msedge-ref
Ref A: C758A9FC977C42429BA9EEE5BE12063E Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:19Z
ddd-strategyexecutionlatency
00:00:00.0000873
x-cache
CONFIG_NOCACHE
x-activity-id
C758A9FC977C42429BA9EEE5BE12063E
content-length
176
x-fd-flight
muidflt26=muidflt26cf,muidflt49=muidflt49cf,muidflt259=muidflt259cf,muidflt261=muidflt261cf,muidflt314=muidflt314cf,mmxandroid1=mmxandroid1cf,startedge3=startedge3cf,starthp1=starthp1cf,moneyhp2=moneyhp2cf,platagyhz2=platagyhz2cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,1kbh=bbh20200521msn,msnsports2=msnsports2cf,wfeedsmuid4=is-uiprc,csmoney3=csmoney3cf,2jii=1s-winblis,2lxx=1s-bliscontrolw,2ml4=prg-adspeek,2nv2=prg-sync-wea2,csmoney7=csmoney7cf
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-credentials
true
x-msedge-responseinfo
0
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
onewebservicelatency
0
/
api.msn.com/community/urls/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/urls/?cmsid=AAKPSVY&market=en-us&version=1.1&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
fa5da7bb5eeb81b4bcab30bf4f2cbae2586bdcc5aff2ef8b7ac2ba2513be511e

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
content-encoding
gzip
servertoserverauth
False
ddd-activityid
9267cc9d-c4aa-4651-a745-8048fafe95d7
ddd-strategyexecutionlatency
00:00:00.0001716
x-cache
CONFIG_NOCACHE
x-activity-id
F0E02FA0DB7441409F3FAA10A75350BA
content-length
899
x-fd-flight
muidflt26=muidflt26cf,muidflt49=muidflt49cf,muidflt54=segmentint,muidflt259=muidflt259cf,muidflt261=muidflt261cf,muidflt314=muidflt314cf,mmxandroid1=mmxandroid1cf,startedge3=startedge3cf,starthp1=starthp1cf,moneyhp2=moneyhp2cf,moneyhp3=partnersctrl,platagyhz2=platagyhz2cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,1irw=revc-spar-us,1kbh=bbh20200521msn,msnsports2=msnsports2cf,wfeedsmuid4=is-uiprc,csmoney3=csmoney3cf,275g=btrecenus,2922=iframeflex,2jii=1s-winblis,2lxx=1s-bliscontrolw,2ml4=prg-adspeek,2mvw=prg-cpship,2nv2=prg-sync-wea2,csmoney7=csmoney7cf,2omo=prg-enpeek3
x-msedge-ref
Ref A: F0E02FA0DB7441409F3FAA10A75350BA Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:19Z
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-credentials
true
x-msedge-responseinfo
0
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
onewebservicelatency
0
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-ms-flightid,x-msedge-clientid
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

vary
Origin
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-ms-flightid,x-msedge-clientid
access-control-max-age
21600
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 98AFE38E71BB4A92A72D5B0DC7968C5B Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:19Z
date
Wed, 09 Jun 2021 13:41:18 GMT
content-length
0
auction
srtb.msn.com/ 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
0c5c3a8c41dcdf3c5dfd898d185b6e555e48e4a7d8c981c8bb7d8c0f1b3c6816
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/html, */*; q=0.01
x-msEdge-clientId
298EA637D5906C90390EB666D4896D91
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: CDB581A8677B4022A3E18EC136923E61 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:19Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-ms-flightid,x-msedge-clientid
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

vary
Origin
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-ms-flightid,x-msedge-clientid
access-control-max-age
21600
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 2890B79B82A444B7AE728AD2C56108B1 Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:19Z
date
Wed, 09 Jun 2021 13:41:18 GMT
content-length
0
auction
srtb.msn.com/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
a539c51289211b07d01dcce3331064f3d0dce9ba8c8a2bdcb6eec658d7aacf1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/html, */*; q=0.01
x-msEdge-clientId
298EA637D5906C90390EB666D4896D91
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: B4E03837C84944C680BDB7D2517B1F42 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:19Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
auction
srtb.msn.com/ 		59 KB
60 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
df1d0f03aa591b124fa37a5ad7978997cf073dbf5a03fb73b7146afdc2429161
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/html, */*; q=0.01
x-msEdge-clientId
298EA637D5906C90390EB666D4896D91
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 3C001C32C025487895648867DCF14985 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:19Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-ms-flightid,x-msedge-clientid
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

vary
Origin
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-ms-flightid,x-msedge-clientid
access-control-max-age
21600
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: E56C19E6939A4E4B8860D3A2C5B9E15B Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:19Z
date
Wed, 09 Jun 2021 13:41:18 GMT
content-length
0
pixel.gif
px.moatads.com/ Frame 22E3 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=4156367102&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-D%2BMlZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=1-pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.msn.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fwww.msn.com&lp=https%3A%2F%2Fwww.msn.com&t=1623246078247&de=974525089656&cu=1623246078247&m=1180&ar=c498f16-clean&iw=623b6c1&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A785%3A184&aa=1&ad=1028&cn=1028&gn=1&gk=1028&gl=1028&ik=1028&ic=1028&ez=1&co=1028&cp=915&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=915&cd=915&ah=915&am=915&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=25707498%3A4175281%3A302682492%3A148845848&bo=msn.com&bd=msn.com&gw=heinekenpldcmdisplay24614018836&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=PL&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=191618&na=574795319&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 09 Jun 2021 13:41:19 GMT
UnitMSNWidgetDesktop.min.js
vidstat.taboola.com/lite-unit/3.4.3/ 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.4.3/UnitMSNWidgetDesktop.min.js
Requested by
Host: 15.taboola.com
URL: https://15.taboola.com/BidRHanSer?oid=15&width=29&height=29&revmod=&encoded=1&urlonly=1&noimpr=true&pubid=168627&tagid=1472605&cb=29737909462&cirf=https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY&cisrf=&pageType=text&pstn=Below%20Article%20River%20Video%20-%20Desktop&tagVer=3.2.19&pubnm=msn-msn&muid=1CA5EC2DDA9662691073FC7CDB8F631A&rid=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1ee513b6bc0ce6af33fe601376c14fff51c246c063a58941e27a04345faa349

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront), 1.1 varnish
age
2089802
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
27786
x-served-by
cache-fra19142-FRA
last-modified
Sat, 15 May 2021 09:01:53 GMT
server
AmazonS3
x-timer
S1623246080.831204,VS0,VE0
etag
"ce3245223a202c211abe1ed3bb5dd099"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
hOoUqcOp0l33zNq9KDGnB0Fs_qx1tNLJRoWs7GXTmMXamELgZ0t0Nw==
x-cache-hits
981
auction
srtb.msn.com/ 		8 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
f4013fc8c3351673b73d7c7fb6a730b40019ca8345eba0b4c99e9c03b39a4c39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/html, */*; q=0.01
x-msEdge-clientId
298EA637D5906C90390EB666D4896D91
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 226C4C16FDD442A4872FA15B2E686CB0 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:19Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-ms-flightid,x-msedge-clientid
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

vary
Origin
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-ms-flightid,x-msedge-clientid
access-control-max-age
21600
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 6FD19BFD5BBF41C4B26470AEFB2416FF Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:19Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
async_usersync
ib.adnxs.com/ Frame 0AF4 		0
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:19 GMT
X-Proxy-Origin
217.138.209.52; 217.138.209.52; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.77:80
AN-X-Request-Uuid
e999d42c-6c32-447b-a765-e5d5965dd357
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AAKRXy2.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXy2.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=2604&y=2224
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c0cafd570fa040d73f9f001e507a311996c5c8c4af794655260f7017da4287f5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:24:22 GMT
x-datacenter
northeu
x-source-length
686627
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430928
x-activityid
ce3a6f43-a93e-47ab-8597-9cfded600b56
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRXy2?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=2604&y=2224
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
6800
expires
Mon, 14 Jun 2021 13:23:27 GMT
AAKRSTJ.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRSTJ.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=430&y=269
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f472b31bb079b961cf7ceee1ec03484853104936a0e06aac3f03218ab56897
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:30:21 GMT
x-datacenter
northeu
x-source-length
80972
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=431420
x-activityid
add855c8-5a20-435f-82fe-24dba9e52a11
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRSTJ?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=430&y=269
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
8241
expires
Mon, 14 Jun 2021 13:31:39 GMT
AAKRZRR.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRZRR.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=604&y=300
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0cbd71ec002548fb306d83a8895cbbf088f04bba2a098eb1a55a41a265be83fc
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:19:35 GMT
x-datacenter
northeu
x-source-length
292050
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430659
x-activityid
72e18f5c-3fca-48df-840f-4b7756872093
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRZRR?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=604&y=300
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
16899
expires
Mon, 14 Jun 2021 13:18:58 GMT
AAKIno2.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKIno2.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1057&y=666
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
86df2995ec016dabe1a9f14014e0343e13415ad4b3f5fec54c80ac3dd3604cf1
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:04:35 GMT
x-datacenter
northeu
x-source-length
244207
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429841
x-activityid
ba92a2da-4bb1-41f1-a811-ec553db0cc9b
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKIno2?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1057&y=666
content-length
5969
expires
Mon, 14 Jun 2021 13:05:20 GMT
AAKRSxH.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRSxH.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0ae9fc7c054741e064a439791769bf78b911f27a435be57b944e0edcfcfedd5d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:03:51 GMT
x-datacenter
northeu
x-source-length
179122
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429762
x-activityid
d4ac90d0-20af-4da1-9cd0-8c2385feb41b
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRSxH?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
4554
expires
Mon, 14 Jun 2021 13:04:01 GMT
BB1cER3Z.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cER3Z.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
80d46fe33cd75ba6f4c930946bdffb29860cb1114e6ad9b2151e63beb8f2a53b
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:03:48 GMT
x-datacenter
northeu
x-source-length
1682666
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429749
x-activityid
19d3317f-7f40-4aea-82e1-eedebaafb90c
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1cER3Z?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
12869
expires
Mon, 14 Jun 2021 13:03:48 GMT
AAKRH5o.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRH5o.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ec996d214262151b207e0d0d32b5164293a789bbe27961da9c232d9e5ecaf097
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 12:53:54 GMT
x-datacenter
northeu
x-source-length
92535
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429142
x-activityid
752838a7-f6b6-4ca4-a4cc-66b603077c1e
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRH5o?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
10867
expires
Mon, 14 Jun 2021 12:53:41 GMT
AAKRHnV.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRHnV.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1250&y=193
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b0202b723d3d8557e0eaa30a18226f23d42d6a5abd9c8a88b2c1d3869972aa12
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 13:08:34 GMT
x-datacenter
northeu
x-source-length
364047
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=430095
x-activityid
259f4994-a4e8-4e6e-9db4-846746829ee0
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRHnV?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=1250&y=193
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
12729
expires
Mon, 14 Jun 2021 13:09:34 GMT
AAKRN7Z.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRN7Z.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
912c59e8d2f7d32f37aa58e5dd4394f02fd88056f8c56d24bc080c6c48265b32
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 12:23:20 GMT
x-datacenter
northeu
x-source-length
183575
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427366
x-activityid
1aafc0b0-6b85-4564-af46-b56ad832073d
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRN7Z?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
11277
expires
Mon, 14 Jun 2021 12:24:05 GMT
AAKRKX8.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRKX8.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=987&y=527
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-ce16e029/direction=ltr.locales=generic-generic.themes=start.dpi=resolution1x/2d-d73afb-892ace9/ff-f4f6da-68ddb2ab/69-de6c5a-7b239fa0/4c-b97298-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt13cf,muidflt17cf,muidflt18cf,muidflt48cf,muidflt52cf,muidflt53cf,muidflt118cf,muidflt261cf,muidflt315cf,pneedge1cf,platagyedge1cf,platagyedge3cf,bingcollabedge3cf,platagyhp2cf,audexhp2cf,moneyhp2cf,audexhz3cf,moneyhz3cf,article2cf,gallery1cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msncf,shophp2cf,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b090e9dffaca346cc36a0b210ed773cfd21918e1222dfb2fbb6a0f7c8cfe3190
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 12:22:53 GMT
x-datacenter
northeu
x-source-length
301472
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=427256
x-activityid
eb75c619-5d13-4824-9232-30a99949b390
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRKX8?h=174&w=300&m=6&q=60&u=t&o=t&l=f&f=jpg&x=987&y=527
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
14310
expires
Mon, 14 Jun 2021 12:22:15 GMT
BB1go4Ah.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1go4Ah.img?h=350&w=624&m=6&q=60&u=t&o=t&l=f&f=jpg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
21b9101b3f5ebd4a06ac82046643c8f16de8f869774d41da49d1ab739f9f7349
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Tue, 08 Jun 2021 13:28:12 GMT
x-datacenter
northeu
x-source-length
214177
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=344794
x-activityid
124770b7-cd88-4944-82e8-c0f5a15a5dd1
x-deployment
72c3fde762c149e9ae8e86fd76d57772
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1go4Ah?h=350&w=624&m=6&q=60&u=t&o=t&l=f&f=jpg
content-length
23066
expires
Sun, 13 Jun 2021 13:27:53 GMT
d0-00b3fc-68ddb2ab
static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-/direction=ltr.locales=generic-generic.themes=gray.dpi=resolution1x/f2-58ec27-68ddb2ab/ 		910 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-/direction=ltr.locales=generic-generic.themes=gray.dpi=resolution1x/f2-58ec27-68ddb2ab/d0-00b3fc-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt26cf,muidflt49cf,muidflt259cf,muidflt261cf,muidflt314cf,mmxandroid1cf,startedge3cf,starthp1cf,moneyhp2cf,platagyhz2cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports2cf,is-uiprc,csmoney3cf,1s-winblis,1s-bliscontrolw,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3f8fd05efca598d41447a3afcfee85792a9014313ab58ee665c84debee29dcff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Powered-By
ASP.NET
X-Activity-Id
00000000-59d7-4623-bc3e-b5cf8d46d714
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
525
X-XSS-Protection
1
X-AspNetMvc-Version
5.2
Last-Modified
Tue, 08 Jun 2021 20:35:11 GMT
Server
Microsoft-IIS/8.5
X-Az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 18, sn: neurope-prod-entertainment, dt: 2021-06-05T05:02:02.1539921Z, bt: 2021-06-01T00:12:19.8247979Z}
X-FRAME-OPTIONS
SAMEORIGIN
X-S1
2021-06-08T20:35:11
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, no-transform, max-age=31474427
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
X-AppVersion
20210601_21448660
Expires
Wed, 08 Jun 2022 20:35:06 GMT
AAKRMSV.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRMSV.img?h=350&w=624&m=6&q=60&u=t&o=t&l=f&f=jpg&x=726&y=373
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b5e3415e5922ed8a878375841586d9c9b43ad80d80592b4bfa0b6a56013401a5
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:19 GMT
last-modified
Wed, 09 Jun 2021 12:01:11 GMT
x-datacenter
northeu
x-source-length
111398
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=426003
x-activityid
2bc02150-4724-4d58-97cd-c21191f90629
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKRMSV?h=350&w=624&m=6&q=60&u=t&o=t&l=f&f=jpg&x=726&y=373
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
32050
expires
Mon, 14 Jun 2021 12:01:22 GMT
auction
srtb.msn.com/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
f04cd2e360bbe2739a3e7ade5030ef5efbf156747df977faded2e2f5ded36817
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
text/html, */*; q=0.01
x-msEdge-clientId
298EA637D5906C90390EB666D4896D91
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-ms-flightId
msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: AA8C747A69B7445F8174F2139B0E9DE1 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:19Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
auction
srtb.msn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://srtb.msn.com/auction
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-ms-flightid,x-msedge-clientid
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

vary
Origin
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-ms-flightid,x-msedge-clientid
access-control-max-age
21600
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 7135479F596846F7818928A00ACFC38A Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:19Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
reactions
api.msn.com/community/urls/AAKPSVY_en-us/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/urls/AAKPSVY_en-us/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
x-fd-features
vebudumu04302020,1s-winblis,prg-adspeek,prg-sync-wea2
x-fd-detection-corpnet
0
x-fd-flight
1ilc=vebudumu04302020,2jii=1s-winblis,2ml4=prg-adspeek,2nv2=prg-sync-wea2
x-activity-id
54CEFDDE31F84D11819A8453AC57882D
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 54CEFDDE31F84D11819A8453AC57882D Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:20Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
/
api.msn.com/community/comments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/?contentId=AAKPSVY_en-us&$top=6&$skip=0&$orderby=Rating&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
x-fd-features
vebudumu04302020,1s-winblis,prg-adspeek,prg-sync-wea2
x-fd-detection-corpnet
0
x-fd-flight
1ilc=vebudumu04302020,2jii=1s-winblis,2ml4=prg-adspeek,2nv2=prg-sync-wea2
x-activity-id
04BDCB4F3D28481DBAC516C8115B5B6A
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 04BDCB4F3D28481DBAC516C8115B5B6A Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:20Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26a621a1e1f8298b87bbbf5946f4517a104ca51267d098cc8e29fa02e3361872

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		387 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2

Request headers

Origin
https://www.msn.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		239 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9

Request headers

Origin
https://www.msn.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
reactions
api.msn.com/community/urls/AAKPSVY_en-us/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/urls/AAKPSVY_en-us/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
2d5c0e3647a7f76419f1dd18d0d328e8fb0bc7b3000c62902d0bf0e0aa991729

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
content-encoding
gzip
servertoserverauth
False
ddd-activityid
433164b3-5505-4823-8801-7ac9a86eb040
ddd-strategyexecutionlatency
00:00:00.0036900
x-cache
CONFIG_NOCACHE
x-activity-id
D947A7B0A7BB4C38BE375B02AE2DA4DC
content-length
686
x-fd-flight
muidflt26=muidflt26cf,muidflt49=muidflt49cf,muidflt259=muidflt259cf,muidflt261=muidflt261cf,muidflt314=muidflt314cf,mmxandroid1=mmxandroid1cf,startedge3=startedge3cf,starthp1=starthp1cf,moneyhp2=moneyhp2cf,platagyhz2=platagyhz2cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,1kbh=bbh20200521msn,msnsports2=msnsports2cf,wfeedsmuid4=is-uiprc,csmoney3=csmoney3cf,2jii=1s-winblis,2lxx=1s-bliscontrolw,2ml4=prg-adspeek,2nv2=prg-sync-wea2,csmoney7=csmoney7cf
x-msedge-ref
Ref A: D947A7B0A7BB4C38BE375B02AE2DA4DC Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-credentials
true
x-msedge-responseinfo
4
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
onewebservicelatency
4
/
api.msn.com/community/comments/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/?contentId=AAKPSVY_en-us&$top=6&$skip=0&$orderby=Rating&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
788ec3775a3f9f16d7bd6fa520afe2618445b50fb5518f3bbf6e07fae57c61b9

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
content-encoding
gzip
servertoserverauth
False
ddd-activityid
20bb0315-80f4-48e9-b131-d20832052c88
ddd-strategyexecutionlatency
00:00:00.0281717
x-cache
CONFIG_NOCACHE
x-activity-id
19B97A9FB315427BBDC36F23BA251E9B
content-length
2574
x-fd-flight
muidflt26=muidflt26cf,muidflt49=muidflt49cf,muidflt259=muidflt259cf,muidflt261=muidflt261cf,muidflt314=muidflt314cf,mmxandroid1=mmxandroid1cf,startedge3=startedge3cf,starthp1=starthp1cf,moneyhp2=moneyhp2cf,platagyhz2=platagyhz2cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,1kbh=bbh20200521msn,msnsports2=msnsports2cf,wfeedsmuid4=is-uiprc,csmoney3=csmoney3cf,2jii=1s-winblis,2lxx=1s-bliscontrolw,2ml4=prg-adspeek,2nv2=prg-sync-wea2,csmoney7=csmoney7cf
x-msedge-ref
Ref A: 19B97A9FB315427BBDC36F23BA251E9B Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-credentials
true
x-msedge-responseinfo
28
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
onewebservicelatency
28
1621433817882-3881.jpg
s.yimg.com/lo/api/res/1.2/JJKqLBmjHcSw86_MXcTUOQ--~A/Zmk9ZmlsbDt3PTM1NDtoPTE4MTthcHBpZD1nZW1pbmk7cT0xMDA-/https://s.yimg.com/av/ads/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/JJKqLBmjHcSw86_MXcTUOQ--~A/Zmk9ZmlsbDt3PTM1NDtoPTE4MTthcHBpZD1nZW1pbmk7cT0xMDA-/https://s.yimg.com/av/ads/1621433817882-3881.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b6e7ab26940e703374e9b998dc37c1f84aab736f1e8f01ff643f225874259cb4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 15:55:09 GMT
x-content-type-options
nosniff
age
1806371
cld_latency
1
edge-cache-tag
464277861708808412643956013824481824475,374861764420074484253238957968499159279,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
HIT
status
200 OK
server
ATS
cld_hits
1
x-cache
HIT
strict-transport-security
max-age=15552000
content-length
101466
x-xss-protection
1; mode=block
cld_by
cache-wdc5527-WDC
x-served-by
cache-wdc5527-WDC
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 May 2021 15:34:03 GMT
x-request-id
f8cfa017b441538592f864c5436aa791
x-timer
S1621439710.699447,VS0,VE1
etag
"6291bc989dafe2713ca3fea5c6c23b2b"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
cld_id
f8cfa017b441538592f864c5436aa791
x-cache-hits
1
served
srtb.msn.com/notify/ 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=post-article&i=1&p=AR&l=en-us&d=gemini&b=chrome&a=2f4bd1fc-fd59-4260-8468-aa19bfb89439&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 3D67417DFC484BE4983428E2905A145C Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
1619528918943-4623.jpg
s.yimg.com/lo/api/res/1.2/QyBIlUCACUAqwyrtZhYVEA--~A/Zmk9Zml0O3c9MzU0O2g9MTgxO2FwcGlkPWdlbWluaTtxPTEwMA--/https://s.yimg.com/av/ads/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/QyBIlUCACUAqwyrtZhYVEA--~A/Zmk9Zml0O3c9MzU0O2g9MTgxO2FwcGlkPWdlbWluaTtxPTEwMA--/https://s.yimg.com/av/ads/1619528918943-4623.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1ff53700c59a802feb72f77557789ae79ae1495e7a8ac41c00c2160ee10009ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 09:50:08 GMT
x-content-type-options
nosniff
age
1655472
cld_latency
0
edge-cache-tag
215725990180289108062749101135626310396,177265170196820839413343185198004334213,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
HIT
cld_hits
2
x-cache
HIT
strict-transport-security
max-age=15552000
content-length
41912
x-xss-protection
1; mode=block
cld_by
cache-wdc5568-WDC
x-served-by
cache-wdc5568-WDC
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 May 2021 15:21:28 GMT
server
ATS
x-timer
S1621590608.490323,VS0,VE0
etag
"ca711536203d1ccaf66e3454d6f71dc1"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
2
served
srtb.msn.com/notify/ 		0
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=post-article&i=2&p=AR&l=en-us&d=gemini&b=chrome&a=6119a33c-cb40-4a53-8290-fa0391b4869f&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:19 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 22E636D1F0244D76AC594870097525AA Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
reactions
api.msn.com/community/urls/AAKPSVY_en-us/ 		1 KB
869 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/urls/AAKPSVY_en-us/reactions?friends=true&$top=2&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
fc507db953ff6b75a3e35f820469555662fa0e86112512cdea75f42617ffb565

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
content-encoding
gzip
servertoserverauth
False
ddd-activityid
3ce57282-2794-4716-a817-cbc8cda4b210
ddd-strategyexecutionlatency
00:00:00.0042298
x-cache
CONFIG_NOCACHE
x-activity-id
A9120008AA7E48F7BBF3056B4B988A36
content-length
686
x-fd-flight
muidflt26=muidflt26cf,muidflt49=muidflt49cf,muidflt259=muidflt259cf,muidflt261=muidflt261cf,muidflt314=muidflt314cf,mmxandroid1=mmxandroid1cf,startedge3=startedge3cf,starthp1=starthp1cf,moneyhp2=moneyhp2cf,platagyhz2=platagyhz2cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,1kbh=bbh20200521msn,msnsports2=msnsports2cf,wfeedsmuid4=is-uiprc,csmoney3=csmoney3cf,2jii=1s-winblis,2lxx=1s-bliscontrolw,2ml4=prg-adspeek,2nv2=prg-sync-wea2,csmoney7=csmoney7cf
x-msedge-ref
Ref A: A9120008AA7E48F7BBF3056B4B988A36 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-credentials
true
x-msedge-responseinfo
4
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
onewebservicelatency
4
reactions
api.msn.com/community/urls/AAKPSVY_en-us/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/urls/AAKPSVY_en-us/reactions?friends=true&$top=2&scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
x-fd-features
vebudumu04302020,1s-winblis,prg-adspeek,prg-sync-wea2
x-fd-detection-corpnet
0
x-fd-flight
1ilc=vebudumu04302020,2jii=1s-winblis,2ml4=prg-adspeek,2nv2=prg-sync-wea2
x-activity-id
7843E8ABC0D84BD19EB52FA2D2F52591
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 7843E8ABC0D84BD19EB52FA2D2F52591 Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:20Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
st
imprammp.taboola.com/ Frame 3B54 		1 KB
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7994267&crid=5083905&dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&cmcv=&pix=undefined&cb=1623246080157&uv=2979&tms=1623246080157&abt=206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm!ul2981_vB&ft=0&unm=MSN_WIDGET&aure=false&cirid=7BA18A6CE2647447271543125220&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitMSNWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
08298b694c7ef5bbbfbab76c98f2f13bf71715a77f504017e971b3e1e50d6c84

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7994267&crid=5083905&dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&cmcv=&pix=undefined&cb=1623246080157&uv=2979&tms=1623246080157&abt=206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm!ul2981_vB&ft=0&unm=MSN_WIDGET&aure=false&cirid=7BA18A6CE2647447271543125220&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
x-served-by
cache-fra19142-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1623246080.181825,VS0,VE10
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame D150 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitMSNWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
77c7874123047e7aeee19e9443d8bd20925d5fb1e59226d6a9a0b9c21cb04572

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

server
nginx
date
Wed, 09 Jun 2021 13:41:20 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3405
VideoBidRequestHandlerServlet
wf.taboola.com/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=624&height=350&pubid=198827&tagid=1020237&crid=5083905&noaop=3&sortOrderType=0&cb=1623246080163&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=91954766&pt=1655659260&tz=120&viewable=true&ddast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1472605&dpubid=168627&abtst=206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm!ul2981_vB&mPre=0.025&cirf=https%3A%2F%2Fwww.msn.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitMSNWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e8422161173516e21eec877c07d8bdbf387244b36a073e33a5b270cbdd87161d

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
content-encoding
gzip
access-control-allow-origin
https://www.msn.com
machineid
1436
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19142-FRA
pragma
no-cache
server
nginx
x-timer
S1623246080.187387,VS0,VE45
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://static.vidazoo.com>; rel=preconnect,<http://static.vidazoo.com>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=7994267&crid=5083905&dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&cmcv=&pix=31589837&cb=1623246080157&uv=2979&tms=1623246080157&abt=206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm!ul2981_vB&ft=0&unm=MSN_WIDGET&debug=pn:!sqg:!torgn:1623246074301.3!ts:1623246080157&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
content-length
0
server
nginx
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ Frame 3AB8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8d82e852258ebd5aa9ff54537665e21ff895ce88e28c649194205c5f22ba234a

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
2343932
edge-cache-tag
459545075077583750733979546071949555144,549203737228083100408393099338336146768,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
expiration
expiry-date="Sat, 12 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
content-length
5642
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Wed, 12 May 2021 18:25:12 GMT
server
nginx
x-timer
S1623246080.281246,VS0,VE1
etag
"d0dc85848c4f0e6c6c277ef4cdd80125"
x-served-by
cache-wdc5582-WDC, cache-dca17779-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0bd0a4632b93e3d54b764346603bad5a.png
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_100%2Cw_200%2Cc_fill%2Cg_xy_center%2Cx_520%2Cy_312/ Frame 3AB8 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_100%2Cw_200%2Cc_fill%2Cg_xy_center%2Cx_520%2Cy_312/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0bd0a4632b93e3d54b764346603bad5a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
758af6526a26c5285930a476e7b56ff77ed15e4e71c5bafca08d069136347d52

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
871736
edge-cache-tag
490949754587443083545509014162326776852,299465659369060522855243823098469442505,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
18
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_100%2Cw_200%2Cc_fill%2Cg_xy_center%2Cx_520%2Cy_312/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0bd0a4632b93e3d54b764346603bad5a.png
content-length
7392
x-request-id
0bcd93e7529e2ec60fc4a8ed4f1f65d1
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Wed, 26 May 2021 20:39:36 GMT
server
nginx
x-timer
S1623246080.281268,VS0,VE0
etag
"e2acd73466cb33325a8704c5593f1377"
x-served-by
cache-wdc5578-WDC, cache-dca17720-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
recommendations.notify-available
api.taboola.com/2.0/json/msn-msn/ Frame 3AB8 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__18d762997e2899c85b5c93066e3fb2f4__%7E%7EV1%7E%7E-1823263583740563646%7E%7E-A662PUYFdiHOiK1gJWJwDvtgo5Q9O7knYdIVvRTJyMndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo53IoS7B3dRU7zWKOet0q1VVtsYRUjQ3xF8YPU2NpCKB2MPydLS265bsOcGPeGUTTmHDmMgxuwoNGIzcwsUIITMONpHwrry4pwM9qCS37e8jGMrx2dv6hsMHqcwd3JedY-335JyUpoDQWuuLi1-DNuCi3F2jrRWozNT_OJR70pbbI%2C%7E%7EV1%7E%7E-8211158361712341362%7E%7EPmnNy58L4r6IA3dZqsHM0cdKHC05shCFcmq_IaZLPy7TxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQWmFCSnEBwfvHS6_gEvQyWzX2o3tFBheM5MnAI7Mp-DRm_Ls05YHGv8nuZAECeAkTWIamSH9IkO9vNeguYbmnXoeSQS5zyjAhLoHC1QcuAg373m1_fecBTP5OJiI9sVcGm9gA5HiaxXfyWuPJwtCoIJbNX6kTNDFzkD4wgJBHCC7jrOGv-6iDoYLvQ6osB3pEQ__text%2Ctext&response.session=v2_011fa096318e1da4c57335a818a09529_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.195322,VS0,VE68
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ Frame 3AB8 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=swbanner&i=1&p=AR&l=en-us&d=taboola&b=chrome&a=87742d3f-4677-43c1-b133-5b80547a03fe&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 7B9F09C7B1BB451B9E4CAF2EFEB54D90 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-visible
api.taboola.com/2.0/json/msn-msn/ Frame 3AB8 		0
212 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-visible?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__18d762997e2899c85b5c93066e3fb2f4__%7E%7EV1%7E%7E-1823263583740563646%7E%7E-A662PUYFdiHOiK1gJWJwDvtgo5Q9O7knYdIVvRTJyMndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo53IoS7B3dRU7zWKOet0q1VVtsYRUjQ3xF8YPU2NpCKB2MPydLS265bsOcGPeGUTTmHDmMgxuwoNGIzcwsUIITMONpHwrry4pwM9qCS37e8jGMrx2dv6hsMHqcwd3JedY-335JyUpoDQWuuLi1-DNuCi3F2jrRWozNT_OJR70pbbI%2C%7E%7EV1%7E%7E-8211158361712341362%7E%7EPmnNy58L4r6IA3dZqsHM0cdKHC05shCFcmq_IaZLPy7TxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQWmFCSnEBwfvHS6_gEvQyWzX2o3tFBheM5MnAI7Mp-DRm_Ls05YHGv8nuZAECeAkTWIamSH9IkO9vNeguYbmnXoeSQS5zyjAhLoHC1QcuAg373m1_fecBTP5OJiI9sVcGm9gA5HiaxXfyWuPJwtCoIJbNX6kTNDFzkD4wgJBHCC7jrOGv-6iDoYLvQ6osB3pEQ__text%2Ctext&response.session=v2_011fa096318e1da4c57335a818a09529_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b&ppb=CK0H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.195103,VS0,VE67
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
viewed
srtb.msn.com/notify/ Frame 3AB8 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/viewed?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=swbanner&i=1&p=AR&l=en-us&d=taboola&b=chrome&a=87742d3f-4677-43c1-b133-5b80547a03fe&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: E465DF33578248CE91C489A35A2F7092 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
sd
u.openx.net/w/1.0/
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=298EA637D5906C90390EB666D4896D91&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=298EA637D5906C90390EB666D4896D91&gdpr=0&gdpr_consent=
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=298EA637D5906C90390EB666D4896D91&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.208.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 google
server
OXGW/16.208.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=298EA637D5906C90390EB666D4896D91&gdpr=0&gdpr_consent=
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 google
server
OXGW/16.208.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
/
cds.taboola.com/ 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=298EA637D5906C90390EB666D4896D91&_r=6554840
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 09 Jun 2021 13:41:20 GMT
Cache-Control
no-store
Server
nginx
Connection
close
tabi
sync.hariken.co/sync/taboola/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.hariken.co/sync/taboola/tabi?uuid=298EA637D5906C90390EB666D4896D91
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
152.67.40.109 São Paulo, Brazil, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Wed, 09 Jun 2021 13:41:27 GMT
Server
nginx/1.14.0 (Ubuntu)
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d1adbe375408e8f71e3b625e432e5a700f9adc4bf75ec475862314390d85c36c

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
1665091
edge-cache-tag
459545075077583750733979546071949555144,330487374713449083913600243733399609754,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
47
expiration
expiry-date="Tue, 25 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
content-length
12424
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sat, 24 Apr 2021 17:27:40 GMT
server
nginx
x-timer
S1623246080.281408,VS0,VE0
etag
"ffce95fb71ea333ed60f90033c4e76ba"
x-served-by
cache-wdc5542-WDC, cache-dca17734-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 17
recommendations.notify-available
api.taboola.com/2.0/json/msn-msn/ 		0
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__9397e65f8726c84bade631da6e6266fe__%7E%7EV1%7E%7E-1823263583740563646%7E%7E_BGtZ6lkDUMU1g8Dgnhm1jvtgo5Q9O7knYdIVvRTJyMndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5Lm_ddWN-KUSJ_4lsJoeShFtsYRUjQ3xF8YPU2NpCKB2MPydLS265bsOcGPeGUTTmHDmMgxuwoNGIzcwsUIITMONpHwrry4pwM9qCS37e8jGMrx2dv6hsMHqcwd3JedY-335JyUpoDQWuuLi1-DNuCi3F2jrRWozNT_OJR70pbbI__text&response.session=v2_a427b9b076c25499c0ad8ee3745cc0c9_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.301696,VS0,VE67
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=river&i=1&p=AR&l=en-us&d=taboola&b=chrome&a=e42cac79-a4f6-43d3-ae9b-155991baca83&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 1FE572F1F7AD46C386EC57CC112216D9 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F162a8fe865e40028e663a8ce17080b85.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F162a8fe865e40028e663a8ce17080b85.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f56a880e742e4d70e3a2f9d9464b17ae20f90489bce617a674db77220e22018d

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
483568
edge-cache-tag
434729943278461549066126383179746669623,330487374713449083913600243733399609754,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
83
expiration
expiry-date="Sun, 06 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F162a8fe865e40028e663a8ce17080b85.jpg
content-length
4858
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 06 May 2021 08:23:57 GMT
server
nginx
x-timer
S1623246080.308939,VS0,VE0
etag
"8df41cbf1d2f4a7a6435df27c8e5cfac"
x-served-by
cache-wdc5550-WDC, cache-dca17752-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 203
recommendations.notify-available
api.taboola.com/2.0/json/msn-msn/ 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__b588de3373895d1a1412a7c85fabd486__%7E%7EV1%7E%7E-5624097583960295846%7E%7EdPgPzhjObffPziALpOfyQH4WvBWBv06u6i8vdq1-rrLTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQdtgkZanoluwgvNiG_wZ5k-w7--oHgQi1C9JbGBS_dVym_Ls05YHGv8nuZAECeAkTWIamSH9IkO9vNeguYbmnXrHU0wXRdKvdMWIiPL6EDkgLEr7UzKeuXaAE2oVtQ2kOZo8PqXkBJFL58ajgNdqXRmIoRGfidN9rUgli1PwaXhz__text&response.session=v2_a427b9b076c25499c0ad8ee3745cc0c9_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.324812,VS0,VE68
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=river&i=2&p=AR&l=en-us&d=taboola&b=chrome&a=7ef818c5-4dd5-4098-b898-78f175bb2cfa&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 88FF67B0CDAB456B8EABFBE87BBCF3A4 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6e3ce966b2d1d8befea32c1d474af565.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_624%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_624%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6e3ce966b2d1d8befea32c1d474af565.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b4f557e963a5d417bb85a548218a5a908c3bedb160058c3df42c92d5dcf26bc4

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
1391532
edge-cache-tag
408939693990213852736351053488070106478,556901769415145210478664484121290926773,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
57
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_624%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6e3ce966b2d1d8befea32c1d474af565.jpg
content-length
30494
x-request-id
1eb551558ea62c0f87b2a3e8be5ad7de
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Wed, 05 May 2021 12:01:41 GMT
server
nginx
x-timer
S1623246080.343142,VS0,VE0
etag
"fd7ecb6e9fcb332af2cba8b0673ab202"
x-served-by
cache-wdc5533-WDC, cache-dca17763-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 18
recommendations.notify-available
api.taboola.com/2.0/json/msn-msn/ 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__d32d693ebb9658327d598d2ee039fc9f__%7E%7EV1%7E%7E5731180711890604543%7E%7EqNolrfRtm2FfXnzDmDFhQ-Sosozn3CjgiE0VW92atmTTxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQT8T0mQ8lEx1QUvjPXSyXJ6WSDfWTDFEE86NMSAajRROm_Ls05YHGv8nuZAECeAkTWIamSH9IkO9vNeguYbmnXpNPb12I34zwlGjTybyzxpdMSXl2WM-Wm7mjFR3skeZef548P6ZvigiJhAZJv6UMJpQIiFyKAMoup9dqEAtgoLqjrOGv-6iDoYLvQ6osB3pEQ__text&response.session=v2_a427b9b076c25499c0ad8ee3745cc0c9_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
70
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.358602,VS0,VE70
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=river-dbl&i=3&p=AR&l=en-us&d=taboola&b=chrome&a=3adce3b8-d8b4-4cdd-84da-f6a1d8fcec4b&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 6950682683D2498DB40CD828BD94B5AD Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0bd0a4632b93e3d54b764346603bad5a.png
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_174%2Cw_300%2Cc_fill%2Cg_xy_center%2Cx_520%2Cy_312/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_174%2Cw_300%2Cc_fill%2Cg_xy_center%2Cx_520%2Cy_312/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0bd0a4632b93e3d54b764346603bad5a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f0ee76d95cb00664fb2bdbf59c4cddb3b9d32105cf1f47f55862928db6275dc4

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
334525
edge-cache-tag
490949754587443083545509014162326776852,412298489212609052739735079187340608550,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
182
expiration
expiry-date="Sun, 20 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ce_sharpen%2Ch_174%2Cw_300%2Cc_fill%2Cg_xy_center%2Cx_520%2Cy_312/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0bd0a4632b93e3d54b764346603bad5a.png
content-length
14588
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 20 May 2021 10:39:11 GMT
server
nginx
x-timer
S1623246080.375502,VS0,VE0
etag
"5e1a4f6084891656e07013b4b1aa6cca"
x-served-by
cache-wdc5542-WDC, cache-dca17763-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 34
recommendations.notify-available
api.taboola.com/2.0/json/msn-msn/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__01b67a2c1d9bcc25abfee303874bf287__%7E%7EV1%7E%7E-8211158361712341362%7E%7ECW8tfs6r1aUIUF7sNMpu48dKHC05shCFcmq_IaZLPy7TxvAnL2wqac4MyzR7uD46gj3kUkbS3FhelBtnsiJV6MhkDZRZzzIqDobN6rWmCPA3hYz5D3PLat6nhIftiT1lwdxwdlxkeV_Mfb3eos_TQY_47-dScYkYX2hGhBBDr9aWSDfWTDFEE86NMSAajRROm_Ls05YHGv8nuZAECeAkTWIamSH9IkO9vNeguYbmnXoeSQS5zyjAhLoHC1QcuAg373m1_fecBTP5OJiI9sVcGm9gA5HiaxXfyWuPJwtCoIJbNX6kTNDFzkD4wgJBHCC7jrOGv-6iDoYLvQ6osB3pEQ__text&response.session=v2_a427b9b076c25499c0ad8ee3745cc0c9_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.385601,VS0,VE68
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=river&i=8&p=AR&l=en-us&d=taboola&b=chrome&a=d76ad4da-61f6-4e8a-896b-dcbd5665ccf7&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: A6A961C0D204415B8AEED0B229CF6BEC Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7e18965968588d369ff71482f9d741d2.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7e18965968588d369ff71482f9d741d2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0d9cd9d8b63983df144296a348ea04571d900006a535200beb50095a1003d8b

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
2330830
edge-cache-tag
442679334032518265697001918088969556394,330487374713449083913600243733399609754,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
41
expiration
expiry-date="Thu, 27 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F7e18965968588d369ff71482f9d741d2.jpg
content-length
17882
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Mon, 26 Apr 2021 12:49:26 GMT
server
nginx
x-timer
S1623246080.412100,VS0,VE0
etag
"84fdfd2e341caaa5a7f0d5dc6e0ea282"
x-served-by
cache-wdc5525-WDC, cache-dca17767-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 6
recommendations.notify-available
api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__d1bb0690905f3d481107431087caf0fb__%7E%7EV1%7E%7E-7806901504500323677%7E%7E7JWSDuUlmNebcVZ-Jrbe7xIl20DlidnxTM9Pxn3-1l8ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5GLEjZVva6O3kOtxfbu5pXcXIwPYCQfMxiclIxpsTLssxTGC9t5u8F0jVRl4yMfFE2nGhXtp8os0zbg0c5Wootm2zUHlLrFDZpENbF_UoaAOKod54wEZN3vxYATtpVUUOTS8Maux2jWC1gRU3nx5A7qkc7SHCD_JRK_65Mrx0yJ4__text&response.session=v2_a427b9b076c25499c0ad8ee3745cc0c9_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.408009,VS0,VE67
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=river&i=9&p=AR&l=en-us&d=taboola&b=chrome&a=61b6108c-dd58-4556-a22e-e3ed4792f009&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 3E5C489ED7FF439D82AEF775B53D951F Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F098cc8dc3b75a3210da46f2b2dfaf648.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F098cc8dc3b75a3210da46f2b2dfaf648.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2328b146550518c58f953ea7397ae25fcc1aa0b8d11b77ac1f4b9074731d43f3

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
1961083
edge-cache-tag
399472690686903259978617279248094438988,330487374713449083913600243733399609754,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
35
expiration
expiry-date="Fri, 21 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F098cc8dc3b75a3210da46f2b2dfaf648.jpg
content-length
13940
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Tue, 20 Apr 2021 09:32:31 GMT
server
nginx
x-timer
S1623246080.429994,VS0,VE0
etag
"498e1e63ac0e6aee7e857a85d024c339"
x-served-by
cache-wdc5566-WDC, cache-dca12927-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 47
recommendations.notify-available
api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__1357c16e67e13a1b94819c031bee2d75__%7E%7EV1%7E%7E-2493346659444091800%7E%7E5cRmjEarSSnP7KrvtkzXzkbb_bXvmGroua3m7V1qG-IndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5utvsteGkWApZRJ-MREFSC8XIwPYCQfMxiclIxpsTLssxTGC9t5u8F0jVRl4yMfFE_CGuNjY7HCKPrHfkH23ioHH-KK_FYYE9bg70W6oY_ulDrbLnOWsBU4SLqxvDS7pFSpSX2v6KX_Nn_h-pXfP-Tg__text&response.session=v2_a427b9b076c25499c0ad8ee3745cc0c9_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
70
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.431894,VS0,VE70
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=river&i=10&p=AR&l=en-us&d=taboola&b=chrome&a=cba99629-f5a6-4b6b-8bc3-7f0d92f77dd2&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 48CA28BFB3A44FCCBA7EBFB832238368 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2FGETTY_IMAGES%2FFKF%2F1210751934__Brw20rA3.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2FGETTY_IMAGES%2FFKF%2F1210751934__Brw20rA3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8dcf0756d0be0420a4c29b76e18f620b54542d15e3e912f095a5d1a22821004c

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
84648
edge-cache-tag
572124047742307751580543777694583173369,330487374713449083913600243733399609754,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
617
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2FGETTY_IMAGES%2FFKF%2F1210751934__Brw20rA3.jpg
content-length
4496
x-request-id
7e24c91f6f7221ea85a84f4ec8b5d8c4
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Tue, 08 Jun 2021 08:18:16 GMT
server
nginx
x-timer
S1623246080.437382,VS0,VE0
etag
"a4e4f41967ac54b02b9894071f04e33f"
x-served-by
cache-wdc5535-WDC, cache-dca17738-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 56
recommendations.notify-available
api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__3fdbc2625905665902f843b75c63f0e4__%7E%7EV1%7E%7E6645477696630118017%7E%7EEvEVnh9BfaRQcABGRkLfKBGFamNjZpBhFYpJJDggaBwndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5atD_G_J6_A5oRie8JLu_lsXIwPYCQfMxiclIxpsTLssxTGC9t5u8F0jVRl4yMfFE2nGhXtp8os0zbg0c5WoothqyZ0gjxtL2Q19uWthZUSWq5Gb9z2J7o7QBv1ha-x7yTS8Maux2jWC1gRU3nx5A7qkc7SHCD_JRK_65Mrx0yJ4__text&response.session=v2_a427b9b076c25499c0ad8ee3745cc0c9_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.468670,VS0,VE68
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=river&i=11&p=AR&l=en-us&d=taboola&b=chrome&a=6a7bc037-83e6-4cf1-a2b0-b9bc0ae0fecf&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 8FBE583E134D40B3AFD42DD9ECB9E3EA Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fd51610569c028ecd0f7e0984d41ce66e.jpeg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fd51610569c028ecd0f7e0984d41ce66e.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ba02696d56ebed69ea5a4cca1ab2934c744d01b7052c91728caad1d25c45b5a6

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
2694368
edge-cache-tag
442100632221278281423910297207315422644,330487374713449083913600243733399609754,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
21
expiration
expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fd51610569c028ecd0f7e0984d41ce66e.jpeg
content-length
10116
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Thu, 15 Apr 2021 12:32:30 GMT
server
nginx
x-timer
S1623246080.474349,VS0,VE0
etag
"c7b1c54f6fad38a839b2010d88acbdaf"
x-served-by
cache-wdc5543-WDC, cache-dca17729-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 293
recommendations.notify-available
api.taboola.com/2.0/json/msn-msn/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__16ca356744c6c8357623c679ff084238__%7E%7EV1%7E%7E7900566326879359977%7E%7EQi1QhS_xvn1N8d7Mo5tfrmQqWeeuz9tzuoQQstqfT30ndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5zPKi0rkJ8gw-MU5DsnQGzMXIwPYCQfMxiclIxpsTLssxTGC9t5u8F0jVRl4yMfFE2nGhXtp8os0zbg0c5WootsbcpjFMGyNReVDSAa8s4ER5sdhwp2BOULhWsBqcWsBlAwDpoRPHfAb8Tnqg7Q7V8g__text&response.session=v2_a427b9b076c25499c0ad8ee3745cc0c9_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.495302,VS0,VE68
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=river&i=17&p=AR&l=en-us&d=taboola&b=chrome&a=74c44ae1-0cfe-4ec8-8649-ff518c566dba&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 58F6AA08F0D04CDDADAA467E003E52A2 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
a40e58b41c6b4d7e8efd66ff7d64237e
i.liadm.com/s/e/64716/0/
Redirect Chain
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=298EA637D5906C90390EB666D4896D91
  • https://i.liadm.com/s/32441?bidder_id=88068&bidder_uuid=298EA637D5906C90390EB666D4896D91&_li_chk=true&previous_uuid=342769543494400d84f43d9016c66311
  • https://i.liadm.com/s/64716?bidder_id=88068&bidder_uuid=298EA637D5906C90390EB666D4896D91&previous_uuid=40a0efb1d0754c58b5ed35ec093d279c
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F64716%2F0%2Fa40e58b41c6b4d7e8efd66ff7d64237e%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&34276954-3494-400d-84f4-3d90...
  • https://i.liadm.com/s/e/64716/0/a40e58b41c6b4d7e8efd66ff7d64237e?mpid=7156&muid=121960c0-c501-4400-a550-6a9cab1116c0
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/64716/0/a40e58b41c6b4d7e8efd66ff7d64237e?mpid=7156&muid=121960c0-c501-4400-a550-6a9cab1116c0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.158.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:22 GMT
Cache-Control
no-store
Connection
keep-alive
trace-id
dd47c3d4d3c43a47
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Wed, 09 Jun 2021 13:41:14 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x10
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/64716/0/a40e58b41c6b4d7e8efd66ff7d64237e?mpid=7156&muid=121960c0-c501-4400-a550-6a9cab1116c0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 09 Jun 2021 13:41:13 GMT
mw
mwzeom.zeotap.com/ 		95 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1412&env=mWeb&cid=8a707f9619148686bc9a35fb2acf8dd05d2f733bc75ce686850f2acf5ec3fc84&gdpr=$0&gdpr_consent=$
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.msn.com
access-control-allow-credentials
true
cf-ray
65cac6e199b34e4a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0a929aa10100004e4a9d91b000000001
6.gif
id5-sync.com/c/464/108/2/
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=298EA637D5906C90390EB666D4896D91&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
  • https://id5-sync.com/c/464/464/7/1.gif?puid=298EA637D5906C90390EB666D4896D91&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOF7LcDVKAgZlj-yc0HvrQbmke3gkqU9AiIL4kHw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOF7LcDVKAgZlj-yc0HvrQbmke3gkqU9AiIL4kHw&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=ab0eaae1-d4e8-4fa2-a3f7-fbb5cbc48fdc&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEM3his7jkntjoAptc6YaejU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=3744072739603064518&opid=apx&ops=&utidl=tech:goo:CAESEM3his7jkntjoAptc6YaejU&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A17989292236&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/4/4.gif?puid=cdeb0c89d9262c1969874f208e42e0ba&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F101%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/464/101/3/5.gif?puid=152e2be3-9416-48ae-8e93-3074c5076c7a&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F2%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/464/108/2/6.gif?puid=421d7390-8c4c-4c27-a5bb-9793cd82f629&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/108/2/6.gif?puid=421d7390-8c4c-4c27-a5bb-9793cd82f629&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.22 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:24 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

date
Wed, 09 Jun 2021 13:41:24 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://id5-sync.com/c/464/108/2/6.gif?puid=421d7390-8c4c-4c27-a5bb-9793cd82f629&gdpr=1&gdpr_consent=
alt-svc
clear
content-length
0
recommendations.notify-available
api.taboola.com/2.0/json/msn-msn/ 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__376b2ebd4ade761aac2c934b8db9e59a__%7E%7EV1%7E%7E-1823263583740563646%7E%7EDYXqp9efLUEnmMXjnGeobDvtgo5Q9O7knYdIVvRTJyMndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5ElEkTGUYy8xZRFcyoQ_U6ltsYRUjQ3xF8YPU2NpCKB2MPydLS265bsOcGPeGUTTmHDmMgxuwoNGIzcwsUIITMONpHwrry4pwM9qCS37e8jGMrx2dv6hsMHqcwd3JedY-335JyUpoDQWuuLi1-DNuCi3F2jrRWozNT_OJR70pbbI__text&response.session=v2_c8a21e1be4feead5204ceee401f93e80_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
69
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246081.514441,VS0,VE69
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=rightrail&i=1&p=AR&l=en-us&d=taboola&b=chrome&a=baa98adb-6642-43ca-8cb2-01fd71717d6f&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: 8CA77731F34F4F6AADF86AB961D400A6 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_157%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_157%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a6a80dc73db1fe1429738c0897d6201a499fb015e7cd8cbe41119bf4cbed06ca

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
2401844
edge-cache-tag
459545075077583750733979546071949555144,580692108560333385274195364442361290119,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
38
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_157%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
content-length
12010
x-request-id
7b017483fd8f1cbfccc71c52dc05bdd7
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Sat, 17 Apr 2021 14:55:39 GMT
server
nginx
x-timer
S1623246080.281273,VS0,VE1
etag
"82bb48ce49e9d98137de6e948e40c410"
x-served-by
cache-wdc5521-WDC, cache-dca17722-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 3B54
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1392e92d-d5cc-45b6-a2b3-6b94b01568b0
0
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1392e92d-d5cc-45b6-a2b3-6b94b01568b0
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7994267&crid=5083905&dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&cmcv=&pix=undefined&cb=1623246080157&uv=2979&tms=1623246080157&abt=206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm!ul2981_vB&ft=0&unm=MSN_WIDGET&aure=false&cirid=7BA18A6CE2647447271543125220&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.392034,VS0,VE68
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19142-FRA

Redirect headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1392e92d-d5cc-45b6-a2b3-6b94b01568b0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 3B54
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f98f277-c928-11eb-ab12-16821cb20106&orig=video&us_privacy=1---
0
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f98f277-c928-11eb-ab12-16821cb20106&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7994267&crid=5083905&dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&cmcv=&pix=undefined&cb=1623246080157&uv=2979&tms=1623246080157&abt=206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm!ul2981_vB&ft=0&unm=MSN_WIDGET&aure=false&cirid=7BA18A6CE2647447271543125220&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Wed, 09 Jun 2021 13:41:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21319

Redirect headers

Date
Wed, 09 Jun 2021 13:41:20 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5f98f277-c928-11eb-ab12-16821cb20106&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
130
Connection
keep-alive
Content-Length
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 3B54
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://prod.perf-serving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=d140949b-4c56-490b-b3ab-5deec8afcbcd&ssp=taboola&user_group=1
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7994267&crid=5083905&dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&cmcv=&pix=undefined&cb=1623246080157&uv=2979&tms=1623246080157&abt=206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm!ul2981_vB&ft=0&unm=MSN_WIDGET&aure=false&cirid=7BA18A6CE2647447271543125220&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Wed, 09 Jun 2021 13:41:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25921

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
date
Wed, 09 Jun 2021 13:41:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame 3B54
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7994267&crid=5083905&dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&cmcv=&pix=undefined&cb=1623246080157&uv=2979&tms=1623246080157&abt=206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm!ul2981_vB&ft=0&unm=MSN_WIDGET&aure=false&cirid=7BA18A6CE2647447271543125220&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Wed, 09 Jun 2021 13:41:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24435

Redirect headers

location
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
date
Wed, 09 Jun 2021 13:41:22 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cmTagMSN_WIDGET.js
vidstat.taboola.com/vpaid/units/29_7_9/infra/ 		629 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/29_7_9/infra/cmTagMSN_WIDGET.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitMSNWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
41351041d1088d7ac82034138d644e3e53f9d15ba838e19d792260a59d5d152e

Request headers

Origin
https://www.msn.com
Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
age
362085
x-amz-meta-mtime
1622883892
x-cache
HIT
x-amz-meta-ctime
1622883893
x-amz-meta-mode
33188
content-encoding
br
content-length
108887
x-amz-id-2
uNBMUWB0N4mQGsnvI+ovK+DV0YSFEj84RruqhRL//b3j2yZcZwn3CLi/7U1yXiPfkYzugbu+bzY=
x-served-by
cache-fra19149-FRA
accept-ranges
bytes
last-modified
Sat, 05 Jun 2021 09:04:54 GMT
server
AmazonS3-br
x-timer
S1623246081.883987,VS0,VE0
etag
"04b2d70bab2e2ad1ea469d3e7a7ef049"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
8AM5STAD5JCTG13K
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
4536
cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_7_9/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/29_7_9/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitMSNWidgetDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
age
362092
x-amz-meta-mtime
1622883923
x-cache
HIT
x-amz-meta-ctime
1622883923
x-amz-meta-mode
33188
content-encoding
br
content-length
7948
x-amz-id-2
yi+Vk4LXtReeGZN0rcktH7alUIA+XLUc8lK59XLTOpPC5M4+X7ZTe6yRUNGxL2dyasPCa5jR2Ko=
x-served-by
cache-fra19142-FRA
accept-ranges
bytes
last-modified
Sat, 05 Jun 2021 09:05:24 GMT
server
AmazonS3-br
x-timer
S1623246080.303788,VS0,VE0
etag
"ab667f7a75f0ca28449b3d4701aa479a"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
VGCBW86EVS8D166J
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
23519
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame D150
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0481c791-e84c-41c7-988c-84a32359c929
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0481c791-e84c-41c7-988c-84a32359c929
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
68
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.439555,VS0,VE68
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19142-FRA

Redirect headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=0481c791-e84c-41c7-988c-84a32359c929
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame D150
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=0&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5fa0056d-c928-11eb-9a90-197e22df0206&orig=video&us_privacy=1---
0
256 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5fa0056d-c928-11eb-9a90-197e22df0206&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Wed, 09 Jun 2021 13:41:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
21299

Redirect headers

Date
Wed, 09 Jun 2021 13:41:20 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=5fa0056d-c928-11eb-9a90-197e22df0206&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
20
Connection
keep-alive
Content-Length
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame D150
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtaboola%26expires%3D30%26user_group%3D%24%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=63e61b10-eae7-52a0-a3ad-9d6ac36d586b&ssp=taboola&expires=30&user_group=1
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Wed, 09 Jun 2021 13:41:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24809

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
date
Wed, 09 Jun 2021 13:41:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame D150
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Wed, 09 Jun 2021 13:41:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24435

Redirect headers

location
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
date
Wed, 09 Jun 2021 13:41:22 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.img-taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
Requested by
Host: static-entertainment-neu-s-msn-com.akamaized.net
URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d1adbe375408e8f71e3b625e432e5a700f9adc4bf75ec475862314390d85c36c

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish, 1.1 varnish
age
1665091
edge-cache-tag
459545075077583750733979546071949555144,330487374713449083913600243733399609754,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
47
expiration
expiry-date="Tue, 25 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_174%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F97aea6d47cd9fd5b65929ca6d7391583.jpg
content-length
12424
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Sat, 24 Apr 2021 17:27:40 GMT
server
nginx
x-timer
S1623246080.432843,VS0,VE0
etag
"ffce95fb71ea333ed60f90033c4e76ba"
x-served-by
cache-wdc5542-WDC, cache-dca17734-DCA, cache-hhn11552-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 18
/
cds.taboola.com/ 		0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cds.taboola.com/?uid=298EA637D5906C90390EB666D4896D91&_r=5570100
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 09 Jun 2021 13:41:21 GMT
Cache-Control
no-store
Server
nginx
Connection
close
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1392e92d-d5cc-45b6-a2b3-6b94b01568b0
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1392e92d-d5cc-45b6-a2b3-6b94b01568b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246080.495262,VS0,VE67
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19142-FRA

Redirect headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=1392e92d-d5cc-45b6-a2b3-6b94b01568b0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
recommendations.notify-available
api.taboola.com/2.0/json/msn-msn/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-available?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__c132d9d083706f390812ca8e4b8bbb22__%7E%7EV1%7E%7E-1823263583740563646%7E%7EXUCTxrWz_RDirfwuMY1eVjvtgo5Q9O7knYdIVvRTJyMndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5HeyC5v5IQ7LYwb2ZDVNt5FtsYRUjQ3xF8YPU2NpCKB2MPydLS265bsOcGPeGUTTmHDmMgxuwoNGIzcwsUIITMONpHwrry4pwM9qCS37e8jGMrx2dv6hsMHqcwd3JedY-335JyUpoDQWuuLi1-DNuCi3F2jrRWozNT_OJR70pbbI__text&response.session=v2_58b5284de15737a41fc3b4c70b455518_298EA637D5906C90390EB666D4896D91_1623246080_1623246080_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
67
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246081.577906,VS0,VE67
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
served
srtb.msn.com/notify/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/served?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=river&i=22&p=AR&l=en-us&d=taboola&b=chrome&a=73c0ba3e-d047-4bb1-8e4d-08625a2b0c1b&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: BD36B20B414C4EAEA4B37A3F58ECFDA8 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
recommendations.notify-visible
api.taboola.com/2.0/json/msn-msn/ 		0
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.taboola.com/2.0/json/msn-msn/recommendations.notify-visible?app.type=desktop&app.apikey=69629143827c91b118c7e0dc9f2a4eb0059feae9&response.id=__905f307554b4bc501170664debef1994__376b2ebd4ade761aac2c934b8db9e59a__%7E%7EV1%7E%7E-1823263583740563646%7E%7EDYXqp9efLUEnmMXjnGeobDvtgo5Q9O7knYdIVvRTJyMndpXq_nTToVci-tV_1bYyPVPbFHdycXfyr1VxmozLcV7JbGFbjtizQN29Zpin8p1JlawpbYFtoRw_FVSAoDPy8yoVX_ZV1DUzrU9mgEqIxVpt34vkyVLCqQj-j_6Ik-WFwt9_72reDSrMsTKuuUo5ElEkTGUYy8xZRFcyoQ_U6ltsYRUjQ3xF8YPU2NpCKB2MPydLS265bsOcGPeGUTTmHDmMgxuwoNGIzcwsUIITMONpHwrry4pwM9qCS37e8jGMrx2dv6hsMHqcwd3JedY-335JyUpoDQWuuLi1-DNuCi3F2jrRWozNT_OJR70pbbI__text&response.session=v2_c8a21e1be4feead5204ceee401f93e80_298EA637D5906C90390EB666D4896D91_1623246079_1623246079_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B&view.external-id=aadb0927f1a94e7f8b1298ed05eeff6b&ppb=CP8F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
69
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
via
1.1 varnish
server
nginx
x-timer
S1623246081.603805,VS0,VE69
x-served-by
cache-fra19142-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
viewed
srtb.msn.com/notify/ 		0
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srtb.msn.com/notify/viewed?rid=aadb0927f1a94e7f8b1298ed05eeff6b&r=rightrail&i=1&p=AR&l=en-us&d=taboola&b=chrome&a=baa98adb-6642-43ca-8cb2-01fd71717d6f&ii=1&c=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-content-type-options
nosniff
x-msedge-ref
Ref A: D9B52831F9844A2EBAAA5D7BD207ABC2 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-cache
CONFIG_NOCACHE
content-type
image/gif
cache-control
no-cache
expires
-1
reactions
api.msn.com/community/comments/13cfd13c-314d-4bf7-8c41-5c39328f71d4/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/13cfd13c-314d-4bf7-8c41-5c39328f71d4/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
x-fd-features
vebudumu04302020,1s-winblis,prg-adspeek,prg-sync-wea2
x-fd-detection-corpnet
0
x-fd-flight
1ilc=vebudumu04302020,2jii=1s-winblis,2ml4=prg-adspeek,2nv2=prg-sync-wea2
x-activity-id
7C51321731CE492995945348EBEBBBC7
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 7C51321731CE492995945348EBEBBBC7 Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:20Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
reactions
api.msn.com/community/comments/6cdc84a8-d4b1-4876-8835-4b549abf4e74/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/6cdc84a8-d4b1-4876-8835-4b549abf4e74/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
x-fd-features
vebudumu04302020,1s-winblis,prg-adspeek,prg-sync-wea2
x-fd-detection-corpnet
0
x-fd-flight
1ilc=vebudumu04302020,2jii=1s-winblis,2ml4=prg-adspeek,2nv2=prg-sync-wea2
x-activity-id
AFFFE2E5088546A19D73932D37DF3DFA
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: AFFFE2E5088546A19D73932D37DF3DFA Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:20Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
reactions
api.msn.com/community/comments/a526cc58-dfd7-4a4b-a519-1b42c1394bea/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/a526cc58-dfd7-4a4b-a519-1b42c1394bea/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
x-fd-features
vebudumu04302020,1s-winblis,prg-adspeek,prg-sync-wea2
x-fd-detection-corpnet
0
x-fd-flight
1ilc=vebudumu04302020,2jii=1s-winblis,2ml4=prg-adspeek,2nv2=prg-sync-wea2
x-activity-id
406076D5C66A487CA52DAFE6B77E0774
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 406076D5C66A487CA52DAFE6B77E0774 Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:20Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
reactions
api.msn.com/community/comments/fe650fc0-416f-4439-8d40-15e5529131f8/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/fe650fc0-416f-4439-8d40-15e5529131f8/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
x-fd-features
vebudumu04302020,1s-winblis,prg-adspeek,prg-sync-wea2
x-fd-detection-corpnet
0
x-fd-flight
1ilc=vebudumu04302020,2jii=1s-winblis,2ml4=prg-adspeek,2nv2=prg-sync-wea2
x-activity-id
A8996B1258604A2EA6FD11C53552A349
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: A8996B1258604A2EA6FD11C53552A349 Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:20Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
reactions
api.msn.com/community/comments/ac2f69fa-4d3e-4ecc-9d06-1ae9ec611553/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/ac2f69fa-4d3e-4ecc-9d06-1ae9ec611553/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
x-fd-features
vebudumu04302020,1s-winblis,prg-adspeek,prg-sync-wea2
x-fd-detection-corpnet
0
x-fd-flight
1ilc=vebudumu04302020,2jii=1s-winblis,2ml4=prg-adspeek,2nv2=prg-sync-wea2
x-activity-id
04E768B59A8245D4819307FB175FC340
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 04E768B59A8245D4819307FB175FC340 Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:20Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
reactions
api.msn.com/community/comments/13cfd13c-314d-4bf7-8c41-5c39328f71d4/ 		752 B
962 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/13cfd13c-314d-4bf7-8c41-5c39328f71d4/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
57a92139059365f69012d412532e32dff7e6a2e61b921e1ff75412b538c2983a

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:21 GMT
servertoserverauth
False
ddd-activityid
10facb6b-8e81-4f9a-a5ce-2c777e26ec29
x-msedge-ref
Ref A: 0FB1EDE88ED840A581A2BB94E48B7CD3 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
ddd-strategyexecutionlatency
00:00:00.0716872
x-cache
CONFIG_NOCACHE
x-activity-id
0FB1EDE88ED840A581A2BB94E48B7CD3
content-length
752
x-fd-flight
muidflt26=muidflt26cf,muidflt49=muidflt49cf,muidflt259=muidflt259cf,muidflt261=muidflt261cf,muidflt314=muidflt314cf,mmxandroid1=mmxandroid1cf,startedge3=startedge3cf,starthp1=starthp1cf,moneyhp2=moneyhp2cf,platagyhz2=platagyhz2cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,1kbh=bbh20200521msn,msnsports2=msnsports2cf,wfeedsmuid4=is-uiprc,csmoney3=csmoney3cf,2jii=1s-winblis,2lxx=1s-bliscontrolw,2ml4=prg-adspeek,2nv2=prg-sync-wea2,csmoney7=csmoney7cf
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-credentials
true
x-msedge-responseinfo
72
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
onewebservicelatency
72
reactions
api.msn.com/community/comments/6cdc84a8-d4b1-4876-8835-4b549abf4e74/ 		727 B
922 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/6cdc84a8-d4b1-4876-8835-4b549abf4e74/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
301422456b2a16379c60c192eca92462aaedc20b1b5c8af5ffa353667681c160

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
servertoserverauth
False
ddd-activityid
14678684-4ee1-450c-aa88-feed78beb212
x-msedge-ref
Ref A: F579FD58A99A401E94B16BD420D83FA4 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
ddd-strategyexecutionlatency
00:00:00.0145576
x-cache
CONFIG_NOCACHE
x-activity-id
F579FD58A99A401E94B16BD420D83FA4
content-length
727
x-fd-flight
muidflt26=muidflt26cf,muidflt49=muidflt49cf,muidflt259=muidflt259cf,muidflt261=muidflt261cf,muidflt314=muidflt314cf,mmxandroid1=mmxandroid1cf,startedge3=startedge3cf,starthp1=starthp1cf,moneyhp2=moneyhp2cf,platagyhz2=platagyhz2cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,1kbh=bbh20200521msn,msnsports2=msnsports2cf,wfeedsmuid4=is-uiprc,csmoney3=csmoney3cf,2jii=1s-winblis,2lxx=1s-bliscontrolw,2ml4=prg-adspeek,2nv2=prg-sync-wea2,csmoney7=csmoney7cf
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-credentials
true
x-msedge-responseinfo
15
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
onewebservicelatency
15
reactions
api.msn.com/community/comments/a526cc58-dfd7-4a4b-a519-1b42c1394bea/ 		835 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/a526cc58-dfd7-4a4b-a519-1b42c1394bea/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
be8f3bbf69c27a7aa24528e97090ff0e16c79a565b995e2c4601165ed744427d

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
servertoserverauth
False
ddd-activityid
4a94f5a4-ebaf-41d4-8df6-c18749cb97c2
x-msedge-ref
Ref A: CE826C518BC4435EBBE517CE16444DA2 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
ddd-strategyexecutionlatency
00:00:00.0804825
x-cache
CONFIG_NOCACHE
x-activity-id
CE826C518BC4435EBBE517CE16444DA2
content-length
835
x-fd-flight
muidflt26=muidflt26cf,muidflt49=muidflt49cf,muidflt259=muidflt259cf,muidflt261=muidflt261cf,muidflt314=muidflt314cf,mmxandroid1=mmxandroid1cf,startedge3=startedge3cf,starthp1=starthp1cf,moneyhp2=moneyhp2cf,platagyhz2=platagyhz2cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,1kbh=bbh20200521msn,msnsports2=msnsports2cf,wfeedsmuid4=is-uiprc,csmoney3=csmoney3cf,2jii=1s-winblis,2lxx=1s-bliscontrolw,2ml4=prg-adspeek,2nv2=prg-sync-wea2,csmoney7=csmoney7cf
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-credentials
true
x-msedge-responseinfo
81
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
onewebservicelatency
81
reactions
api.msn.com/community/comments/fe650fc0-416f-4439-8d40-15e5529131f8/ 		695 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/fe650fc0-416f-4439-8d40-15e5529131f8/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
498aa1452a539a07a3e24a1a32cd0b28e7fe0810f06c5dd5d5980d205c270685

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:21 GMT
servertoserverauth
False
ddd-activityid
3eef8246-9565-4762-816a-c02d1995590e
x-msedge-ref
Ref A: 6B30528DD7FD4B4BA6664F1572B6FC70 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
ddd-strategyexecutionlatency
00:00:00.0741873
x-cache
CONFIG_NOCACHE
x-activity-id
6B30528DD7FD4B4BA6664F1572B6FC70
content-length
695
x-fd-flight
muidflt26=muidflt26cf,muidflt49=muidflt49cf,muidflt259=muidflt259cf,muidflt261=muidflt261cf,muidflt314=muidflt314cf,mmxandroid1=mmxandroid1cf,startedge3=startedge3cf,starthp1=starthp1cf,moneyhp2=moneyhp2cf,platagyhz2=platagyhz2cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,1kbh=bbh20200521msn,msnsports2=msnsports2cf,wfeedsmuid4=is-uiprc,csmoney3=csmoney3cf,2jii=1s-winblis,2lxx=1s-bliscontrolw,2ml4=prg-adspeek,2nv2=prg-sync-wea2,csmoney7=csmoney7cf
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-credentials
true
x-msedge-responseinfo
74
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
onewebservicelatency
74
reactions
api.msn.com/community/comments/ac2f69fa-4d3e-4ecc-9d06-1ae9ec611553/ 		764 B
959 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/ac2f69fa-4d3e-4ecc-9d06-1ae9ec611553/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
60c26a989f53c09c99fd826d57163966d02f8ee5b0323daca0af62a754a892b4

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:21 GMT
servertoserverauth
False
ddd-activityid
8f5c2093-434b-49a5-b159-e350fc845fcd
x-msedge-ref
Ref A: 5E1C6207A15E4D7CB8481CCB5E6B1331 Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
ddd-strategyexecutionlatency
00:00:00.0728063
x-cache
CONFIG_NOCACHE
x-activity-id
5E1C6207A15E4D7CB8481CCB5E6B1331
content-length
764
x-fd-flight
muidflt26=muidflt26cf,muidflt49=muidflt49cf,muidflt259=muidflt259cf,muidflt261=muidflt261cf,muidflt314=muidflt314cf,mmxandroid1=mmxandroid1cf,startedge3=startedge3cf,starthp1=starthp1cf,moneyhp2=moneyhp2cf,platagyhz2=platagyhz2cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,1kbh=bbh20200521msn,msnsports2=msnsports2cf,wfeedsmuid4=is-uiprc,csmoney3=csmoney3cf,2jii=1s-winblis,2lxx=1s-bliscontrolw,2ml4=prg-adspeek,2nv2=prg-sync-wea2,csmoney7=csmoney7cf
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-credentials
true
x-msedge-responseinfo
73
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
onewebservicelatency
73
reactions
api.msn.com/community/comments/082d5416-9e03-4661-8baa-33ba9b4c85d7/ 		597 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/082d5416-9e03-4661-8baa-33ba9b4c85d7/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Requested by
Host: assets.msn.com
URL: https://assets.msn.com/bundles/v1/hybrid/latest/social/social.acdc28fcc2614815ff15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash
4e144ff1e360d13a844857beacf6f2f08e985b043d43ff2fb6df197489288a8c

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
servertoserverauth
False
ddd-activityid
8895e4cb-fc39-42a7-bfd9-7134c77b875a
x-msedge-ref
Ref A: 097E926CCA5347628AF2BD7349E30E4E Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
ddd-strategyexecutionlatency
00:00:00.0722447
x-cache
CONFIG_NOCACHE
x-activity-id
097E926CCA5347628AF2BD7349E30E4E
content-length
597
x-fd-flight
muidflt26=muidflt26cf,muidflt49=muidflt49cf,muidflt259=muidflt259cf,muidflt261=muidflt261cf,muidflt314=muidflt314cf,mmxandroid1=mmxandroid1cf,startedge3=startedge3cf,starthp1=starthp1cf,moneyhp2=moneyhp2cf,platagyhz2=platagyhz2cf,1dgi=1s-bing-news,1ilc=vebudumu04302020,1kbh=bbh20200521msn,msnsports2=msnsports2cf,wfeedsmuid4=is-uiprc,csmoney3=csmoney3cf,2jii=1s-winblis,2lxx=1s-bliscontrolw,2ml4=prg-adspeek,2nv2=prg-sync-wea2,csmoney7=csmoney7cf
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-credentials
true
x-msedge-responseinfo
72
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
onewebservicelatency
72
reactions
api.msn.com/community/comments/082d5416-9e03-4661-8baa-33ba9b4c85d7/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.msn.com/community/comments/082d5416-9e03-4661-8baa-33ba9b4c85d7/reactions?scn=MSNRPSAuth&wrapodata=false&fdhead=msnallexpusers%2Cmuidflt46cf%2Cmuidflt48cf%2Cmuidflt52cf%2Cmuidflt55cf%2Cmuidflt57cf%2Cstartedge2cf%2Caudexedge2cf%2Cpnehp2cf%2Caudexhp2cf%2Cbingcollabhp1cf%2Cbingcollabhp2cf%2Ccompliancehp1cf%2Cstarthz1cf%2Cartgly1cf%2Cartgly4cf%2Conetrustpoplive%2C1s-bing-news%2Cvebudumu04302020%2Cbbh20200521msn%2Cmsnsports3cf%2Cweather4cf%2Cprg-1sw-halfbtn%2C1s-winblis%2C1s-winblisp1%2Cprg-adspeek%2Cprg-sync-wea2%2Ccsmoney7cf
Protocol
H2
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
access-control-allow-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
access-control-allow-methods
PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-origin
https://www.msn.com
access-control-expose-headers
TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,SiteName,appid,User-Location,user-location,userauthtoken,usertickettype,Authorization,DDD-TMPL,DDD-ActivityId,DDD-Session-ID,Date,date
x-fd-features
vebudumu04302020,1s-winblis,prg-adspeek,prg-sync-wea2
x-fd-detection-corpnet
0
x-fd-flight
1ilc=vebudumu04302020,2jii=1s-winblis,2ml4=prg-adspeek,2nv2=prg-sync-wea2
x-activity-id
41924D0691E242E285DBC1809D778B8F
x-cache
CONFIG_NOCACHE
x-msedge-ref
Ref A: 41924D0691E242E285DBC1809D778B8F Ref B: WAW01EDGE0217 Ref C: 2021-06-09T13:41:20Z
date
Wed, 09 Jun 2021 13:41:19 GMT
content-length
0
c.gif
c.bing.com/ 		42 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=MSAOL_Video_pd&rid=aadb0927-f1a9-4e7f-8b12-98ed05eeff6b&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlepage&rf=&tp=https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
etag
"506f5bd17ad71:0"
last-modified
Tue, 23 Feb 2021 19:11:50 GMT
x-msedge-ref
Ref A: D29A11315CC6493681AF978F4011BCAD Ref B: FRAEDGE1321 Ref C: 2021-06-09T13:41:20Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
mapuid
m.adnxs.com/
Redirect Chain
  • https://c.bing.com/c.gif?Red3=MSAN_Video_pd&rid=aadb0927-f1a9-4e7f-8b12-98ed05eeff6b&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlepage&rf=&tp=https://www.msn.com/en-us/news/poli...
  • https://m.adnxs.com/seg?add=5159620&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D226%26user%3D349EFDC91FEF6E890EE6ED981E5D6FED%26redir%3Dhttps%253A%252F%252Fm.adnxs.com%252Fmapuid%253Fmember...
  • https://m.adnxs.com/mapuid?member=226&user=349EFDC91FEF6E890EE6ED981E5D6FED&redir=https%3A%2F%2Fm.adnxs.com%2Fmapuid%3Fmember%3D280%26user%3D349EFDC91FEF6E890EE6ED981E5D6FED
  • https://m.adnxs.com/mapuid?member=280&user=349EFDC91FEF6E890EE6ED981E5D6FED
43 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.adnxs.com/mapuid?member=280&user=349EFDC91FEF6E890EE6ED981E5D6FED
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:21 GMT
X-Proxy-Origin
217.138.209.52; 217.138.209.52; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid
57ec03eb-7c30-4fb4-b322-857fe34b6a02
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:21 GMT
X-Proxy-Origin
217.138.209.52; 217.138.209.52; 399.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.235:80
AN-X-Request-Uuid
83af3892-2bd9-45f8-8550-df2aaf1a891b
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://m.adnxs.com/mapuid?member=280&user=349EFDC91FEF6E890EE6ED981E5D6FED
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://c.bing.com/c.gif?Red3=MSDB_pd&rid=aadb0927-f1a9-4e7f-8b12-98ed05eeff6b&lang=en-us&dgk=tmx.pc.webkit.chrome.chrome76plus&imd=0&pn=articlepage&rf=&tp=https://www.msn.com/en-us/news/politics/t...
  • https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=349EFDC91FEF6E890EE6ED981E5D6FED&_rand=725327
43 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=349EFDC91FEF6E890EE6ED981E5D6FED&_rand=725327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.100.194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
65cac6e53a2100be-AMS
content-length
43
cf-request-id
0a929aa345000000be3a975000000001

Redirect headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-msedge-ref
Ref A: 30CB20315E484DAD999C3D02E40EDC51 Ref B: FRAEDGE1321 Ref C: 2021-06-09T13:41:20Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://p.adsymptotic.com/d/px/?_pid=16260&_psign=6d07ddceadb9e4c1d162077d30dfee70&_puuid=349EFDC91FEF6E890EE6ED981E5D6FED&_rand=725327
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
349EFDC91FEF6E890EE6ED981E5D6FED
pr-bh.ybp.yahoo.com/sync/msn/
Redirect Chain
  • https://c.bing.com/c.gif?Red3=MSOATH_pd
  • https://pr-bh.ybp.yahoo.com/sync/msn/349EFDC91FEF6E890EE6ED981E5D6FED
43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/msn/349EFDC91FEF6E890EE6ED981E5D6FED
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:20 GMT
x-msedge-ref
Ref A: 481A4A9F0DE040ECA3235309062CFCA5 Ref B: FRAEDGE1321 Ref C: 2021-06-09T13:41:20Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://pr-bh.ybp.yahoo.com/sync/msn/349EFDC91FEF6E890EE6ED981E5D6FED
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
cksync.php
hbx.media.net/ 		45 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hbx.media.net/cksync.php?type=nms&cs=3&ovsid=298EA637D5906C90390EB666D4896D91
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 09 Jun 2021 13:41:23 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 09 Jun 2021 13:41:23 GMT
m
cm.mgid.com/
Redirect Chain
  • https://cm.mgid.com/m?cdsp=516415&c=298EA637D5906C90390EB666D4896D91&mode=inverse
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=mgid
  • https://x.bidswitch.net/sync?dsp_id=366&expires=14&user_id=&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=49201f79-6fe3-41b3-b7c1-17187e198c33&gdpr=&gdpr_consent=&us_privacy=
43 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=49201f79-6fe3-41b3-b7c1-17187e198c33&gdpr=&gdpr_consent=&us_privacy=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:24 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
ec77cbd6-f559-4938-8c65-3bc7e31cc0b9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
65cac6fabb5b4c8c-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a929ab0ae00004c8c6e888000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=49201f79-6fe3-41b3-b7c1-17187e198c33&gdpr=&gdpr_consent=&us_privacy=
date
Wed, 09 Jun 2021 13:41:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
dsajax
www.msn.com/en-us/news/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.msn.com/en-us/news/dsajax?workflow=ContentRecirculation&contentType=Related%3btrending&fvMode=1&mock=false&fafdh=flex_ar&fdhead=msnallexpusers%2cmuidflt46cf%2cmuidflt48cf%2cmuidflt52cf%2cmuidflt55cf%2cmuidflt57cf%2cstartedge2cf%2caudexedge2cf%2cpnehp2cf%2caudexhp2cf%2cbingcollabhp1cf%2cbingcollabhp2cf%2ccompliancehp1cf%2cstarthz1cf%2cartgly1cf%2cartgly4cf%2conetrustpoplive%2c1s-bing-news%2cvebudumu04302020%2cbbh20200521msn%2cmsnsports3cf%2cweather4cf%2cprg-1sw-halfbtn%2c1s-winblis%2c1s-winblisp1%2cprg-adspeek%2cprg-sync-wea2%2ccsmoney7cf&count=3&skip=3&promoRatio=0.25&contentId=AAKPSVY&startIndex=4&item=dynamic_rightrail_feed_mode_enabled:1&ver=20210608_21624174
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.203 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0003.a-msedge.net
Software
/ ASP.NET
Resource Hash
494e3dc6a4f1f8dd54ab4fc18bf30d1115474c307e940999e48442de79d52b58
Security Headers
Name Value
Content-Security-Policy default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
_SS=SID=00; _EDGE_S=F=1; _EDGE_V=1; MUID=298EA637D5906C90390EB666D4896D91; MC1=GUID=1ebdd420f6ef47d2981e69a9701427c9&HASH=1ebd&LV=202106&V=4&LU=1623246078771; MS0=5fdf5e894b8a44fba081e8fa97f9bc27; msaOptout=0; ecasession=v2_58b5284de15737a41fc3b4c70b455518_298EA637D5906C90390EB666D4896D91_1623246080_1623246080_CNawjgYQrrs-GIHn1pK_7p3UtwEgASgFMK4BOO6oDEDo8StI3onaA1D___________8BWABgAGixr-m1yv33zq0B
:path
/en-us/news/dsajax?workflow=ContentRecirculation&contentType=Related%3btrending&fvMode=1&mock=false&fafdh=flex_ar&fdhead=msnallexpusers%2cmuidflt46cf%2cmuidflt48cf%2cmuidflt52cf%2cmuidflt55cf%2cmuidflt57cf%2cstartedge2cf%2caudexedge2cf%2cpnehp2cf%2caudexhp2cf%2cbingcollabhp1cf%2cbingcollabhp2cf%2ccompliancehp1cf%2cstarthz1cf%2cartgly1cf%2cartgly4cf%2conetrustpoplive%2c1s-bing-news%2cvebudumu04302020%2cbbh20200521msn%2cmsnsports3cf%2cweather4cf%2cprg-1sw-halfbtn%2c1s-winblis%2c1s-winblisp1%2cprg-adspeek%2cprg-sync-wea2%2ccsmoney7cf&count=3&skip=3&promoRatio=0.25&contentId=AAKPSVY&startIndex=4&item=dynamic_rightrail_feed_mode_enabled:1&ver=20210608_21624174
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html, */*; q=0.01
cache-control
no-cache
:authority
www.msn.com
referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/html, */*; q=0.01
Referer
https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=1209600; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
x-activity-id
ffad7097-af2b-448d-bcef-2cda7803184d
vary
User-Agent
content-length
1173
x-xss-protection
1
x-ua-compatible
IE=Edge;chrome=1
pragma
no-cache
x-aspnetmvc-version
5.2
x-az
{did:94e2fb0a928b472cad8f07b58097c1b4, rid: 27, sn: neurope-prod-entertainment, dt: 2021-06-05T05:01:51.7147763Z, bt: 2021-06-08T00:13:25.3733084Z}
date
Wed, 09 Jun 2021 13:41:20 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, no-transform
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
content-security-policy
default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
x-msedge-ref
Ref A: FFAD7097AF2B448DBCEF2CDA7803184D Ref B: WAW01EDGE0213 Ref C: 2021-06-09T13:41:20Z
x-appversion
20210608_21624174
expires
-1
usync.html
eus.rubiconproject.com/ Frame 9430
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7994267&crid=5083905&dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&cmcv=&pix=undefined&cb=1623246080157&uv=2979&tms=1623246080157&abt=206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm!ul2981_vB&ft=0&unm=MSN_WIDGET&aure=false&cirid=7BA18A6CE2647447271543125220&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://imprammp.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://imprammp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Jun 2021 13:41:20 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Date
Wed, 09 Jun 2021 13:41:20 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.html
eus.rubiconproject.com/ Frame 848A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Jun 2021 13:41:20 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Date
Wed, 09 Jun 2021 13:41:20 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
e151e5.gif
static-entertainment-neu-s-msn-com.akamaized.net/sc/9b/ 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-entertainment-neu-s-msn-com.akamaized.net/sc/9b/e151e5.gif
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
92.122.213.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-122-213-234.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:20 GMT
Last-Modified
Wed, 19 Aug 2020 20:46:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"027c66976d61:0"
Access-Control-Allow-Methods
HEAD,GET,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=6342423
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
X-XSS-Protection
1
AAKMZzg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKMZzg.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa5520af6e2f84cb687fc383235acee510bf02b480483e8b0ea6ec826cc6c267
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
last-modified
Wed, 09 Jun 2021 12:55:19 GMT
x-datacenter
northeu
x-source-length
79123
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429181
x-activityid
dca0680e-92f3-4a42-8fc9-465d72a4392f
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKMZzg?h=174&w=300&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
6229
expires
Mon, 14 Jun 2021 12:54:21 GMT
async_usersync
ib.adnxs.com/ Frame 0AF4 		0
751 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:20 GMT
X-Proxy-Origin
217.138.209.52; 217.138.209.52; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.56:80
AN-X-Request-Uuid
bd9fc427-bc9e-40a7-9548-1cff601a5ef4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
AAKMZzg.img
img-s-msn-com.akamaized.net/tenant/amp/entityid/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKMZzg.img?h=174&w=300&m=6&q=60&u=t&o=t&l=f
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:10c::5f64:c1c3 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa5520af6e2f84cb687fc383235acee510bf02b480483e8b0ea6ec826cc6c267
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:20 GMT
last-modified
Wed, 09 Jun 2021 12:55:19 GMT
x-datacenter
northeu
x-source-length
79123
x-frame-options
deny
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=429181
x-activityid
dca0680e-92f3-4a42-8fc9-465d72a4392f
content-location
https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKMZzg?h=174&w=300&m=6&q=60&u=t&o=t&l=f
x-deployment
72c3fde762c149e9ae8e86fd76d57772
timing-allow-origin
*
content-length
6229
expires
Mon, 14 Jun 2021 12:54:21 GMT
usync.js
eus.rubiconproject.com/ Frame 9430 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5e8cede88fb681a06f24249db02959157539bfd1c2b7d328b4e11a8667c6ab02

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:12:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80121
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9303
Expires
Thu, 10 Jun 2021 11:56:42 GMT
PMS.js
vidstat.taboola.com/PMS/2.4.3/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/PMS/2.4.3/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_9/infra/cmTagMSN_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dea8c236c93cf26c8ffa686286fa27b7629d7499aec11700dec5f854c58547c4

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:21 GMT
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront), 1.1 varnish
age
130197
x-amz-meta-mtime
1611220473
x-cache
Hit from cloudfront, HIT
x-amz-meta-ctime
1611220473
x-amz-meta-mode
33188
content-encoding
gzip
content-length
17847
x-served-by
cache-fra19142-FRA
last-modified
Thu, 21 Jan 2021 09:14:34 GMT
server
AmazonS3
x-timer
S1623246081.065997,VS0,VE0
etag
"ab1cfea1c666e027aa42b257f63e5ddb"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
0x7iOnS2I7ybwZnZulnckJBltVSO2WZpxtBs4JRJhokf_Yc-C2qqLw==
x-cache-hits
820
usync.js
eus.rubiconproject.com/ Frame 848A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5e8cede88fb681a06f24249db02959157539bfd1c2b7d328b4e11a8667c6ab02

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:12:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80121
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9303
Expires
Thu, 10 Jun 2021 11:56:42 GMT
khaos.jpg
token.rubiconproject.com/ Frame 9430 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
content14_10_18m.js
vidstat.taboola.com/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_9/infra/cmTagMSN_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:21 GMT
via
1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront), 1.1 varnish
age
2656345
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-fra19142-FRA
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1623246081.169588,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA54
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
-TROi2rJAwAJZGjvQ1UUl45pz7OKYS6cCd8hK2LTON4-GEHuquvUjw==
x-cache-hits
85353
video-autoplay-detector.js
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_9/infra/cmTagMSN_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:21 GMT
via
1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront), 1.1 varnish
age
4168066
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
2210
x-served-by
cache-fra19142-FRA
last-modified
Mon, 10 Jun 2019 11:55:53 GMT
server
AmazonS3
x-timer
S1623246081.170627,VS0,VE0
etag
"2fac39530c1c168282a35d1ab56450ed"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
tVjOQezH1wdhCUO52gTfdk6ub6-eFlOu78HAbC2yUByKCYVp3BoenA==
x-cache-hits
60956
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v91954.766/ 		549 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v91954.766/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_9/infra/cmTagMSN_WIDGET.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
3f4fdb6acc793049730e206b335b3382bf3fd7551fd589610ae3ba8e5476a983

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:21 GMT
via
1.1 varnish
age
27215
x-amz-meta-mtime
1623218794
x-cache
HIT
x-amz-meta-ctime
1623218809
x-amz-meta-mode
33188
content-encoding
br
content-length
114753
x-amz-id-2
+ofmeRYNiv2xwmEFPbyDhMgUwPwculTGp1xFGsrcUJEns3hOcEJtabs4eMjXB5Q0r8XdQFNm6G0=
x-served-by
cache-fra19142-FRA
accept-ranges
bytes
last-modified
Wed, 09 Jun 2021 06:06:50 GMT
server
AmazonS3-br
x-timer
S1623246081.191596,VS0,VE0
etag
"a5d88ae3c6309b7f0ab66f8f78314a49"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
5P894KSKQ3APRV16
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
3844
sync
am-match.taboola.com/ Frame D234 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_9/infra/cmTagMSN_WIDGET.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d1ccf23fae05fb95f79911092af74bd2fe3cc87a0896f68083b35b467c78b0b4

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=ec56767c-5dc5-4a06-9d7f-7f9e1a7dc6b9-tuct7ba4a80
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

server
nginx
date
Wed, 09 Jun 2021 13:41:21 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3401
khaos.jpg
token.rubiconproject.com/ Frame 848A 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
7624f77d-f003-48bd-862b-f7da6ee63ad3
https://www.msn.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.msn.com/7624f77d-f003-48bd-862b-f7da6ee63ad3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
bf4a80f4-809e-4afe-8dde-9b3ea48cbae0
https://www.msn.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.msn.com/bf4a80f4-809e-4afe-8dde-9b3ea48cbae0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame D234
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8935404429059246178&ssp=taboola
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Wed, 09 Jun 2021 13:41:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25323

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=dd72c3e4-e554-46aa-bd74-69a2486ab2d0
date
Wed, 09 Jun 2021 13:41:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtset
bh.contextweb.com/bh/ Frame D234
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?gdpr=0&pid=560382&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pulsepoint-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%25%25VGUID%25%2...
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=S1MxTXptNF9nc3lpQ3MwZk8yNnFldw&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAu2aEsOKlPSYvPhkNzkNKc&google_cver=1
49 B
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAu2aEsOKlPSYvPhkNzkNKc&google_cver=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
4c23865d180f804df030e56f4d06adfdbefc2e8720b8553596036387e23ab9b2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-555c8fd69d-zhs6l
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEAu2aEsOKlPSYvPhkNzkNKc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/ Frame D234
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1577gdpr=0&r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fimprovedigitalrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BPUB_USER_ID%7D
  • https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Wed, 09 Jun 2021 13:41:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24435

Redirect headers

location
https://sync.taboola.com/sg/improvedigitalrtb-network/1/rtb-h/?taboola_hm=a7967264-ee1a-4e97-916e-84941d56e779
date
Wed, 09 Jun 2021 13:41:22 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usync.html
eus.rubiconproject.com/ Frame FFF3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 09 Jun 2021 13:41:21 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Date
Wed, 09 Jun 2021 13:41:21 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cookie set usermatch
ssum.casalemedia.com/ Frame 348E
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?gdpr=0&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26u...
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fef025a1181d4fecf51768dcb1b5fafabc7784d84fb9199bc6e9c6090812323c

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YMDFAoHIO5KpvmUFfZWauAAA; CMPS=5139
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|241|39|190|3|4|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1809
Expires
Wed, 09 Jun 2021 13:41:22 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:22 GMT
Connection
keep-alive
Set-Cookie
CMID=YMDFAoHIO5KpvmUFfZWauAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Jun 2022 13:41:22 GMT CMPS=5139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 07 Sep 2021 13:41:22 GMT CMPRO=1216;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 07 Sep 2021 13:41:22 GMT CMRUM3=2760c0c5020b40&be60c0c50205a0&2d60c0c50205a0&f160c0c50205a0&0360c0c50205a0&3960c0c50205a0&e660c0c5022760&0460c0c50205a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Jun 2022 13:41:22 GMT CMST=YMDFAmDAxQIA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 10 Jun 2021 13:41:22 GMT

Redirect headers

Server
Apache
Content-Length
428
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Wed, 09 Jun 2021 13:41:22 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:22 GMT
Connection
keep-alive
Set-Cookie
CMID=YMDFAoHIO5KpvmUFfZWauAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 09 Jun 2022 13:41:22 GMT CMPS=5139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 07 Sep 2021 13:41:22 GMT
external-players-manager.js
vidstat.taboola.com/external-players-manager/2.4.0/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/external-players-manager/2.4.0/external-players-manager.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v91954.766/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fec738b2de90d8b47d7ec5f46d69380f261091c897e9e91057a3a4ff34d6855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:21 GMT
via
1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront), 1.1 varnish
age
2295153
x-cache
Miss from cloudfront, HIT
content-encoding
gzip
content-length
5044
x-served-by
cache-fra19142-FRA
last-modified
Tue, 03 Nov 2020 15:48:15 GMT
server
AmazonS3
x-timer
S1623246081.384514,VS0,VE0
etag
"c6f0622099dabb786a1828b47538a0ab"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
_PDi_YRp8Rpbz1vCS6d_1HXoQ3_eMCb7dXqx0akuveWsO1QQWcfAAw==
x-cache-hits
2195
usync.js
eus.rubiconproject.com/ Frame FFF3 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5e8cede88fb681a06f24249db02959157539bfd1c2b7d328b4e11a8667c6ab02

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 21:12:03 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80121
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9303
Expires
Thu, 10 Jun 2021 11:56:42 GMT
vwpts.js
static.vidazoo.com/basev/ 		210 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vwpts.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/external-players-manager/2.4.0/external-players-manager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::1730:ca68 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28572152b5a32837f8c1cb6188603b4a25509f10285a42d2e71f7e915af10317

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:21 GMT
content-encoding
gzip
x-amz-request-id
85EY5MPRY7JW2X2B
content-length
53139
x-amz-id-2
BlH/u4L4u6NlRB3s7HB0w4gQYoJpIA+RMGFTFq8d7WgnzBgGq9pWrvlwccRynvaxplTY/Z5iSVs=
last-modified
Tue, 11 May 2021 12:45:27 GMT
server
AmazonS3
etag
"e3f9667600845695aca463a79c374d30"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=71431
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 10 Jun 2021 09:31:52 GMT
khaos.jpg
token.rubiconproject.com/ Frame FFF3 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/jpg
extend
bisdr.vidazoo.com/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bisdr.vidazoo.com/event/extend
Protocol
HTTP/1.1
Server
167.99.157.77 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Wed, 09 Jun 2021 13:41:21 GMT
Content-Length
0
Connection
close
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
extend
bisdr.vidazoo.com/event/ 		0
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bisdr.vidazoo.com/event/extend
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.99.157.77 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 09 Jun 2021 13:41:22 GMT
Server
nginx
Connection
close
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vptm.js
static.vidazoo.com/basev/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/vptm.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::1730:ca68 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3cc00dba6427450ca398d496b6d4d5ae385c893d1470754f1fba733c2a54d04

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:21 GMT
content-encoding
gzip
x-amz-request-id
JWMA6FYNE5825P4V
content-length
10371
x-amz-id-2
qQRv6lIupIXXs47IAbK9qd89PO7nb1nqNhB+NtcAEOulJjUZWDTqMOFkzPbwrlg+7jx71okV/jQ=
last-modified
Wed, 21 Apr 2021 09:37:00 GMT
server
AmazonS3
etag
"21a2c9567e39057710d15b53f8cc270a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=38585
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 10 Jun 2021 00:24:26 GMT
5f75c0622bf8460004da7166
wserversa.vidazoo.com/api/ 		17 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wserversa.vidazoo.com/api/5f75c0622bf8460004da7166?userId=551424a21b1b1f08006fb6f9&loadFrequentlyTime=60000&parallel=true&unique=false&allowFrame=false&vdzwLocalCache=true&paralle=true&ready=onScriptReady&cdn=static.vidazoo.com&url=https%253A%252F%252Fwww.msn.com%252Fen-us%252Fnews%252Fpolitics%252Ftrump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book%252Far-AAKPSVY&innerSize=624x351&outerSize=1600x900&layout=infinity&referrer=undefined&scrollHeight=6574&encodeCms=true
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.212.227 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
46bda3c1291a78f42c0dba752139e9e2cc0e8a6298322332ddfe4a13f8ab6750

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 13:41:23 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.msn.com
Cache-Control
max-age=0, no-cache, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
Content-Length
10484
/
track.adform.net/serving/unload/ Frame 7343 		35 B
466 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=1434423295419448847@@46597878,268072975519621521,100|4793|0|0|0|0|0|0|0||187|0|409|b3cbf4f2b3a74aefb65c1bde40829fc4_b3cbf4f2b3a74aefb65c1bde40829fc4-1|||1|0|0|uUVVmBLVH4VX7EYoWZQhUYIxFBr1HGkjz1NDtLtJ26hQxP3rlhEdCskllzAqADQrA7z_uuw_WOM1|||01|0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:22 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.msn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 348E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YMDFAoHIO5KpvmUFfZWauAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFUlpbMXfN-mdRiqTRXXfM4&google_cver=1&gdpr=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFUlpbMXfN-mdRiqTRXXfM4&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 09 Jun 2021 13:41:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFUlpbMXfN-mdRiqTRXXfM4&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 348E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YMDFAoHIO5KpvmUFfZWauAAABMAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJj_X_puBcmkwWS0u6isv3s&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJj_X_puBcmkwWS0u6isv3s&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 09 Jun 2021 13:41:23 GMT

Redirect headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEJj_X_puBcmkwWS0u6isv3s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 348E
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMDFAoHIO5KpvmUFfZWauAAABMAAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMDFAoHIO5KpvmUFfZWauAAABMAAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMDFAoHIO5KpvmUFfZWauAAABMAAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.13 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:23 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:23 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YMDFAoHIO5KpvmUFfZWauAAABMAAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 348E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YMDFAoHIO5KpvmUFfZWauAAA&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:22 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
ib.adnxs.com/ Frame 348E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 348E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=121960c0-c501-4400-a550-6a9cab1116c0&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=121960c0-c501-4400-a550-6a9cab1116c0&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 09 Jun 2021 13:41:23 GMT

Redirect headers

Date
Wed, 09 Jun 2021 13:41:14 GMT
Server
MT3 3759 5f8f15b master zrh-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=121960c0-c501-4400-a550-6a9cab1116c0&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 09 Jun 2021 13:41:13 GMT
rum
dsum-sec.casalemedia.com/ Frame 348E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4596033037164490178
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4596033037164490178
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 09 Jun 2021 13:41:23 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4596033037164490178
pragma
no-cache
date
Wed, 09 Jun 2021 13:41:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 348E
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827871530774195
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827871530774195
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 09 Jun 2021 13:41:23 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 09 Jun 2021 13:41:23 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=2159827871530774195
Date
Wed, 09 Jun 2021 13:41:22 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame 348E 		0
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/casale-network/1/rtb-h/?gdpr=0&taboola_hm=YMDFAoHIO5KpvmUFfZWauAAABMAAAAAB&orig=video&us_privacy=1---
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=0&s=183756&us_privacy=1---&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Wed, 09 Jun 2021 13:41:22 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23381
sbt.js
static.vidazoo.com/basev/1.0.552/ 		565 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.552/sbt.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::1730:ca68 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28f8be1c33f3018f3388fa8f7b87e2df39ecc11b36d6f9e610fb937fe2e82198

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:23 GMT
content-encoding
gzip
x-amz-request-id
SW6MAECDGAM76SSC
content-length
120998
x-amz-id-2
FFH6IV9QOf1Bri2ntCX1z4xZ57ZBeDcCmY44LHRq3H74GzfvZXn4KGX75Tlx7jHhvIVFmRzsrmY=
last-modified
Fri, 04 Jun 2021 06:12:33 GMT
server
AmazonS3
etag
"6dae6919223855180fbeab78ef25a04e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=21294
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Wed, 09 Jun 2021 19:36:17 GMT
5f75c0622bf8460004da7166.min.js
static.vidazoo.com/basev/wgt/dynamic/5f75c0622bf8460004da7166/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/wgt/dynamic/5f75c0622bf8460004da7166/5f75c0622bf8460004da7166.min.js?jsonp=__vdzw_5f75c0622bf8460004da7166_Jc6o_jsonp_
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::1730:ca68 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3005fecc32bdffce7a7fd3ec7f938b29ca875aad4abb92ac6eecb4b3a983f9e6

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:23 GMT
content-encoding
gzip
x-amz-request-id
7ED467EF69D63365
content-length
2210
x-amz-id-2
XiSgAAqaF29Z8x6YslDB/LY/7trj98qTLL8d3Gj2x/PhYY9SSrE2MZcAZZxA3eVa4T/P4p2YzNg=
last-modified
Sun, 21 Feb 2021 20:22:52 GMT
server
AmazonS3
etag
"0c6b9f7a2a172673cb2a5c16df133e17"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=41511
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 10 Jun 2021 01:13:14 GMT
stdlibs.js
static.vidazoo.com/basev/ 		56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/stdlibs.js?jsonp=__vidazoo_stdlib_5f75c0622bf8460004da7166__
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::1730:ca68 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9777f5d1cddd35cbc93c643b6f1c393ec9830c3559de0a51b6a5c1410483679

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:23 GMT
content-encoding
gzip
x-amz-request-id
Z4BZ30HAXGQ9DJQW
content-length
16536
x-amz-id-2
Om7D8vzEQmS3gy/FvYqlvsquMk9cYMpWriXVv89fvLDlbPy6djPVMs5Z/xCzntP7nmIkL/8p9uU=
last-modified
Tue, 11 May 2021 12:45:26 GMT
server
AmazonS3
etag
"2ba9fea1ab996a653e9102c850038d34"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=40908
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 10 Jun 2021 01:03:11 GMT
extend
bisdr.vidazoo.com/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bisdr.vidazoo.com/event/extend
Protocol
HTTP/1.1
Server
167.99.157.77 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Wed, 09 Jun 2021 13:41:23 GMT
Content-Length
0
Connection
close
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
extend
bisdr.vidazoo.com/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bisdr.vidazoo.com/event/extend
Protocol
HTTP/1.1
Server
167.99.157.77 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Wed, 09 Jun 2021 13:41:23 GMT
Content-Length
0
Connection
close
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
extend
bisdr.vidazoo.com/event/ 		0
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bisdr.vidazoo.com/event/extend
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.99.157.77 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 09 Jun 2021 13:41:24 GMT
Server
nginx
Connection
close
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
milkshake_default.js
static.vidazoo.com/basev/skins/milkshake_default/1.0.2/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/skins/milkshake_default/1.0.2/milkshake_default.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.552/sbt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::1730:ca68 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66d171eac3ab5190b2f57fd70164aa357235d5847524d456fb2881edcf6918de

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:23 GMT
content-encoding
gzip
x-amz-request-id
C43F73CACE27653E
content-length
14096
x-amz-id-2
KeKRxsLVamMQJ9jDCp0S91CiX8v4BlAbtEBck6TPy/ZV2Rnyki/60gZGDlf/Z6dd6kxAzbIzXa8=
last-modified
Wed, 14 Oct 2020 16:09:30 GMT
server
AmazonS3
etag
"f3ba5fdd5187cff25f1556546b5915b7"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=41178
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 10 Jun 2021 01:07:41 GMT
extend
bisdr.vidazoo.com/event/ 		0
416 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bisdr.vidazoo.com/event/extend
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/vwpts.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.99.157.77 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 09 Jun 2021 13:41:24 GMT
Server
nginx
Connection
close
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
167eebfd-8274-4ae0-8ec0-1a4285476b2f
https://www.msn.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.msn.com/167eebfd-8274-4ae0-8ec0-1a4285476b2f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee441245ef85f538030acf5e534d1cf2664c18289cec8cc0d84656ffb0e0a95d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1205
blank.mp4
static.vidazoo.com/basev/ 		891 B
2 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/blank.mp4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::1730:ca68 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21

Request headers

Referer
https://www.msn.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 09 Jun 2021 13:41:23 GMT
x-amz-request-id
CDEFACD382F06CDC
Content-Range
bytes 0-890/891
Content-Length
891
x-amz-id-2
gWTxCwV5N+L4aja6ziU9GmefqnvaqFFVb1ZJjtBBbrTHaGQaerKzKlJjRVEfy0pS8fnclauDM9M=
last-modified
Mon, 06 Apr 2020 12:07:11 GMT
server
AmazonS3
etag
"86ec3fbb73842f6c776555cfb7f1950d"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=41245
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Thu, 10 Jun 2021 01:08:48 GMT
5f75bf50a23bf100042b55b5.jpg
inventory.vidazoo.com/5f75bdb18707cf0004d69509/5f75bf50a23bf100042b55b5/ 		889 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inventory.vidazoo.com/5f75bdb18707cf0004d69509/5f75bf50a23bf100042b55b5/5f75bf50a23bf100042b55b5.jpg
Requested by
Host: www.msn.com
URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c::5f65:5a98 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b8f7a10014da0162ae21ce5bb95cc25913a802f616cec6cbe1276e87892bfa4

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:23 GMT
last-modified
Thu, 01 Oct 2020 11:37:47 GMT
server
AmazonS3
x-amz-request-id
89F2928225B10B19
etag
"4c9f09d9adacb2d7185f55c84b129432"
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
public, max-age=41326
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
content-length
889
x-amz-id-2
L0Js33V60gTo3RImev4mziyk2/zICxS3atzo5kIiF1enlwHM0CNud9qSyP1B+6cnUrxamtc/Rmo=
expires
Thu, 10 Jun 2021 01:10:09 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e38335b8da3a11b4a278e7572f99a3990da81b9764b7526bd7b69ec0c6a57c84

Request headers

Origin
https://www.msn.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
prebid.js
static.vidazoo.com/basev/1.0.552/prebid/ Frame 850E 		454 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.vidazoo.com/basev/1.0.552/prebid/prebid.js
Requested by
Host: static.vidazoo.com
URL: https://static.vidazoo.com/basev/1.0.552/sbt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:12d::1730:ca68 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
027062562b8515c0b86691cbfcc9a4a98ddd7a5fe921c931f30ffe2f8262d066

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:23 GMT
content-encoding
gzip
x-amz-request-id
S4QFAEDE0D9H7YBH
content-length
142547
x-amz-id-2
RMpo6sP/XaLPK+AZc/A8AP5elvywfWUh9FNbapG254gZSeAg5cvCk8RIIIv3Vk86NEO/Ro61jSw=
last-modified
Fri, 04 Jun 2021 06:12:34 GMT
server
AmazonS3
etag
"bd28dc9e9f0fe455bebda49a6a018c6e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
cache-control
max-age=21267
accept-ranges
bytes
access-control-allow-headers
Origin, Accept ,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Length, Accept-Language, Accept-Encoding, Referer, Range
expires
Wed, 09 Jun 2021 19:35:50 GMT
pixel.gif
px.moatads.com/ Frame 22E3 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=4156367102&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-D%2BMlZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=1-pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.msn.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fwww.msn.com&lp=https%3A%2F%2Fwww.msn.com&t=1623246078247&de=974525089656&cu=1623246078247&m=5288&ar=c498f16-clean&iw=623b6c1&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A785%3A184&aa=1&ad=5139&cn=1028&gn=1&gk=5139&gl=1028&ik=5139&ic=5139&ez=1&co=1028&cp=915&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5068&cd=915&ah=5068&am=915&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=25707498%3A4175281%3A302682492%3A148845848&bo=msn.com&bd=msn.com&gw=heinekenpldcmdisplay24614018836&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=PL&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=191618&na=425200085&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 09 Jun 2021 13:41:23 GMT
pixel.gif
px.moatads.com/ Frame 22E3 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=4156367102&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-D%2BMlZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=1-pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.msn.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fwww.msn.com&lp=https%3A%2F%2Fwww.msn.com&t=1623246078247&de=974525089656&cu=1623246078247&m=5490&ar=c498f16-clean&iw=623b6c1&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A785%3A184&aa=1&ad=5341&cn=5139&gn=1&gk=5341&gl=5139&ik=5341&ic=5341&ez=1&co=1028&cp=915&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5270&cd=5068&ah=5270&am=5068&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=25707498%3A4175281%3A302682492%3A148845848&bo=msn.com&bd=msn.com&gw=heinekenpldcmdisplay24614018836&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=PL&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=191618&na=900839168&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 09 Jun 2021 13:41:23 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=624&height=350&pubid=198827&tagid=1020237&crid=5083905&noaop=3&sortOrderType=0&cb=1623246085554&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=91954766&pt=14612600&tz=120&viewable=true&ddast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1472605&dpubid=168627&abtst=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm_vA!ul2981_vB&mPre=0.025&cirf=https%3A%2F%2Fwww.msn.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v91954.766/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
97ad71987ea99c33386d7518b7ff561c7b178fbaceb42190a757703e2793c4e3

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Wed, 09 Jun 2021 13:41:25 GMT
content-encoding
gzip
access-control-allow-origin
https://www.msn.com
machineid
1458
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19142-FRA
pragma
no-cache
server
nginx
x-timer
S1623246086.577293,VS0,VE50
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
OpportunityServlet
am-vid-events.taboola.com/ 		1 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-vid-events.taboola.com/OpportunityServlet
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v91954.766/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.msn.com
date
Wed, 09 Jun 2021 13:41:26 GMT
access-control-allow-credentials
true
server
nginx
content-length
1
like.php
www.facebook.com/plugins/ Frame CECC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?locale=en_US&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&send=false&layout=button_count&width=450&show_faces=false&font&colorscheme=light&action=like&height=21
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?locale=en_US&href=https%3A%2F%2Fwww.facebook.com%2Fmsn&send=false&layout=button_count&width=450&show_faces=false&font&colorscheme=light&action=like&height=21
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.msn.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
content-type
text/html;charset=utf-8
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
x-fb-debug
bnvxd1nVif46q00kQZSCrVwBEV7OVoN3bZF2cqKftUCULRWwjKR1pp126EXhsYCaaMZ/eT3E5PStSMikunOWkg==
content-length
0
date
Wed, 09 Jun 2021 13:41:27 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
follow_button.html
platform.twitter.com/widgets/ Frame 9365 		62 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.html?show_screen_name=false&screen_name=msn&show_count=false&lang=en
Requested by
Host: static-global-s-msn-com.akamaized.net
URL: https://static-global-s-msn-com.akamaized.net/hp-neu/_h/975a7d20/webcore/externalscripts/jquery/jquery-2.1.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
9c61921a00e313f2a5e7bc7740a7af63fa5a5f5a28485261a0ca64543fbb704e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.msn.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.msn.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1431
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Wed, 09 Jun 2021 13:41:27 GMT
Etag
"7556d19abff70e32012d7f6f8715f0a1+gzip"
Last-Modified
Wed, 28 Apr 2021 17:57:47 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/675D)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
20660
jot
syndication.twitter.com/i/ Frame 9365 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22language%22%3A%22en%22%2C%22message%22%3A%22%3Anocount%3A%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.msn.com%2F%22%2C%22widget_frame%22%3A%7B%22ancestorOrigins%22%3A%7B%220%22%3A%22https%3A%2F%2Fwww.msn.com%22%7D%2C%22href%22%3A%22https%3A%2F%2Fplatform.twitter.com%2Fwidgets%2Ffollow_button.html%3Fshow_screen_name%3Dfalse%26screen_name%3Dmsn%26show_count%3Dfalse%26lang%3Den%22%2C%22origin%22%3A%22https%3A%2F%2Fplatform.twitter.com%22%2C%22protocol%22%3A%22https%3A%22%2C%22host%22%3A%22platform.twitter.com%22%2C%22hostname%22%3A%22platform.twitter.com%22%2C%22port%22%3A%22%22%2C%22pathname%22%3A%22%2Fwidgets%2Ffollow_button.html%22%2C%22search%22%3A%22%3Fshow_screen_name%3Dfalse%26screen_name%3Dmsn%26show_count%3Dfalse%26lang%3Den%22%2C%22hash%22%3A%22%22%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1623246087772%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/follow_button.html?show_screen_name=false&screen_name=msn&show_count=false&lang=en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 09 Jun 2021 13:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Wed, 09 Jun 2021 13:41:27 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
e16e933f7395d953003ef2c3dc6b37bd85c433d46eeac0d6325748c6c14a2ce5
x-transaction
77457530e2548748
expires
Tue, 31 Mar 1981 05:00:00 GMT
dc_oe=ChMIqb_q7taK8QIVevK7CB2t7gF1EAAYACCY6vxG;met=1;&timestamp=1623246088527;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 22E3 		42 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqb_q7taK8QIVevK7CB2t7gF1EAAYACCY6vxG;met=1;&timestamp=1623246088527;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 22E3 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&pxm=4&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F8243536%2F1617784462553%2F300x250%2Findex.html&i=HEINEKEN_DCM_MASTER_DISPLAY1&ol=4156367102&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-D%2BMlZAwprWLiKpTYeeKRbm%2Bf0PCrau3hNTBJf6raYEJYmkCpSqbr2V04&sc=1&os=1-pw%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&ql=&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&zGSRC=1&gu=https%3A%2F%2Fwww.msn.com%2F&id=0&ii=9&f=1&j=https%3A%2F%2Fwww.msn.com%2F&lp=https%3A%2F%2Fwww.msn.com&t=1623246078247&de=974525089656&cu=1623246078247&m=10350&ar=c498f16-clean&iw=623b6c1&cb=0&ym=0&ll=2&lm=2&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A785%3A184&aa=1&ad=10202&cn=5341&gn=1&gk=10202&gl=5341&ik=10202&ic=10202&ez=1&co=1028&cp=915&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10127&cd=5270&ah=10127&am=5270&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=25707498%3A4175281%3A302682492%3A148845848&bo=msn.com&bd=msn.com&gw=heinekenpldcmdisplay24614018836&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatMarket=PL&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=191618&na=1063296721&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-172.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://ad.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Wed, 09 Jun 2021 13:41:28 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		1 KB
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=624&height=350&pubid=198827&tagid=1020237&crid=5083905&noaop=3&sortOrderType=0&cb=1623246090557&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=91954766&pt=14612600&tz=120&viewable=true&ddast=V7hXMCFgPW9oCFpVjr0wTW9oCFpVjr0wUAAAAGBvkHHDdhMIYL2oZFmY12o9FuslusRpvFZDWZDIbAcRMGY7igbViU2Wg3Gu0ms8VoMFjOJpvZagojwjL7fQcF5fT0mF0GSdP2shxkTZPLb1ALRCzP1_Q3vCEQF02nw-e61-t-v7vac7dr_G6_yu5Wff5yl-_zF_zNTtPT4_mLLq-34a2wm9xCh93uND0_b5nl6bKbPEen4S1x-Rx2t-jvllheDq9b5Pfd3bqjy-4WHV1umd_4lrt8n7fQ7zm9dZaX7y1yen6uz-llcuuepqNbdHS5JYPJYK0yuzymp9_uFjtdnrfC4_FbTk67zy36uyV-v9evsLwVDC6hU2vWAQAAAOABoGkyAOIHAAAgAgAAAEDiBwAAgCKg4t9C4AIAAAAAA4Bg9VkDQJUDYa4f68vjtPsDAOChAAQAQACDBEBAcrYEwAKv6wQAAOCgTuZpm-X___8_BiBvf1MGgKPgvgfgwQfggahAtYgRAAAAQLZiNM3RpE6oLKr-____rQCuAAAC8uIDDDXDAAAACsYW6GHx-80Ou8bvdtn_________v9n_GQCaUJUrRVoQWhS72g8AAMDaLyAAAJu6AQC8CcDFHIAdAAAAwN3___9_HgAAQMIeJdtrNZ49ynrfiLDMft9BQTk9PWaXQdK0vSwHWdPk8hvUAhHL8zX9DfebsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhwiDJmcG5Nn5FkLFibTWrTymNbKmc20Fu1WM5dvt9k4DJO16PUx_SYO08I38-LGXgQX6UTtubvVnrtFLBGcLtKJ6GU8XdR_dJDFbq7YDOeSwXKumqwSAAAAAAAAAMASpsybAAAAAJwGMRvOJrvlAjx0ug6DhMNkMSwnu5lj4RytfDPjxDFZDlcmw2rlstlsExODxIbBWnEoIxKDOZtNZsvFYLeZcXgbEoU4o20WCxY3fnzQnrtb7bm72TNBrNVqWQMAAABw60YO!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1472605&dpubid=168627&abtst=206725b_vA!206725b_vA!adh5c-1_vA!insc_vA!pl91954-766_vA!rfe_vE!spa2_vA!ufm_vA!ul2981_vB&mPre=0.025&cirf=https%3A%2F%2Fwww.msn.com&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v91954.766/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
97ad71987ea99c33386d7518b7ff561c7b178fbaceb42190a757703e2793c4e3

Request headers

Referer
https://www.msn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 09 Jun 2021 13:41:30 GMT
content-encoding
gzip
server
nginx
machineid
1460
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.msn.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
extend
bisdr.vidazoo.com/event/ 		0
0
extend
bisdr.vidazoo.com/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bisdr.vidazoo.com/event/extend
Protocol
HTTP/1.1
Server
167.99.157.77 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.msn.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Wed, 09 Jun 2021 13:41:31 GMT
Content-Length
0
Connection
close
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, DNT, X-Requested-With, Keep-Alive, Content-Type, Accept, Cache-Control, Pragma, Authorization, Content-Length, Accept-Encoding, Accept-Language
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bisdr.vidazoo.com
URL
https://bisdr.vidazoo.com/event/extend

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| define function| require object| _pageTimings function| _perfMarker function| _perfMeasure function| imgTTAF object| JAC_CONFIG string| c function| _llic function| loadDeferredImages function| vglnk function| $ function| jQuery object| awa string| behaviorKey object| Perf string| globalLeft function| Gemini object| Telemetry object| utils object| data object| MSANTracker string| deferredCanary object| g_ashsC function| g_hsSetup object| confiant function| newGuid function| setImmediate function| clearImmediate function| binding object| Modernizr object| pp object| JAC boolean| spaStartupLoaded object| expDict function| adSetupDiv object| JAC_QUEUE object| Adform function| fbAsyncInit function| handleFbResponse function| handleMeStripeFbTileClick object| FB boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16232460786346 undefined| vglnk_16232460786357 object| webpackJsonp function| isSupportLocalStorage function| taboolaHandleUpdateUserId object| TaboolaCookieSyncObject string| taboolaLocalStorageItemName undefined| vglnk_16232460790619 function| OBMSync object| _secondaryPageTimings number| 2f1acc6c3a606b082e5eef5e54414ffb boolean| hasPreHydrateState string| OB_extId boolean| OB_FIRST_PV object| webpackJsonpCSW object| civicscience boolean| _isWebWorkerPresent object| cmTagConfig function| jsonp_1623246079591_99786 object| TRC object| cmTag object| _cm_wfCounters string| lastWfUrl function| startCMTagMain object| _taboola string| category function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist string| vpaidId function| webpackHotUpdate function| OvaMediaPlayer function| onScriptReady object| v_0x4b8d function| v_0x405b object| regeneratorRuntime object| _vdzwgt_ object| vdz function| ownKeys function| _objectSpread function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles function| _defineProperty object| v_0x5804 function| v_0x2cc0 function| webpackJsonpb3a1btcpat8 object| __vidazooPlayer__ object| vidazoo

0 Cookies

11 Console Messages

Source Level URL
Text
console-api warning URL: https://jac.yahoosandbox.com/0.6.1/jac.js(Line 1)
Message:
JAC: Support for the "features" property of the client config has been deprecated and will be removed in the future versions. Please move all the "features" one level up in the config.
console-api warning URL: https://jac.yahoosandbox.com/0.6.1/jac.js(Line 1)
Message:
JAC: Support for the "features" property of the client config has been deprecated and will be removed in the future versions. Please move all the "features" one level up in the config.
console-api warning URL: https://jac.yahoosandbox.com/0.6.1/jac.js(Line 1)
Message:
JAC: Support for the "features" property of the client config has been deprecated and will be removed in the future versions. Please move all the "features" one level up in the config.
console-api log URL: https://confiant.msn.com/8wUBVe8wmBTtU5IL4Akcv7tZSp0/msn/config.js(Line 71)
Message:
Confiant jacSetupComplete: 0
console-api error URL: https://static-entertainment-neu-s-msn-com.akamaized.net/en-us/news/_sc/js/d7cb56b9-80a51289/direction=ltr.locales=en-us.themes=gray.dpi=resolution1x/ac-e7a306-9bbf560f/b6-1cb2fa-dc19049b/5e-909e7c-f11ebcd6/a5-6f908a-5599dabd/46-736d08-68ddb2ab/2f-8d79ab-68ddb2ab/c3-5b0bfc-68ddb2ab/45-5d3d50-cae48929/3b-5fdca4-f41d9e92/a7-1d5746-68ddb2ab/f6-cbf0b4-3cb4dd5e/18-d301e0-68ddb2ab/b3-e53ca4-68ddb2ab/21-3f483d-68ddb2ab/31-17c237-68ddb2ab/bf-9e30e2-68ddb2ab/f2-58ec27-68ddb2ab/61-a43fe9-68ddb2ab?ver=20210608_21624174&fdhead=msnallexpusers,muidflt46cf,muidflt48cf,muidflt52cf,muidflt55cf,muidflt57cf,startedge2cf,audexedge2cf,pnehp2cf,audexhp2cf,bingcollabhp1cf,bingcollabhp2cf,compliancehp1cf,starthz1cf,artgly1cf,artgly4cf,onetrustpoplive,1s-bing-news,vebudumu04302020,bbh20200521msn,msnsports3cf,weather4cf,prg-1sw-halfbtn,1s-winblis,1s-winblisp1,prg-adspeek,prg-sync-wea2,csmoney7cf&csopd=20201118012035&csopdb=20210605021559(Line 1)
Message:
Wed Jun 09 2021 15:41:18 GMT+0200 (Central European Summer Time): 1623246078622 {"errId":7530,"errMsg":"BingFailed. bing native ad container doesn't exist, bing type: bingnativeeoab, vk: news","errSource":"bingAds.js","reportingType":1}
console-api warning URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY(Line 17)
Message:
[SCRIPTERROR] Script error. [ENDMESSAGE]
console-api error URL: https://www.facebook.com/rsrc.php/v3/y0/r/mN8-gFiYmm3.js?_nc_x=Ij3Wp8lg5Kz(Line 56)
Message:
ErrorUtils caught an error: Minified invariant #11797; Params: 113 [Caught in: Module "VisibilityListener"] Subsequent non-fatal errors won't be logged; see https://fburl.com/debugjs.
console-api error URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY(Line 17)
Message:
samNativeAdHelper: Unable to get Json data or placement info for SAM RTB.
console-api error URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY(Line 17)
Message:
[NativeAdService]: Json body or service URL for SAM is null or empty. Aborting.
console-api error URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY(Line 17)
Message:
samNativeAdHelper: Unable to get Json data or placement info for SAM RTB.
console-api error URL: https://www.msn.com/en-us/news/politics/trump-and-hannitys-friendship-began-to-break-down-when-the-fox-news-host-grew-disgusted-with-the-2020-election-lies-according-to-book/ar-AAKPSVY(Line 17)
Message:
[NativeAdService]: Json body or service URL for SAM is null or empty. Aborting.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' wss://*.spots.im data: 'unsafe-inline' 'unsafe-eval' https: blob:; media-src 'self' https: blob:; worker-src 'self' https: blob:; block-all-mixed-content;
Strict-Transport-Security max-age=1209600; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
26.at.atwola.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.creative-serving.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
api.msn.com
api.taboola.com
api.viglink.com
apple-resources.s3.amazonaws.com
arc.msn.com
assets.msn.com
b1sync.zemanta.com
bh.contextweb.com
bisdr.vidazoo.com
c.bing.com
c.msn.com
c1.adform.net
cdn.adaptv.advertising.com
cdn.taboola.com
cdn.viglink.com
cds.taboola.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
confiant.msn.com
connect.facebook.net
cookie-matching.mediarithmics.com
d2zqfs55y95cft.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
eu-central-1-web.ssp.yahoo.com
eus.rubiconproject.com
googleads4.g.doubleclick.net
hbx.media.net
i.liadm.com
ib.3lift.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
img-prod-cms-rt-microsoft-com.akamaized.net
img-s-msn-com.akamaized.net
img.img-taboola.com
img.s-msn.com
imprammp.taboola.com
inventory.vidazoo.com
jac.yahoosandbox.com
jill.fc.yahoo.com
login.live.com
m.adnxs.com
match.adsrvr.org
match.sharethrough.com
mwzeom.zeotap.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.tapad.com
platform.twitter.com
play.google.com
pr-bh.ybp.yahoo.com
prod.perf-serving.com
px.ads.linkedin.com
px.moatads.com
px4.ads.linkedin.com
s.amazon-adsystem.com
s.yimg.com
s0.2mdn.net
s1.adform.net
sb.scorecardresearch.com
scontent-frt3-2.xx.fbcdn.net
secure-assets.rubiconproject.com
service.idsync.analytics.yahoo.com
srtb.msn.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-entertainment-neu-s-msn-com.akamaized.net
static-global-s-msn-com.akamaized.net
static.vidazoo.com
sync-t1.taboola.com
sync.crwdcntrl.net
sync.hariken.co
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
syndication.twitter.com
tag.idsync.analytics.yahoo.com
token.rubiconproject.com
tools.applemediaservices.com
tpc.googlesyndication.com
track.adform.net
trc.taboola.com
u.openx.net
vidstat.taboola.com
visitor.omnitagjs.com
web.ssp.yahoo.com
web.vortex.data.msn.com
wf.taboola.com
widgets.outbrain.com
wserversa.vidazoo.com
www.bing.com
www.bizographics.com
www.dianomi.com
www.facebook.com
www.googletagservices.com
www.linkedin.com
www.msn.com
www138.civicscience.com
x.bidswitch.net
z.moatads.com
bisdr.vidazoo.com
104.108.144.238
104.108.144.24
104.108.145.107
104.108.145.172
104.108.145.8
104.18.100.194
104.18.23.230
104.19.136.78
104.244.42.8
108.174.10.14
141.226.224.32
141.226.228.48
142.250.185.162
142.250.185.194
142.250.185.230
151.101.113.108
151.101.13.44
152.195.51.15
152.67.40.109
157.230.212.227
167.99.157.77
172.217.16.130
18.156.195.47
18.184.169.195
18.195.105.17
184.25.239.57
185.255.84.153
185.29.133.58
185.33.220.100
185.33.220.242
185.94.180.125
188.42.191.196
192.229.221.28
193.0.160.129
198.148.27.139
199.232.137.44
20.190.160.69
20.82.209.183
2001:678:cb4:bbbb::11
204.79.197.203
212.82.100.182
23.37.42.132
2600:9000:20c3:f400:f:c7b3:ce40:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1857
2606:4700::6810:a10d
2620:119:50e1:101::6cae:b25
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:803::2006
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2002
2a01:111:202c::200
2a02:26f0:10c::5f64:c17b
2a02:26f0:10c::5f64:c18b
2a02:26f0:10c::5f64:c1c3
2a02:26f0:10c::5f65:5a98
2a02:26f0:12d::1730:ca68
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.56.137
3.127.166.11
34.195.109.238
34.98.64.218
35.156.250.242
35.158.223.21
35.227.248.159
37.157.2.237
37.157.4.25
37.157.5.71
40.77.226.250
51.75.15.61
52.142.114.2
52.208.103.128
52.217.136.201
52.222.174.22
52.46.130.13
52.57.46.37
52.84.174.29
54.167.249.152
54.211.158.99
54.36.109.22
54.76.164.24
69.173.144.138
70.42.32.159
76.223.111.131
92.122.213.234
95.100.69.216
014362aee0fef3d28f6c7a00d395636bc49358ccfba53ca732f4b75c7e0772f8
01d076574b05a66724843fa1d23f51ec0d0f7159568c8b9db11473e5eca7f4fa
027062562b8515c0b86691cbfcc9a4a98ddd7a5fe921c931f30ffe2f8262d066
08298b694c7ef5bbbfbab76c98f2f13bf71715a77f504017e971b3e1e50d6c84
0a7881eaeaeada8d5434784740f02389c19fdef64f4b31d197c95d35860726a9
0a9a8087d7fc052ca2dd1e136e2d92823b88db20e17aa51be984c9dd63086ba9
0ae9fc7c054741e064a439791769bf78b911f27a435be57b944e0edcfcfedd5d
0b1184bbdca92bed0ecad00bd942b9cef222cf5fea17851944307a56821e13ec
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8f7a10014da0162ae21ce5bb95cc25913a802f616cec6cbe1276e87892bfa4
0c5c3a8c41dcdf3c5dfd898d185b6e555e48e4a7d8c981c8bb7d8c0f1b3c6816
0cb2ed0969537b3d538940fc991d4e470d6fa49353f6a05268d3edede5a716df
0cbd71ec002548fb306d83a8895cbbf088f04bba2a098eb1a55a41a265be83fc
0d44205ce23bd21bd315323630e90d02b3028a95ae34b2778f0baba39f167b12
0dad74e37c9127f70c190861759fbd6237962aae702902d99d346dc69bbbc18a
0e7b377b03545a212457978c5f321246c4d133aba42a09c566e0d9b7d855d146
107041a10c1adce2cf47358edaabb07587262d3fc69b9cc10ee57504c3320fe9
10e48837f429e208a5714d7290a44cd704dd08bf4690f1aba93c318a30c802d9
112295922ee6ad9f3a8e3fcebcf4f459e91cb2267073aa62bcf91629660bd5ee
114309cc79f85305e1cbc13d4b8ececeab9b4340c8fcd256ea9a8a8bd354defb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14e2c66bbe5e9e0da3cd7b1ce687d34a5c2b53492b6283cce8cb1872f4f338b4
14f472b31bb079b961cf7ceee1ec03484853104936a0e06aac3f03218ab56897
15746ee8997dcf68d96617d4b849b7b71e8cec4e5ff8e290b70ba2454cc1fb71
161d6a8c4bd0ecd29d2265fcc4c94184a0c0429630b1f086c00fdb1902a9c380
16274584b29005b5bf1c751f386535af165fe63689b1910bf817aca2a4e55f81
193410ffe16c8fb22b9bf031173e4c1d89f6b237726873d02ce22308f4e7e0c7
1b9703d8da6daed5840900fbedf403f29a2debaf73c47c1862f4d476d777178b
1bdf3ae523bb5e9cd69c4212f4e2326abf8ae52e733e6dc5cc0e2c87b18550cf
1e079f22adc75cc6b3bc917e1f9249b86a553501789ca9cd5dc7964612a7469b
1e14a910f03580a755870c3e7905b68e3da54bfb99882f6b24ae49b418609fdd
1ff53700c59a802feb72f77557789ae79ae1495e7a8ac41c00c2160ee10009ac
215e46442382af6784b854e56f70c527d0d205a367c58567c308d3c3fbe31cc2
21b45d73e70f3104bdc08d7479a3f82ffcecbf925d37e4e7469c1780d379a767
21b9101b3f5ebd4a06ac82046643c8f16de8f869774d41da49d1ab739f9f7349
22e9c5355b94e784482493510a6773beeafc8aab0476addf48aa2617f64be979
2328b146550518c58f953ea7397ae25fcc1aa0b8d11b77ac1f4b9074731d43f3
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
2464ed35e5167d0cf041eb0fad7a077efd5a069e36320d7f10277cd29b23a41f
247414b887c6cc29fb8d31de9d91c42814a452bf059a843499cb63966f24c3c8
26a621a1e1f8298b87bbbf5946f4517a104ca51267d098cc8e29fa02e3361872
28572152b5a32837f8c1cb6188603b4a25509f10285a42d2e71f7e915af10317
28f8be1c33f3018f3388fa8f7b87e2df39ecc11b36d6f9e610fb937fe2e82198
28fc3eb91dde3de99ffd7a31cd728888eb2dc330c0de927db232fb342fab1a03
2ad31a03ccf978ae72133b4ec7e74eace354b298108529ac357b65cc9d4658bd
2af2531528216dd20304be1fc69fac023afba4e01d50dbbd21c842a6fb48c168
2b37dee173bafb3de84a3fa9aff5215868c53852c710406122d458b36343666f
2c2afd8fc6e4434d6e88c3f832e7fe9bc9c94816dd7c8140659eaa78e56df3c1
2cc1883f7d43b74fe0f2f165002cec5894775ae34194a5620da0100dab4d5062
2d5c0e3647a7f76419f1dd18d0d328e8fb0bc7b3000c62902d0bf0e0aa991729
2f28c37beb838d695f95710805308cfe7f1fcc286bd744ab0184a23a10d5a4ec
3005fecc32bdffce7a7fd3ec7f938b29ca875aad4abb92ac6eecb4b3a983f9e6
301422456b2a16379c60c192eca92462aaedc20b1b5c8af5ffa353667681c160
31ecfd013943113cfebc7f959042f706314147c6c7ab183c146d931161ddf451
330516ac2e1e5bc23e2c6da6fc28a6fb45e80195f26723c49d34df990d09256b
33c4d08388d6d96ef7d9686c87b96813db25b70791ae1fc620e7120f49d0aec3
34ea8f98b482479fd19b39a179f65f98b2e3bac966c103f9f08da20f2acf7859
36f22ebfd62a55586c17e3818117aac31127d3ceacd8b3944eca3fe0c405cbaf
377885e3a518aafb3bc278e2ef13de8218503f368a9e5ffa993843fa33a6dd1f
3aaf587e86c0fa9e8e18d4613bc79cb5315b8078158a146dca7312301921671f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dc1713b89ed18a2ac12d6260a2ff4ae5b9c13b74736cc9ac1f4ad1c3e92028d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f42ebfcc1957008b48c76e3054dc3deb641f56f36a0d56320be5b7b5eea5169
3f4fdb6acc793049730e206b335b3382bf3fd7551fd589610ae3ba8e5476a983
3f8fd05efca598d41447a3afcfee85792a9014313ab58ee665c84debee29dcff
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40dcbd96862d4e31a6bf6050530bd2224408a956764762f88e2ab2de10d8517a
41351041d1088d7ac82034138d644e3e53f9d15ba838e19d792260a59d5d152e
41a293ee2e64aa6bbff0bd827041b362b45c91833b96fb41be73fe0b8a1ed82a
4318e5941775a57d8dde5791a50e868b695af30aa84f4f1b72855f59a4c7c08c
43e0ac063e44313daee4460ac28af705b3761be8411c1736107f6fa4a918b15d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446a11f652a238799143d22dd87a255ad9d0cb087d16df3713ca3f85ce08609e
458296406a6b63acbfd773ffe9ebbdd340db99afd4be22cbb1462e42c4bc72c3
46707e53efd4b9b3275f36612378a292b40dee64681f7716a7b5925d18bbf24f
46bda3c1291a78f42c0dba752139e9e2cc0e8a6298322332ddfe4a13f8ab6750
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
490bcddc05b4c45555d4ffd949f14f793a5adcacf5f360f35c83244b7aed8d01
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
494e3dc6a4f1f8dd54ab4fc18bf30d1115474c307e940999e48442de79d52b58
498aa1452a539a07a3e24a1a32cd0b28e7fe0810f06c5dd5d5980d205c270685
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c23865d180f804df030e56f4d06adfdbefc2e8720b8553596036387e23ab9b2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e144ff1e360d13a844857beacf6f2f08e985b043d43ff2fb6df197489288a8c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e64629de25349b4a706a8c0c652ff6d4776aa3251a9ab6c7a910531a2adcee
513a61cafacf9f95761a4466fd4fbca1bef41cb2df4ba57a908c05cc297bb2a4
5386e2d36f0e037aa5174c444f63538df0f7c155f2d520426ab4121233160916
56766cebd19e526d59965412d4744818753abe2b9030407f0580eeaf029fff33
57a92139059365f69012d412532e32dff7e6a2e61b921e1ff75412b538c2983a
58a5b43acbbb92f70e045fd526733f71e2d9328a325140a2e93489398ca1f302
58f81d82b4bba9824aa6f904e9743531c852f8856d29893dc7295ea46f8d77f9
5af432533decd3960400beccbce92d5aa36d5f2f12f7e20f866b2c633f7e85c9
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5d4fce442637408514d95cec9c7509ce7f1970f9a89440460ae274d20f972d30
5e8cede88fb681a06f24249db02959157539bfd1c2b7d328b4e11a8667c6ab02
5fec738b2de90d8b47d7ec5f46d69380f261091c897e9e91057a3a4ff34d6855
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60c26a989f53c09c99fd826d57163966d02f8ee5b0323daca0af62a754a892b4
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65aa946829133f2163ed351882e770c0e7651c8c95fac3c53aa78e02a938b7ca
65f3912b35fa4ccd6ace1f5ba2de792b6862a59a81f39d6179ce6ad0f5e8d081
66d171eac3ab5190b2f57fd70164aa357235d5847524d456fb2881edcf6918de
699026b91a77b260ef9284e6fd5caf31f41d589ccb4297701f5291e7457b6818
69fe8812c398d20582b7982917b6fc110d906e16f427c4eb021c64d5f30711af
6b0e235974b8f97a84ccd49544545d349bd1c0b3f10cdeb427bacbe7ca4cb800
6b26263e492d4334076354b0db27917b73fdf99ca6f24ecb267ddca57a40138b
6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff
6c2ed44aebff03950a3d4d6c072af4606092c735784617145c3723bc7be860a3
6cad1e3bce485d80b4fd9e50d27d4270dfb6d1b15223caf0884ab94efb60edcb
7122de322879a654121ea250aeac94bd9993f914909f786c98988adbd0a25d5d
7304fd965af419c2561eea3e5c629cf653bf1db54396c4e65258dacfa1d922e0
73073ed7160406dcfbe826dcabd7ec807cf2aa72afe0303424f518767120cf2e
7371a25940b0f55b8e0e4104d0cda46192761954555584ac55e840b69f95cb1c
74481240ddfa62248e49d4a88391fb6ebbfb5879a1dd8e28802f0b0d437ca297
7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41
755930b0da9d28feb21b9e2368bab9def9ecbf419acb54f8cee12eefa3dbacad
758af6526a26c5285930a476e7b56ff77ed15e4e71c5bafca08d069136347d52
75f8629fbb025e8341b10cbbc4f1a4dae17c9ae7b652af95176ad18037e248f1
76110dba7168535af8b2c5c28c0697a1c35d45d16fc0013292b43e870b5ea029
76d96ef49975881812fe74a15031f8f1c7e340f3b3a443ad341cb4c631f0dce9
77c7874123047e7aeee19e9443d8bd20925d5fb1e59226d6a9a0b9c21cb04572
788ec3775a3f9f16d7bd6fa520afe2618445b50fb5518f3bbf6e07fae57c61b9
80d46fe33cd75ba6f4c930946bdffb29860cb1114e6ad9b2151e63beb8f2a53b
81f4773e993b23de27dbeb6551b81df92b78f0728312fe246329bfcb34d99327
82228b8d5b432fc4435e5e1ce58411bfb13eb9de82978f377add97a7aba3bcd5
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
861863efea730de9c6579f4c9e0bb27d43e8bedda2b01e042d063f332703bcdd
86df2995ec016dabe1a9f14014e0343e13415ad4b3f5fec54c80ac3dd3604cf1
86e2cec61725378e8debf1606ecaa4f89b8299ecebbc851cd4ecc9694356f041
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c81f9ffd8ec55cb125605458d2e05edbc392df31eccb74a96e02342d57d70e3
8d0f28dd05cfc19c97e6194fd329ab8df8683292bf11c71baf9bb5e1900f9a39
8d65e0797e99897c56cbae42fd3a5a471da6abc607332bca61decc387fe4b8b0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d82e852258ebd5aa9ff54537665e21ff895ce88e28c649194205c5f22ba234a
8dcf0756d0be0420a4c29b76e18f620b54542d15e3e912f095a5d1a22821004c
8e210b05ab927f220ac2b2e16d986a5614d7d5c9c6026f134cb424fb1bf19c5f
8e2bd46c24371461d74e358678ce7946839bae86e11e0764d4886db0e9ee7bf5
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
90be81d47338de9c75bddaa23f5f9e94b3937103d0711990b8427c92a70f308c
912c59e8d2f7d32f37aa58e5dd4394f02fd88056f8c56d24bc080c6c48265b32
95c3303327395d4bc9fac04766611b5b154fff4fd2c88c244167b33521a0ff1c
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96d57f7dd7e3b7587f784ad03d44edd105c55741fac607ebaa0a04c0516f0787
97ad71987ea99c33386d7518b7ff561c7b178fbaceb42190a757703e2793c4e3
992564f1bcfe51937d23e7568089aa84e71aadb2e0944814a52ea887116ffb36
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b249214c0471232baaa435d8ab9697c6e3d40d3c6e393f84fc8006de53c62d7
9c35c9853ea99d94357966d697ae8e434f52f06ebdec142f0482d57dcbbef91f
9c61921a00e313f2a5e7bc7740a7af63fa5a5f5a28485261a0ca64543fbb704e
9cb948b81642df006808c41aa350532f67aa1200f51f006544c2c2ca8746cbb6
9d6900ae0c2e0f71924e242fca587ef37bd30b8e02b126f5f5a43259e7022924
9e07a97beca1bea7a77a1e3e1cb2dbd907ef4785dd18d1620d576226e6bf7719
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a26fc5b38380272c92e9019a2eb8b45542a66814b3e2b203772db8904b9fb99f
a43f4a6446508a64cb40e3134fdf65061193ec05f230fcf783dd86d62c9de3bd
a4821ce434a205521d97f3183a539f1faf2f9f089f887bb4fcfedc1b9c8b345c
a539c51289211b07d01dcce3331064f3d0dce9ba8c8a2bdcb6eec658d7aacf1d
a6a80dc73db1fe1429738c0897d6201a499fb015e7cd8cbe41119bf4cbed06ca
a85a0fdd19dd778f589da6f44b3db2a98ba3b5e0d729789144fa9cd9c4633099
a8a2154f4829cd2305592565fae2a9d8e90734bee6f956d908d4d49fcc0989a1
a9084c7dfc27796dc45dc373cb4a31665c6671d4bfc996756b32d7160dda79aa
a921bd4a3b16bb414ae0d2c5b21d8771c850fa5c93bd7c351594928139bc5918
a9777f5d1cddd35cbc93c643b6f1c393ec9830c3559de0a51b6a5c1410483679
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7c755dbdbd82dae6946f666c012555632c9d906ba69e1de091e1616672a79c
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
ac51679a51565976c4a80cb3d2514ea070737f631d60614407c74e2c3e3982e9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae165024bd0e8bd54728e4400d609b2d30f151059427f3dfbebf716082cc12ad
afaa6abf424b31172f2c88864e2e3059b547b08a80b81a481efff1b94fea7f65
b0202b723d3d8557e0eaa30a18226f23d42d6a5abd9c8a88b2c1d3869972aa12
b0461211f1a898af3e392c03e87f79557be72677891099fd72b6300947ecf620
b090e9dffaca346cc36a0b210ed773cfd21918e1222dfb2fbb6a0f7c8cfe3190
b0f7332988ac4e7c5356c2477e1a2ca05b562be9d3bb8cb5ce46e156bd66e700
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2924db2bdfef25307e5c19b23527515c0bdd1199d2404de4c1679e7fc892c20
b2ce8462d173fc92b60f98701f45443710e423af1b11525a762008ff2c1a0204
b3408a1b744ce1351e9554b861c45480f39e54c059f3b11f4e77f9f13564ba4f
b4272b706822e1d90495302524634f56c8918540c7e7873419372f2c5123faa8
b4853c7f3a1893a8b0eed88a2364823234dececc963b9c64f98c81ebcaf5e7ce
b4f557e963a5d417bb85a548218a5a908c3bedb160058c3df42c92d5dcf26bc4
b59f80261f2438879cc976c65abba14549c02b679ddeaf0ef01d81cba1750b9e
b5e3415e5922ed8a878375841586d9c9b43ad80d80592b4bfa0b6a56013401a5
b6462fed18a4eb0f5f81ef72bdd0a61fb990166368e980a0f49f0306a425b5fb
b6e7ab26940e703374e9b998dc37c1f84aab736f1e8f01ff643f225874259cb4
b91345aef4f031f448a1b0ebe958efce0b9e0d5b1f871524ff37ee2e7284efe2
b9c65df1df73a1ad15251333de72874d2d3ec17d12ecddf904a812746d9e18fb
ba02696d56ebed69ea5a4cca1ab2934c744d01b7052c91728caad1d25c45b5a6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb39787d42d16bed2e28e072e0d372639e127d9cc9333859f8661ad26b968768
bc77ae02c87baa4bce9c51e00962bfd98d6e58bb58cb65179d53c5a0dd3af0e5
be8f3bbf69c27a7aa24528e97090ff0e16c79a565b995e2c4601165ed744427d
c07ffbb18d8db65724192f8986f21516d3cdced57827a11bd4c94956aedcaadb
c0cafd570fa040d73f9f001e507a311996c5c8c4af794655260f7017da4287f5
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c1a84b027dcc7428e5e35dafe8540b1d4c432dbc29c1921c5aa03f0ec3c5800b
c1ad358a79a0c93355409816a769a2033035ff756a541904e6ef44da15e3456d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c366478fce0563163e9f4162e2ad33a64d91795dcb98f963e492322faca62969
c3cc00dba6427450ca398d496b6d4d5ae385c893d1470754f1fba733c2a54d04
c6b165b133c62b968cc7919c29ea86cb59affb23b467cd34d9178c4915ade748
c79831d809c25cd6e16f0484f07797112717213d2b7335a1edfcf386d2aa7397
c815be0139a92202ff8f262cc335f6ae103594bb1d92c1c479ed604adf384a16
c957adaf4326a8636ad68fc78acb194b96b34bbeba09daf6b36c74975ac37d21
ca3db5806ed49d918b7b106508d7800303a86418066f34de1752d8a154b94c6a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce565175b007ef13b3c9b4fcf82d5f9c66b71d81e4b79cfae4412b6f20bea4e5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff03603fb64285e200197b56d6b961c5d5b7a9da579e4336233632c237c4557
d0b610807fcb88b0d9a053ddc8f985f9eb4a472a8fc3ee3716a823b6c1c721f7
d0d9cd9d8b63983df144296a348ea04571d900006a535200beb50095a1003d8b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1adbe375408e8f71e3b625e432e5a700f9adc4bf75ec475862314390d85c36c
d1ccf23fae05fb95f79911092af74bd2fe3cc87a0896f68083b35b467c78b0b4
d1ee513b6bc0ce6af33fe601376c14fff51c246c063a58941e27a04345faa349
d7581f9dc93b034dd6c9b51f10b588472ced523102fdf8ab4720d2a1aeedd0df
d8b61db9fedc4018e3a7c24488090f4589c350e079bd7b45b7d732d7eac29d67
d92f9463e3b01fca3992d546b9abba43398e36cf9b4a3c369d7ebacf72cd068a
d9b15dacf583dc7f3b0169ecc3445ae2dbfde625d847f49aa6d25f6b73e7f733
da0928dea4976dc15ee6f8254af7fddc94da6b234e0eb8f0814f61f512452366
daf5bad3dcc900f04fd01e71a81d641586ed61097ed67ed35caaa821d885e7ac
dea8c236c93cf26c8ffa686286fa27b7629d7499aec11700dec5f854c58547c4
df1d0f03aa591b124fa37a5ad7978997cf073dbf5a03fb73b7146afdc2429161
dfaa7ecbb1c9cbe74f4bed2316ed3f72f8dfb1ad8f76ae67b0a99500fb5c6f1e
e35bc645e327b528c90833ba64f9e8266cf3fec4df23929631aa0f6b268b9a1c
e38335b8da3a11b4a278e7572f99a3990da81b9764b7526bd7b69ec0c6a57c84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f7be5517f0d501a6daed471a13fda382ac9d8b97f5cb6cce24e8a4f7b4c537
e8422161173516e21eec877c07d8bdbf387244b36a073e33a5b270cbdd87161d
eb1a6b8c2beb495046dae0e5722e319786ab78d9a5d75b00dfa1050cbea829b8
ec0482f2ac15dbcb74a934e396d5036563815032ecb87de9b7ed31dbabd88632
ec996d214262151b207e0d0d32b5164293a789bbe27961da9c232d9e5ecaf097
ee441245ef85f538030acf5e534d1cf2664c18289cec8cc0d84656ffb0e0a95d
eec4bd4d74c43ebdf1d97f8cf97c6095f0f9a33315c00b969774f6c1ed1a0979
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02c6cf687023950741438f056d29eb251863744af0f2cad65d59e5f25ecb5ea
f04cd2e360bbe2739a3e7ade5030ef5efbf156747df977faded2e2f5ded36817
f0ee76d95cb00664fb2bdbf59c4cddb3b9d32105cf1f47f55862928db6275dc4
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f4013fc8c3351673b73d7c7fb6a730b40019ca8345eba0b4c99e9c03b39a4c39
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f56a880e742e4d70e3a2f9d9464b17ae20f90489bce617a674db77220e22018d
f6248573434a6b4f50dbfe3166d5892c7e62ee1296a2328d50006fe88510cecf
f627478c6e4ac9815268c380654eaa3c80a5beef646a7b96d36baa5002649335
f644111d79c25160befe025154fc7d8edb57ebcda35b0a2df2c413405a408d2b
f71c8584d8622b3c3e7993e9fba61c851b359be9e1d39b51353e570be1788137
f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370
f84ed511d15151448ad5677b9278e5d8000a65ef98be3c97c4ff0515ec29a827
f90332ac810baaadc5e1858f6d5086c455cd85bc291060ae11dab7d8005a1e67
fa5520af6e2f84cb687fc383235acee510bf02b480483e8b0ea6ec826cc6c267
fa5da7bb5eeb81b4bcab30bf4f2cbae2586bdcc5aff2ef8b7ac2ba2513be511e
faed7feea3c6339f73296e2f975296d75754c2542432492e1c603a0b1f81b9eb
faf6e5eba2aa8af5a8d630efa1b82ef0564932ee94e95a2633f7410078d13869
fbe4c60f8637e27be5d5c4e3d723b723ccf3fddacd2593d672abf68dc05be9f5
fc507db953ff6b75a3e35f820469555662fa0e86112512cdea75f42617ffb565
fef025a1181d4fecf51768dcb1b5fafabc7784d84fb9199bc6e9c6090812323c