hxxp://we[.]tl/t-ZRlwhHea1p

max time kernel
67s
max time network
73s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
19/10/2022, 05:34 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://we.tl/t-ZRlwhHea1p

Score

8^/10

persistence

Malware Config

Signatures

Downloads MZ/PE file

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000\Software\Microsoft\Windows\CurrentVersion\Run	msedge.exe

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\c111f85a-4c34-46be-badd-caafdff20456.tmp	setup.exe
File opened for modification	C:\Program Files (x86)\Microsoft\Edge\Application\SetupMetrics\20221019053511.pma	setup.exe

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	msedge.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	msedge.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	msedge.exe

Modifies registry class 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-929662420-1054238289-2961194603-1000_Classes\Local Settings	powershell.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\	msedge.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
4904	powershell.exe
4904	powershell.exe
3856	msedge.exe
3856	msedge.exe
2984	msedge.exe
2984	msedge.exe
1604	identity_helper.exe
1604	identity_helper.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 10 IoCs

pid	Process
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4904	powershell.exe

Suspicious use of FindShellTrayWindow 6 IoCs

pid	Process
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe
2984	msedge.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2984 wrote to memory of 4656	2984	msedge.exe	85
PID 2984 wrote to memory of 4656	2984	msedge.exe	85
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 1620	2984	msedge.exe	88
PID 2984 wrote to memory of 3856	2984	msedge.exe	89
PID 2984 wrote to memory of 3856	2984	msedge.exe	89
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91
PID 2984 wrote to memory of 3344	2984	msedge.exe	91

C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
powershell start shell:Appsfolder\Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge http://we.tl/t-ZRlwhHea1p
1⤵
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
PID:4904

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --edge-redirect=Windows.Launch http://we.tl/t-ZRlwhHea1p
1⤵
- Adds Run key to start application
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of WriteProcessMemory
PID:2984
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdae2246f8,0x7ffdae224708,0x7ffdae224718
  2⤵
  PID:4656
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2176 /prefetch:2
  2⤵
  PID:1620
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3856
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8
  2⤵
  PID:3344
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3612 /prefetch:1
  2⤵
  PID:4532
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3580 /prefetch:1
  2⤵
  PID:912
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5288 /prefetch:8
  2⤵
  PID:1724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5300 /prefetch:1
  2⤵
  PID:1276
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2228 /prefetch:1
  2⤵
  PID:3680
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5580 /prefetch:1
  2⤵
  PID:2604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5784 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6116 /prefetch:1
  2⤵
  PID:3728
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6012 /prefetch:1
  2⤵
  PID:4800
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6276 /prefetch:8
  2⤵
  PID:4948
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4064 /prefetch:1
  2⤵
  PID:1840
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6724 /prefetch:1
  2⤵
  PID:1656
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6352 /prefetch:8
  2⤵
  PID:792
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --force-configure-user-settings
  2⤵
  - Drops file in Program Files directory
  PID:2136
- - C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\MsEdgeCrashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\Installer\setup.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x228,0x22c,0x230,0x204,0x234,0x7ff62ff05460,0x7ff62ff05470,0x7ff62ff05480
    3⤵
    PID:4652
- C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6352 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1604
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5764 /prefetch:8
  2⤵
  PID:5500
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,17294433136310691540,190635675798568713,131072 --disable-gpu-compositing --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2572 /prefetch:1
  2⤵
  PID:5516

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3544

Network

DNS

nav.smartscreen.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

nav.smartscreen.microsoft.com

IN A

Response

nav.smartscreen.microsoft.com

IN CNAME

wd-prod-ss.trafficmanager.net

wd-prod-ss.trafficmanager.net

IN CNAME

wd-prod-ss-eu-west-2-fe.westeurope.cloudapp.azure.com

wd-prod-ss-eu-west-2-fe.westeurope.cloudapp.azure.com

IN A

20.86.249.62
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/actions

msedge.exe

Remote address:

20.86.249.62:443

Request

POST /api/browser/edge/actions HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiOWQxc25uMVBVZVE9Iiwia2V5IjoibDc4OGpHNWVTVWlmaXJZUXdSY3R5dz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1272
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Cache-Control: max-age=0, private
Content-Length: 3898
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Wed, 19 Oct 2022 05:34:58 GMT
Connection: close
DNS

smartscreen-prod.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

smartscreen-prod.microsoft.com

IN A

Response

smartscreen-prod.microsoft.com

IN CNAME

wd-prod-ss.trafficmanager.net

wd-prod-ss.trafficmanager.net

IN CNAME

wd-prod-ss-eu-north-2-fe.northeurope.cloudapp.azure.com

wd-prod-ss-eu-north-2-fe.northeurope.cloudapp.azure.com

IN A

20.82.250.189
GET

https://smartscreen-prod.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.19041.1288.vb_release

msedge.exe

Remote address:

20.82.250.189:443

Request

GET /windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.19041.1288.vb_release HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "636976985063396749.rel.v2"
User-Agent: SmartScreen/281479409565696
Host: smartscreen-prod.microsoft.com

Response

HTTP/1.1 200 OK

Cache-Control: max-age=86400
Content-Length: 4828
Content-Type: application/octet-stream
ETag: "638017543658282055"
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,EnableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4
Date: Wed, 19 Oct 2022 05:34:58 GMT
Connection: close
POST

https://smartscreen-prod.microsoft.com/api/browser/edge/data/settings

msedge.exe

Remote address:

20.82.250.189:443

Request

POST /api/browser/edge/data/settings HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiOWQxc25uMVBVZVE9Iiwia2V5IjoibDc4OGpHNWVTVWlmaXJZUXdSY3R5dz09In0=
If-None-Match: "2.0-0"
User-Agent: SmartScreen/281479409565696
Content-Length: 1272
Host: smartscreen-prod.microsoft.com

Response

HTTP/1.1 200 OK

Content-Length: 129085
Content-Type: application/octet-stream
ETag: "2.0-2f9188b68640dbf72295f9083a21d674a314721ef06f82db281cbcb052ff8ec1"
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Wed, 19 Oct 2022 05:34:58 GMT
Connection: close
GET

https://smartscreen-prod.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19041.1288.vb_release&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D

msedge.exe

Remote address:

20.82.250.189:443

Request

GET /windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19041.1288.vb_release&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D HTTP/1.1
Connection: Keep-Alive
Accept: application/x-patch-bsdiff, application/octet-stream
Authorization: SmartScreenPlain eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQifQ==
If-None-Match: "170540185939602997400506234197983529371"
User-Agent: SmartScreen/281479409565696
Host: smartscreen-prod.microsoft.com

Response

HTTP/1.1 200 OK

Cache-Control: max-age=86400
Content-Length: 460992
Content-Type: application/octet-stream
ETag: "638004170464094982"
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,EnableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,IsNpPIOverrideBlockEnabled,ListApiE5V2Enabled,NpSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,TopTrafficV2Enabled,UpdateOnMissingEtagEnabled,UpdateSigningCert,UpdateSigningCertForRS3RS4
Date: Wed, 19 Oct 2022 05:34:58 GMT
Connection: close
DNS

we.tl

msedge.exe

Remote address:

8.8.8.8:53

Request

we.tl

IN A

Response

we.tl

IN A

13.227.219.61

we.tl

IN A

13.227.219.6

we.tl

IN A

13.227.219.91

we.tl

IN A

13.227.219.126
GET

http://we.tl/t-ZRlwhHea1p

msedge.exe

Remote address:

13.227.219.61:80

Request

GET /t-ZRlwhHea1p HTTP/1.1
Host: we.tl
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: CloudFront
Date: Wed, 19 Oct 2022 05:35:00 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://we.tl/t-ZRlwhHea1p
X-Cache: Redirect from cloudfront
Via: 1.1 4b3bed207ec72204ebc89ae818e573ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: TlKyFjiYyJubg_XA7waWqJNFY4ppe_6r1wYEQ2hf036reiCB_rh-Lg==
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

msedge.exe

Remote address:

20.86.249.62:443

Request

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoic1FHNFVia1lLcjA9Iiwia2V5IjoiUFhlNXd3a3FNT21tMWt3WXJaOWZuUT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1692
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Cache-Control: max-age=0, private
Content-Length: 822
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Wed, 19 Oct 2022 05:34:59 GMT
Connection: close
GET

https://we.tl/t-ZRlwhHea1p

msedge.exe

Remote address:

13.227.219.61:443

Request

GET /t-ZRlwhHea1p HTTP/1.1
Host: we.tl
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Moved Temporarily

Content-Type: text/html;charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: public, max-age=3600
Date: Wed, 19 Oct 2022 04:53:51 GMT
Expires: Wed, 19 Oct 2022 05:53:51 GMT
Location: https://wetransfer.com/downloads/c24de51f882b1e76d03d5e5f15ce072c20221018174440/065093
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Request-Id: 8305871084b134f2c91d36763f68aead
X-XSS-Protection: 1; mode=block
X-Cache: Hit from cloudfront
Via: 1.1 1d1fb1f8e5e923ef7208b5a427d25d5c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
X-Amz-Cf-Id: LA3KXgY8fT3ptdfGlglCSjje5HoegZUBUcVkVG4oAm_8w7j9hi8iBw==
Age: 2468
DNS

wetransfer.com

msedge.exe

Remote address:

8.8.8.8:53

Request

wetransfer.com

IN A

Response

wetransfer.com

IN A

54.76.5.250

wetransfer.com

IN A

52.19.192.62

wetransfer.com

IN A

52.215.133.188

wetransfer.com

IN A

52.30.76.28

wetransfer.com

IN A

34.246.36.98

wetransfer.com

IN A

52.211.90.36
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

msedge.exe

Remote address:

20.86.249.62:443

Request

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiQkFwVG5pMVFKMG89Iiwia2V5Ijoic3d5OW15bEJBazB3Y1RVYVBjMFZVdz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 1842
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Cache-Control: max-age=0, private
Content-Length: 894
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Wed, 19 Oct 2022 05:35:00 GMT
Connection: close
DNS

prod-cdn.wetransfer.net

msedge.exe

Remote address:

8.8.8.8:53

Request

prod-cdn.wetransfer.net

IN A

Response

prod-cdn.wetransfer.net

IN A

52.222.139.73

prod-cdn.wetransfer.net

IN A

52.222.139.28

prod-cdn.wetransfer.net

IN A

52.222.139.48

prod-cdn.wetransfer.net

IN A

52.222.139.123
DNS

wtplus.wetransfer.com

msedge.exe

Remote address:

8.8.8.8:53

Request

wtplus.wetransfer.com

IN A

Response

wtplus.wetransfer.com

IN A

34.240.180.53

wtplus.wetransfer.com

IN A

34.246.8.173
DNS

backgrounds.wetransfer.net

msedge.exe

Remote address:

8.8.8.8:53

Request

backgrounds.wetransfer.net

IN A

Response

backgrounds.wetransfer.net

IN A

13.227.219.79

backgrounds.wetransfer.net

IN A

13.227.219.41

backgrounds.wetransfer.net

IN A

13.227.219.80

backgrounds.wetransfer.net

IN A

13.227.219.49
DNS

nolan.wetransfer.net

msedge.exe

Remote address:

8.8.8.8:53

Request

nolan.wetransfer.net

IN A

Response

nolan.wetransfer.net

IN A

13.227.219.37

nolan.wetransfer.net

IN A

13.227.219.68

nolan.wetransfer.net

IN A

13.227.219.71

nolan.wetransfer.net

IN A

13.227.219.19
DNS

e-10220.adzerk.net

msedge.exe

Remote address:

8.8.8.8:53

Request

e-10220.adzerk.net

IN A

Response

e-10220.adzerk.net

IN CNAME

e-10220-us-east-1.adzerk.net

e-10220-us-east-1.adzerk.net

IN CNAME

e-prod-alb-default-us-east-1.adzerk.net

e-prod-alb-default-us-east-1.adzerk.net

IN A

174.129.146.50

e-prod-alb-default-us-east-1.adzerk.net

IN A

54.237.203.202

e-prod-alb-default-us-east-1.adzerk.net

IN A

52.20.162.165

e-prod-alb-default-us-east-1.adzerk.net

IN A

34.198.171.58

e-prod-alb-default-us-east-1.adzerk.net

IN A

3.219.151.166

e-prod-alb-default-us-east-1.adzerk.net

IN A

54.82.184.245

e-prod-alb-default-us-east-1.adzerk.net

IN A

34.199.140.62

e-prod-alb-default-us-east-1.adzerk.net

IN A

34.237.251.116
DNS

assets.wetransfer.net

msedge.exe

Remote address:

8.8.8.8:53

Request

assets.wetransfer.net

IN A

Response

assets.wetransfer.net

IN A

13.227.219.51

assets.wetransfer.net

IN A

13.227.219.38

assets.wetransfer.net

IN A

13.227.219.17

assets.wetransfer.net

IN A

13.227.219.7
DNS

wetransferbackgrounds-eu.s3.amazonaws.com

msedge.exe

Remote address:

8.8.8.8:53

Request

wetransferbackgrounds-eu.s3.amazonaws.com

IN A

Response

wetransferbackgrounds-eu.s3.amazonaws.com

IN CNAME

s3-3-w.amazonaws.com

s3-3-w.amazonaws.com

IN A

52.218.104.73
DNS

tag.wetransfer.com

msedge.exe

Remote address:

8.8.8.8:53

Request

tag.wetransfer.com

IN A

Response

tag.wetransfer.com

IN A

216.239.34.21

tag.wetransfer.com

IN A

216.239.32.21

tag.wetransfer.com

IN A

216.239.38.21

tag.wetransfer.com

IN A

216.239.36.21
GET

https://tag.wetransfer.com/gtm.js?id=GTM-NS54WBW

msedge.exe

Remote address:

216.239.34.21:443

Request

GET /gtm.js?id=GTM-NS54WBW HTTP/2.0
host: tag.wetransfer.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _wt_snowplowid.0497=23e7ab20-ca17-43f0-a102-7873310ab1c5.1666157701.0.1666157701.
GET

https://tag.wetransfer.com/gtag/js?id=G-0M019DTWVR&l=dataLayer&cx=c&sign=23a8b47cc4c80285da16b8db0a75188fb33c914459fd7200d6a6938c69dc1150_20221019

msedge.exe

Remote address:

216.239.34.21:443

Request

GET /gtag/js?id=G-0M019DTWVR&l=dataLayer&cx=c&sign=23a8b47cc4c80285da16b8db0a75188fb33c914459fd7200d6a6938c69dc1150_20221019 HTTP/2.0
host: tag.wetransfer.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _wt_snowplowid.0497=23e7ab20-ca17-43f0-a102-7873310ab1c5.1666157701.0.1666157701.
cookie: auth_session_uuid=aaa799b4-dd03-4828-bbb3-55c2404f4e78
cookie: _gcl_au=1.1.1715253222.1666157702
GET

https://tag.wetransfer.com/g/collect?v=2&tid=G-0M019DTWVR&gtm=2reah0&_p=1047025375&cid=1062815885.1666157703&ul=en-us&_fplc=0&_rdi=1&_geo=1&_s=1&sid=1666157702&sct=1&seg=0&dl=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_info=GTM-NS54WBW%7Cversion%3A20%7Cenvironment%3ALive%7Cdebug%3Afalse&ep.consent_analytics=true&ep.consent_marketing=true&ep.hit_timestamp_local=2022-10-19T05%3A35%3A02.023%2B00%3A00&epn.hit_timestamp_unix=1666157702023&ep.tag_name=GA4%20-%20page_view&ep.event_id=1666157700522-1-55c2404f4e78&ep.test_event_code=TEST70911&up._npa=1&richsstsse

msedge.exe

Remote address:

216.239.34.21:443

Request

GET /g/collect?v=2&tid=G-0M019DTWVR&gtm=2reah0&_p=1047025375&cid=1062815885.1666157703&ul=en-us&_fplc=0&_rdi=1&_geo=1&_s=1&sid=1666157702&sct=1&seg=0&dl=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_info=GTM-NS54WBW%7Cversion%3A20%7Cenvironment%3ALive%7Cdebug%3Afalse&ep.consent_analytics=true&ep.consent_marketing=true&ep.hit_timestamp_local=2022-10-19T05%3A35%3A02.023%2B00%3A00&epn.hit_timestamp_unix=1666157702023&ep.tag_name=GA4%20-%20page_view&ep.event_id=1666157700522-1-55c2404f4e78&ep.test_event_code=TEST70911&up._npa=1&richsstsse HTTP/2.0
host: tag.wetransfer.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://wetransfer.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _wt_snowplowid.0497=23e7ab20-ca17-43f0-a102-7873310ab1c5.1666157701.0.1666157701.
cookie: auth_session_uuid=aaa799b4-dd03-4828-bbb3-55c2404f4e78
cookie: _gcl_au=1.1.1715253222.1666157702
cookie: _uetsid=c76c0c204f6f11edabc389675951f726
cookie: _uetvid=c76c89e04f6f11edb82fb36f8fa27aa6
cookie: _ga_0M019DTWVR=GS1.1.1666157702.1.0.1666157702.0.0.0
cookie: _ga=GA1.1.1062815885.1666157703
POST

https://tag.wetransfer.com/g/collect?v=2&tid=G-0M019DTWVR&gtm=2reah0&_p=1047025375&cid=1062815885.1666157703&ul=en-us&_rdi=1&_geo=1&_s=2&sid=1666157702&sct=1&seg=1&dl=https%3A%2F%2Fwetransfer.com%2F&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&en=page_view&ep.gtm_info=GTM-NS54WBW%7Cversion%3A20%7Cenvironment%3ALive%7Cdebug%3Afalse&ep.consent_analytics=true&ep.consent_marketing=true&ep.hit_timestamp_local=2022-10-19T05%3A36%3A00.524%2B00%3A00&epn.hit_timestamp_unix=1666157760524&ep.tag_name=GA4%20-%20page_view&ep.event_id=1666157700524-53-55c2404f4e78&ep.test_event_code=TEST70911&_et=18747

msedge.exe

Remote address:

216.239.34.21:443

Request

POST /g/collect?v=2&tid=G-0M019DTWVR&gtm=2reah0&_p=1047025375&cid=1062815885.1666157703&ul=en-us&_rdi=1&_geo=1&_s=2&sid=1666157702&sct=1&seg=1&dl=https%3A%2F%2Fwetransfer.com%2F&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&en=page_view&ep.gtm_info=GTM-NS54WBW%7Cversion%3A20%7Cenvironment%3ALive%7Cdebug%3Afalse&ep.consent_analytics=true&ep.consent_marketing=true&ep.hit_timestamp_local=2022-10-19T05%3A36%3A00.524%2B00%3A00&epn.hit_timestamp_unix=1666157760524&ep.tag_name=GA4%20-%20page_view&ep.event_id=1666157700524-53-55c2404f4e78&ep.test_event_code=TEST70911&_et=18747 HTTP/2.0
host: tag.wetransfer.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://wetransfer.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: auth_session_uuid=aaa799b4-dd03-4828-bbb3-55c2404f4e78
cookie: _gcl_au=1.1.1715253222.1666157702
cookie: _fbp=fb.1.1666157702782.1205250954
cookie: _au_1d=AU1D-0100-001666157703-ASM480KZ-DT3K
cookie: FPLC=zz9lGVLq2%2B%2Bgbo48e%2BzaFtz8YesV9vUvYEnaMTAOt2%2BiCB6l5xidShKEQnezqxdngZPl9na5K%2Fc%2FQ9x%2Bu30TQOvYSeg7GlZau3pZewj6uiYrgMA4HG4VTAlZbKncYw%3D%3D
cookie: FPID=FPID2.2.%2B4%2FxZU3z0HhfagvNmSXvIJwzADS8WPeonhwy%2FDBNlYc%3D.1666157703
cookie: _au_last_seen_pixels=eyJhcG4iOjE2NjYxNTc3MDMsInR0ZCI6MTY2NjE1NzcwMywicHViIjoxNjY2MTU3NzAzLCJhZHgiOjE2NjYxNTc3MDMsImdvbyI6MTY2NjE1NzcwMywiYmVlcyI6MTY2NjE1NzcwMywic21hcnQiOjE2NjYxNTc3MDMsInNvbiI6MTY2NjE1NzcwMywiYWRvIjoxNjY2MTU3NzAzLCJ0YWJvb2xhIjoxNjY2MTU3NzAzfQ==
cookie: _rdt_uuid=1666157703112.050e5868-cb92-47e7-93dc-7bb9d57198b7
cookie: _ga=GA1.2.1062815885.1666157703
cookie: _gid=GA1.2.2017078956.1666157703
cookie: _gat_UA-11792855-4=1
cookie: _wt_snowplowses.0497=*
cookie: sp=6813046d-2d81-4d8d-b807-4715c71ac564
cookie: _tt_enable_cookie=1
cookie: _ttp=096a41be-87a1-4987-9b08-63a08a136f90
cookie: _au_last_seen_iab_tcf=1666157704275
cookie: _clck=r6ze41|1|f5u|0
cookie: _clsk=1x19yxz|1666157705059|1|0|d.clarity.ms/collect
cookie: _uetsid=c76c0c204f6f11edabc389675951f726
cookie: _uetvid=c76c89e04f6f11edb82fb36f8fa27aa6
cookie: wt_tandc=20190527%3A1
cookie: wt_downloaded=1
cookie: _wt_snowplowid.0497=23e7ab20-ca17-43f0-a102-7873310ab1c5.1666157701.1.1666157760.1666157701.940ad5fb-0a40-4606-9681-aadab1625033
cookie: amp_874b77=5ccd1595-d901-4c5c-960c-6cf25de853a5...1gfnbpsd8.1gfnbrjpn.l.1.m
cookie: _ga_0M019DTWVR=GS1.1.1666157702.1.1.1666157761.0.0.0
DNS

cdnjs.cloudflare.com

msedge.exe

Remote address:

8.8.8.8:53

Request

cdnjs.cloudflare.com

IN A

Response

cdnjs.cloudflare.com

IN A

104.17.25.14

cdnjs.cloudflare.com

IN A

104.17.24.14
GET

https://cdnjs.cloudflare.com/ajax/libs/snowplow/2.17.3/sp.js

msedge.exe

Remote address:

104.17.25.14:443

Request

GET /ajax/libs/snowplow/2.17.3/sp.js HTTP/2.0
host: cdnjs.cloudflare.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 23792
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "602c4cbd-1359f"
last-modified: Tue, 16 Feb 2021 22:52:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2965226
expires: Mon, 09 Oct 2023 05:35:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwKacuq857g25R3OFLKXkWyxl2dvksBDZVUwQLZK2B6rTqtk6C5Za6CXEB7tsx2Y2mf%2BLzHUWVXsDMI9u8Hx%2BbISNt8oVWG%2FuV4%2FTXil9sfRmRBy0uGrMSRwz1Jeot3t4no72kf%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 75c725e47ceeb92d-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

apps.identrust.com

msedge.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

88.221.25.153

a1952.dscq.akamai.net

IN A

88.221.25.169
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

msedge.exe

Remote address:

88.221.25.153:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Mon, 20 Jun 2022 20:24:00 GMT
ETag: "37d-5e1e6e25c9800"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 06:35:01 GMT
Date: Wed, 19 Oct 2022 05:35:01 GMT
Connection: keep-alive
DNS

bat.bing.com

msedge.exe

Remote address:

8.8.8.8:53

Request

bat.bing.com

IN A

Response

bat.bing.com

IN CNAME

bat-bing-com.a-0001.a-msedge.net

bat-bing-com.a-0001.a-msedge.net

IN CNAME

dual-a-0001.a-msedge.net

dual-a-0001.a-msedge.net

IN A

204.79.197.200

dual-a-0001.a-msedge.net

IN A

13.107.21.200
DNS

connect.facebook.net

msedge.exe

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

157.240.247.8
DNS

public.profitwell.com

msedge.exe

Remote address:

8.8.8.8:53

Request

public.profitwell.com

IN A

Response

public.profitwell.com

IN CNAME

dna8twue3dlxq.cloudfront.net

dna8twue3dlxq.cloudfront.net

IN A

52.222.139.90

dna8twue3dlxq.cloudfront.net

IN A

52.222.139.75

dna8twue3dlxq.cloudfront.net

IN A

52.222.139.11

dna8twue3dlxq.cloudfront.net

IN A

52.222.139.63
GET

https://public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1

msedge.exe

Remote address:

52.222.139.90:443

Request

GET /js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1 HTTP/2.0
host: public.profitwell.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/x-javascript
date: Tue, 18 Oct 2022 14:26:35 GMT
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
cache-control: public,max-age=86400
x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24562ce7bb1d06e6505e84aac2d66ac6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: Dtkn3SQZFhuuAMace3Xi8woKKUHSVs05T28S6mvd1FLpaKwwrD0FLQ==
age: 54508
DNS

12370788.fls.doubleclick.net

msedge.exe

Remote address:

8.8.8.8:53

Request

12370788.fls.doubleclick.net

IN A

Response

12370788.fls.doubleclick.net

IN CNAME

dart.l.doubleclick.net

dart.l.doubleclick.net

IN A

142.250.179.134
DNS

dns.google

msedge.exe

Remote address:

8.8.8.8:53

Request

dns.google

IN A

Response

dns.google

IN A

8.8.8.8

dns.google

IN A

8.8.4.4
GET

https://12370788.fls.doubleclick.net/activityi;src=12370788;type=pagev0;cat=wetra0;ord=4666934002495;gtm=2ygah0;auiddc=1715253222.1666157702;u1=%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;u4=undefined;u8=en-US;u9=undefined;u11=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;~oref=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093?

msedge.exe

Remote address:

142.250.179.134:443

Request

GET /activityi;src=12370788;type=pagev0;cat=wetra0;ord=4666934002495;gtm=2ygah0;auiddc=1715253222.1666157702;u1=%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;u4=undefined;u8=en-US;u9=undefined;u11=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;~oref=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093? HTTP/2.0
host: 12370788.fls.doubleclick.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

msedge.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

msedge.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBGVkZ2UJbWljcm9zb2Z0A2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

msedge.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBGVkZ2UJbWljcm9zb2Z0A2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://www.redditstatic.com/ads/pixel.js

msedge.exe

Remote address:

151.101.1.140:443

Request

GET /ads/pixel.js HTTP/2.0
host: www.redditstatic.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 19 Jul 2022 22:48:09 GMT
etag: "95212d33cfff78ad59f5af5b20c48c53"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 19 Oct 2022 05:35:04 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
GET

https://dynamic.criteo.com/js/ld/ld.js?a=89395

msedge.exe

Remote address:

178.250.2.140:443

Request

GET /js/ld/ld.js?a=89395 HTTP/2.0
host: dynamic.criteo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:03 GMT
content-type: application/javascript; charset=utf-8
server: Kestrel
cache-control: public,max-age=10800
content-encoding: br
vary: Origin
vary: Accept-Encoding
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
GET

https://snap.licdn.com/li.lms-analytics/insight.min.js

msedge.exe

Remote address:

2.16.106.114:443

Request

GET /li.lms-analytics/insight.min.js HTTP/2.0
host: snap.licdn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=32423
date: Wed, 19 Oct 2022 05:35:04 GMT
content-length: 3063
x-cdn: AKAM
GET

https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq

msedge.exe

Remote address:

23.202.229.163:443

Request

GET /i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq HTTP/2.0
host: analytics.tiktok.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221019053504368F21A25C26273AFC91
x-tt-trace-host: 017d36ac6447e5e53f54cf26ef70fa2ed0f3272b0b5af840c9c2396080749e210f2263d700958e340d48ab69e9b959a6e7e2dd69761994a5ab254f9dc21d2dbaebe5962bccb231dc3b5a2852d78ff62cd08fe03a2bff4f3bd0267acef4effebe37
content-encoding: gzip
x-origin-response-time: 7,104.78.78.7
x-akamai-request-id: 359773cc.13ba977f
expires: Wed, 19 Oct 2022 05:35:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:04 GMT
x-cache: TCP_MISS from a23-202-229-159.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a104-78-78-7.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=7
server-timing: inner; dur=3
x-parent-response-time: 88,23.202.229.159
GET

https://analytics.tiktok.com/i18n/pixel/identify.js

msedge.exe

Remote address:

23.202.229.163:443

Request

GET /i18n/pixel/identify.js HTTP/2.0
host: analytics.tiktok.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221019053504957669E3DB90583EB583
x-tt-trace-host: 017d36ac6447e5e53f54cf26ef70fa2ed002348d3115c9cc5bf7cdf83b758af543898a83fda3b1d635011b40ceab3d2d69854e39022512d1931164b4ff9931bd12072ebe9e55e6bfaf6b8a1923c753fcc7c6ef8147fb2e59746647024beabbae44
content-encoding: gzip
x-origin-response-time: 17,23.220.105.69
x-akamai-request-id: 37bcbaeb.13ba9845
expires: Wed, 19 Oct 2022 05:35:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:04 GMT
x-cache: TCP_MISS from a23-202-229-159.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary: Accept-Encoding
x-cache-remote: TCP_MISS from a23-220-105-69.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=147, origin; dur=17
server-timing: inner; dur=3
x-parent-response-time: 164,23.202.229.159
GET

https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com

msedge.exe

Remote address:

23.202.229.163:443

Request

GET /i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com HTTP/2.0
host: analytics.tiktok.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202210190535048E3DE2DCCE9FCD416808
x-tt-trace-host: 017d36ac6447e5e53f54cf26ef70fa2ed002348d3115c9cc5bf7cdf83b758af543620104e933a50ebbf0ad0c317ad16f4d48210d0ffc2d6d33f9e81ad5fcc6c4f80c094458fcfbf78fdc286e095b7f1dd3cc0046672ca8795eda09e9b7608dc53b
content-encoding: gzip
content-length: 357
x-origin-response-time: 3,23.220.105.83
x-akamai-request-id: 9e6bd39d.13ba9892
expires: Wed, 19 Oct 2022 05:35:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:04 GMT
x-cache: TCP_MISS from a23-202-229-159.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary: Accept-Encoding
set-cookie: _ttp=2GLAtT7NxX0Izu9kUvxuzIf3lPZ; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-220-105-83.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=81, origin; dur=3
server-timing: inner; dur=1
x-parent-response-time: 84,23.202.229.159
POST

https://analytics.tiktok.com/api/v2/pixel

msedge.exe

Remote address:

23.202.229.163:443

Request

POST /api/v2/pixel HTTP/2.0
host: analytics.tiktok.com
content-length: 850
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://wetransfer.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ttp=2GLAtT7NxX0Izu9kUvxuzIf3lPZ

Response

HTTP/2.0 200

server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202210190535058947139AC91BC26B871F
x-tt-trace-host: 017d36ac6447e5e53f54cf26ef70fa2ed0f3272b0b5af840c9c2396080749e210f8ffce9652fbd2824ad86a4401b54681607c88713d2b5d11b1c2c5e63eaeb933d5d2d5aeac57a77261c0560382b2a990f98d15142e8d4781e066a5bc5f4319558
x-origin-response-time: 27,104.78.78.4
x-akamai-request-id: 36de746b.13ba9a72
expires: Wed, 19 Oct 2022 05:35:05 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:05 GMT
x-cache: TCP_MISS from a23-202-229-159.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-cache-remote: TCP_MISS from a104-78-78-4.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=26
server-timing: inner; dur=16
x-parent-response-time: 108,23.202.229.159
POST

https://analytics.tiktok.com/api/v2/pixel

msedge.exe

Remote address:

23.202.229.163:443

Request

POST /api/v2/pixel HTTP/2.0
host: analytics.tiktok.com
content-length: 873
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://wetransfer.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _ttp=2GLAtT7NxX0Izu9kUvxuzIf3lPZ

Response

HTTP/2.0 200

server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202210190536025043A795CFD02A4035A9
x-tt-trace-host: 017d36ac6447e5e53f54cf26ef70fa2ed002348d3115c9cc5bf7cdf83b758af543fa6175f1ab1a71ace368c4e3a841f0519d41b13c56fd17818306c7724bc6cf5c74c6421420e5f8b758430d31ac257b9a6e6cda869235adb931f2b309bfd87eb0
x-origin-response-time: 14,23.220.105.89
x-akamai-request-id: b775dddd.13bb0dda
expires: Wed, 19 Oct 2022 05:36:02 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:36:02 GMT
x-cache: TCP_MISS from a23-202-229-159.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-cache-remote: TCP_MISS from a23-220-105-89.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=14
server-timing: inner; dur=11
x-parent-response-time: 94,23.202.229.159
GET

https://t.co/i/adsct?bci=3&eci=2&event_id=79d4a961-7cf6-4325-9d09-957a3d5cc2ca&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz1eu&type=javascript&version=2.3.27

msedge.exe

Remote address:

104.244.42.133:443

Request

GET /i/adsct?bci=3&eci=2&event_id=79d4a961-7cf6-4325-9d09-957a3d5cc2ca&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz1eu&type=javascript&version=2.3.27 HTTP/2.0
host: t.co
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:03 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=364ea9f0-f969-483d-8560-42f78dd09ce8; Max-Age=63072000; Expires=Fri, 18 Oct 2024 05:35:04 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: ebc7c08c3e1b6eb0
strict-transport-security: max-age=0
x-response-time: 104
x-connection-hash: 12dbd9a52999528c8f0c2781e6c168f45183221be6706f127609ca37bd1601d5
GET

https://t.co/i/adsct?bci=3&eci=1&event_id=d8f8f76a-a220-4e58-96c1-7579e07aee53&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27

msedge.exe

Remote address:

104.244.42.133:443

Request

GET /i/adsct?bci=3&eci=1&event_id=d8f8f76a-a220-4e58-96c1-7579e07aee53&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27 HTTP/2.0
host: t.co
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: muc_ads=364ea9f0-f969-483d-8560-42f78dd09ce8

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:04 GMT
perf: 7626143928
server: tsa_o
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 7ab728793adbe100
strict-transport-security: max-age=0
x-response-time: 104
x-connection-hash: 12dbd9a52999528c8f0c2781e6c168f45183221be6706f127609ca37bd1601d5
GET

https://t.co/i/adsct?bci=3&eci=1&event_id=f0777257-da60-4eab-9006-f1114d01b9ce&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27

msedge.exe

Remote address:

104.244.42.133:443

Request

GET /i/adsct?bci=3&eci=1&event_id=f0777257-da60-4eab-9006-f1114d01b9ce&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27 HTTP/2.0
host: t.co
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: muc_ads=364ea9f0-f969-483d-8560-42f78dd09ce8

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:36:02 GMT
perf: 7626143928
server: tsa_o
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 17286ec29d20b02a
strict-transport-security: max-age=0
x-response-time: 111
x-connection-hash: 12dbd9a52999528c8f0c2781e6c168f45183221be6706f127609ca37bd1601d5
GET

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=79d4a961-7cf6-4325-9d09-957a3d5cc2ca&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz1eu&type=javascript&version=2.3.27

msedge.exe

Remote address:

104.244.42.3:443

Request

GET /i/adsct?bci=3&eci=2&event_id=79d4a961-7cf6-4325-9d09-957a3d5cc2ca&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz1eu&type=javascript&version=2.3.27 HTTP/2.0
host: analytics.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:03 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_D2sO0Bx4Dq1KrtzCUp911Q=="; Max-Age=63072000; Expires=Fri, 18 Oct 2024 05:35:04 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 95e0ab116e5efe04
strict-transport-security: max-age=631138519
x-response-time: 111
x-connection-hash: aa7a6786657ae7c173c88c3322b22b7b3b9884c8a1bc9eadbb58261881e513ff
GET

https://analytics.twitter.com/i/adsct?bci=3&eci=1&event_id=d8f8f76a-a220-4e58-96c1-7579e07aee53&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27

msedge.exe

Remote address:

104.244.42.3:443

Request

GET /i/adsct?bci=3&eci=1&event_id=d8f8f76a-a220-4e58-96c1-7579e07aee53&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27 HTTP/2.0
host: analytics.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:04 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_RyQG/debRoJkGJfKle2AUA=="; Max-Age=63072000; Expires=Fri, 18 Oct 2024 05:35:04 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 4f8cdb0207695533
strict-transport-security: max-age=631138519
x-response-time: 109
x-connection-hash: aa7a6786657ae7c173c88c3322b22b7b3b9884c8a1bc9eadbb58261881e513ff
GET

https://analytics.twitter.com/i/adsct?bci=3&eci=1&event_id=f0777257-da60-4eab-9006-f1114d01b9ce&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27

msedge.exe

Remote address:

104.244.42.3:443

Request

GET /i/adsct?bci=3&eci=1&event_id=f0777257-da60-4eab-9006-f1114d01b9ce&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27 HTTP/2.0
host: analytics.twitter.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:36:02 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_kabeHRHFs2C6aGriXfAAYw=="; Max-Age=63072000; Expires=Fri, 18 Oct 2024 05:36:03 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 946590bf831b027e
strict-transport-security: max-age=631138519
x-response-time: 103
x-connection-hash: aa7a6786657ae7c173c88c3322b22b7b3b9884c8a1bc9eadbb58261881e513ff
GET

https://cdn.hadronid.net/hadron.js?partner_id=367&sync=1&url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093

msedge.exe

Remote address:

104.26.11.25:443

Request

GET /hadron.js?partner_id=367&sync=1&url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093 HTTP/2.0
host: cdn.hadronid.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:04 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"3c28d229f6da0f06ec79c43e89914632"
last-modified: Wed, 12 Oct 2022 10:05:20 GMT
x-amz-id-2: XopaLkUL/KhJMWB3vTHPXItGYGJBz1L4wzoB1cyQRWo/qzhRSkmWN1/bBU20L34ATkcCCiYwk2Q=
x-amz-request-id: ZMCF8XEBNM7J9A5Q
cache-control: max-age=3600
cf-cache-status: HIT
age: 5302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hT%2B0Hbd%2FHf2v36q9OOQyBIg55t0lwXq7xNj9ZAZR5pp15ov86R5mwLecyrKy6pL6ZkA3CIyI8nD%2BxZUhJ0OYD%2FHI7p3h8plib9g07ROxnbeLwLUS1oWZ4uYJFaMgwCYidMQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c725f3b806b96e-AMS
content-encoding: br
GET

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001666157703-ASM480KZ-DT3K%26sas_uid%3D%5bsas_uid%5d&gdpr=0

msedge.exe

Remote address:

185.86.137.131:443

Request

GET /getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001666157703-ASM480KZ-DT3K%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP/1.1
Host: sync.smartadserver.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://wetransfer.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Wed, 19 Oct 2022 05:35:03 GMT
cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001666157703-ASM480KZ-DT3K&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
set-cookie: TestIfCookie=ok; expires=Mon, 01 Jan 0001 00:00:00 GMT; domain=.smartadserver.com; path=/; SameSite=None; secure
set-cookie: TestIfCookieP=ok; expires=Thu, 19 Oct 2023 05:35:04 GMT; domain=.smartadserver.com; path=/; SameSite=None; secure
set-cookie: pbw=%24b%3d16920%3b%24o%3d11100; expires=Thu, 19 Oct 2023 05:35:04 GMT; domain=.smartadserver.com; path=/; SameSite=None; secure
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET

https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001666157703-ASM480KZ-DT3K&sas_uid=[sas_uid]&gdpr=0&cklb=1

msedge.exe

Remote address:

185.86.137.131:443

Request

GET /getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001666157703-ASM480KZ-DT3K&sas_uid=[sas_uid]&gdpr=0&cklb=1 HTTP/1.1
Host: sync.smartadserver.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://wetransfer.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

content-length: 0
date: Wed, 19 Oct 2022 05:35:04 GMT
GET

https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3DAU1D-0100-001666157703-ASM480KZ-DT3K

msedge.exe

Remote address:

151.101.1.44:443

Request

GET /sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3DAU1D-0100-001666157703-ASM480KZ-DT3K HTTP/2.0
host: trc.taboola.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
cache-control: no-cache, no-store
pragma: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
date: Wed, 19 Oct 2022 05:35:04 GMT
via: 1.1 varnish
x-served-by: cache-ams21047-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1666157704.335428,VS0,VE2
x-vcl-time-ms: 2
GET

https://alb.reddit.com/rp.gif?ts=1666157703119&id=t2_fdqrj&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=050e5868-cb92-47e7-93dc-7bb9d57198b7&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=720&v=rdt_02c59ad6

msedge.exe

Remote address:

151.101.1.140:443

Request

GET /rp.gif?ts=1666157703119&id=t2_fdqrj&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=050e5868-cb92-47e7-93dc-7bb9d57198b7&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=720&v=rdt_02c59ad6 HTTP/2.0
host: alb.reddit.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Varnish
retry-after: 0
cross-origin-resource-policy: cross-origin
content-type: image/gif
accept-ranges: bytes
date: Wed, 19 Oct 2022 05:35:05 GMT
via: 1.1 varnish
content-length: 42
GET

https://gum.criteo.com/syncframe?topUrl=wetransfer.com&origin=onetag&gdpr=1&gdpr_consent=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA

msedge.exe

Remote address:

178.250.0.157:443

Request

GET /syncframe?topUrl=wetransfer.com&origin=onetag&gdpr=1&gdpr_consent=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA HTTP/2.0
host: gum.criteo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:04 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 104926
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
OPTIONS

https://api.lab.amplitude.com/sdk/vardata

msedge.exe

Remote address:

151.101.2.132:443

Request

OPTIONS /sdk/vardata HTTP/2.0
host: api.lab.amplitude.com
accept: */*
access-control-request-method: GET
access-control-request-headers: authorization,x-amp-exp-user
origin: https://wetransfer.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: https://wetransfer.com
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,POST,HEAD
access-control-allow-headers: authorization,x-amp-exp-user
x-amzn-trace-id: Root=1-634f8c89-29ef747b071bb9e91e27dbcc
x-content-type-options: nosniff
accept-ranges: bytes
date: Wed, 19 Oct 2022 05:35:05 GMT
x-served-by: cache-ams21070-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1666157705.215722,VS0,VE148
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
GET

https://api.lab.amplitude.com/sdk/vardata

msedge.exe

Remote address:

151.101.2.132:443

Request

GET /sdk/vardata HTTP/2.0
host: api.lab.amplitude.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
authorization: Api-Key client-eOWm0wyG7UQC8u3SXqkg11Qnh4vUpARA
sec-ch-ua-mobile: ?0
x-amp-exp-user: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS41LjMiLCJkZXZpY2VfaWQiOiI1Y2NkMTU5NS1kOTAxLTRjNWMtOTYwYy02Y2YyNWRlODUzYTUiLCJ1c2VyX3Byb3BlcnRpZXMiOnsiSXMgSW50ZXJuYWwiOmZhbHNlfX0
accept: */*
origin: https://wetransfer.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json;charset=utf-8
access-control-allow-origin: https://wetransfer.com
access-control-allow-credentials: true
x-amzn-trace-id: Root=1-634f8c89-228b5b1d396a3dc27b793274
x-content-type-options: nosniff
content-encoding: gzip
accept-ranges: bytes
date: Wed, 19 Oct 2022 05:35:05 GMT
age: 0
x-served-by: cache-ams21070-AMS
x-cache: MISS
x-cache-hits: 0
x-timer: S1666157705.382721,VS0,VE172
vary: Origin, Origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 484
POST

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11792855-4&cid=1062815885.1666157703&jid=1385931556&gjid=406242677&_gid=2017078956.1666157703&_u=YADAAUAAAAAAACAFKg~&z=421565351

msedge.exe

Remote address:

142.250.102.154:443

Request

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11792855-4&cid=1062815885.1666157703&jid=1385931556&gjid=406242677&_gid=2017078956.1666157703&_u=YADAAUAAAAAAACAFKg~&z=421565351 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain
accept: */*
origin: https://wetransfer.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.google.nl/pagead/1p-user-list/778938880/?random=1666157702746&cv=9&fst=1666155600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgah0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=3879947225&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

msedge.exe

Remote address:

142.251.36.3:443

Request

GET /pagead/1p-user-list/778938880/?random=1666157702746&cv=9&fst=1666155600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgah0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=3879947225&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/2.0
host: www.google.nl
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11792855-4&cid=1062815885.1666157703&jid=1385931556&_u=YADAAUAAAAAAACAFKg~&z=923403884

msedge.exe

Remote address:

142.251.36.3:443

Request

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11792855-4&cid=1062815885.1666157703&jid=1385931556&_u=YADAAUAAAAAAACAFKg~&z=923403884 HTTP/2.0
host: www.google.nl
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://p.ad.gt/api/v1/con

msedge.exe

Remote address:

104.22.4.69:443

Request

OPTIONS /api/v1/con HTTP/2.0
host: p.ad.gt
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://wetransfer.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:05 GMT
content-type: text/html; charset=utf-8
allow: OPTIONS, POST
access-control-allow-origin: https://wetransfer.com
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75c725fb4dc21e91-AMS
content-encoding: gzip
POST

https://p.ad.gt/api/v1/con

msedge.exe

Remote address:

104.22.4.69:443

Request

POST /api/v1/con HTTP/2.0
host: p.ad.gt
content-length: 373
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: application/json
accept: */*
origin: https://wetransfer.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:05 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: https://wetransfer.com
vary: Origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75c725fc5e7a1e91-AMS
content-encoding: gzip
GET

https://adservice.google.nl/ddm/fls/i/dc_pre=CPGStpDJ6_oCFYBDHQkdM60Caw;src=12370788;type=pagev0;cat=wetra0;ord=4666934002495;gtm=2ygah0;auiddc=1715253222.1666157702;u1=%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;u4=undefined;u8=en-US;u9=undefined;u11=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;~oref=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093

msedge.exe

Remote address:

142.250.179.130:443

Request

GET /ddm/fls/i/dc_pre=CPGStpDJ6_oCFYBDHQkdM60Caw;src=12370788;type=pagev0;cat=wetra0;ord=4666934002495;gtm=2ygah0;auiddc=1715253222.1666157702;u1=%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;u4=undefined;u8=en-US;u9=undefined;u11=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;~oref=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093 HTTP/2.0
host: adservice.google.nl
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cdn.brandmetrics.com/tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js

msedge.exe

Remote address:

104.26.6.155:443

Request

GET /tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js HTTP/2.0
host: cdn.brandmetrics.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:06 GMT
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-bgj: minify
cf-polished: origSize=4735
cf-cache-status: HIT
age: 3420
last-modified: Wed, 19 Oct 2022 04:38:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Er2XqCaL1rkqZbI2lhx3EYUnlHXzDPg0axLekTd7rx0MfWLyZokLjjCsRcO8KnO0v0adeXLIp8X5ggzPTmjqwcK0dcXkYQelY%2B8mIyZGOeWn%2BB0IuQErkBDEF%2BByc5S1ynaDtWhI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c726000c7eb8c7-AMS
content-encoding: br
GET

https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com

msedge.exe

Remote address:

104.26.6.155:443

Request

GET /scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com HTTP/2.0
host: cdn.brandmetrics.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:06 GMT
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-bgj: minify
cf-polished: origSize=43344
cf-cache-status: HIT
age: 3420
last-modified: Wed, 19 Oct 2022 04:38:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5I8xb%2FlzCJIOgH19814jcMcRjmrjI0y3Uy2gMyStaknvig9F2Kv6w%2FVMUPLGH265QSWfdM7%2B7Jty3rtHc%2F18T6DObQixnQUvje8Z%2BOboKda0tjXoV7286sk1HbQ7%2F%2Bhtjc97u0d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75c72600ada3b8c7-AMS
content-encoding: br
GET

https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com

msedge.exe

Remote address:

13.227.219.49:443

Request

GET /creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com HTTP/2.0
host: backgrounds.wetransfer.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
last-modified: Tue, 24 May 2022 09:05:56 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 19 Oct 2022 05:32:52 GMT
etag: W/"38aca77c5a87e710005890e6e3b3e257"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: HbfvADK3cNVrYhuN_b__Eg2F15uKmIBfBOWAk5ONntGokvu8g9z01g==
age: 146
GET

https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/bundle.870273c9c7528c74ee4d.js

msedge.exe

Remote address:

13.227.219.49:443

Request

GET /creator/wetransfer/2203-WTO/static-6/1_QMdy6g/bundle.870273c9c7528c74ee4d.js HTTP/2.0
host: backgrounds.wetransfer.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript
last-modified: Tue, 24 May 2022 09:05:54 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 19 Oct 2022 05:30:16 GMT
etag: W/"79e561d6fdba958f764806e489406763"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: K2gRe38anUqjHWJXPtAxZ_9LuVjaglVCQJcG-RFYIFFt2keeois0Hw==
age: 298
GET

https://backgrounds.wetransfer.net/polyfills/creatives-cache-polyfill.js

msedge.exe

Remote address:

13.227.219.49:443

Request

GET /polyfills/creatives-cache-polyfill.js HTTP/2.0
host: backgrounds.wetransfer.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript
last-modified: Mon, 07 Jun 2021 09:16:31 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 19 Oct 2022 05:33:39 GMT
etag: W/"4222e7a48878ed0764d05d9bd864520b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: Xgsas9oUbUnqetrV5fcnh90Fx0Lyt2ep2Se-F9qnX_qwXgpLUUvkMA==
age: 88
GET

https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/top-right.d22a71959ab417e17ce8.png

msedge.exe

Remote address:

13.227.219.49:443

Request

GET /creator/wetransfer/2203-WTO/static-6/1_QMdy6g/top-right.d22a71959ab417e17ce8.png HTTP/2.0
host: backgrounds.wetransfer.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 244214
last-modified: Tue, 24 May 2022 09:05:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 19 Oct 2022 05:28:25 GMT
etag: "03aba4e9625f5308bbbd7b3e89d7a3f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: pBRXGVz29MiJT4T6En4in6DZYr7rxkpaTpf419JUZtEufSa852uQVQ==
age: 441
GET

https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/bottom-left.dd954f3c2df353c6b22e.png

msedge.exe

Remote address:

13.227.219.49:443

Request

GET /creator/wetransfer/2203-WTO/static-6/1_QMdy6g/bottom-left.dd954f3c2df353c6b22e.png HTTP/2.0
host: backgrounds.wetransfer.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 27353
last-modified: Tue, 24 May 2022 09:05:58 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 19 Oct 2022 05:35:06 GMT
etag: "c145259777627d1856bac8e26864be25"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: lGQnt3Jqb9cpnFDPQk9A47fiEwh-qiodzOYmK6rF3fSPDNuiMuqFGQ==
age: 4
GET

https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/bottom-right.8c7195d404b749b84899.png

msedge.exe

Remote address:

13.227.219.49:443

Request

GET /creator/wetransfer/2203-WTO/static-6/1_QMdy6g/bottom-right.8c7195d404b749b84899.png HTTP/2.0
host: backgrounds.wetransfer.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 217016
last-modified: Tue, 24 May 2022 09:05:57 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 19 Oct 2022 05:28:25 GMT
etag: "704413907a9ea91e7bc58b581203f9fa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: aYY7dwhZfRjJAUkVpZTMXwjgcUutXE4UuiTPovNkNR6-CNsHHXNsBg==
age: 441
GET

https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/mcguffin-thumbs.f78d46772ddd43b2dd77.png

msedge.exe

Remote address:

13.227.219.49:443

Request

GET /creator/wetransfer/2203-WTO/static-6/1_QMdy6g/mcguffin-thumbs.f78d46772ddd43b2dd77.png HTTP/2.0
host: backgrounds.wetransfer.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
content-length: 65134
last-modified: Tue, 24 May 2022 09:05:54 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 19 Oct 2022 05:33:58 GMT
etag: "7717b8350ed341c5401eb023d599da75"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: KEh1dr-pC0BXY0Axcl7jN-LMp1QuRYWbMr6EXBjO1nY4KeeqCEMN_w==
age: 163
GET

https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/GT-Super-WT-Regular.807dcb08d194101be093.woff2

msedge.exe

Remote address:

13.227.219.49:443

Request

GET /creator/wetransfer/2203-WTO/static-6/1_QMdy6g/GT-Super-WT-Regular.807dcb08d194101be093.woff2 HTTP/2.0
host: backgrounds.wetransfer.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://backgrounds.wetransfer.net
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: font/woff2
content-length: 35496
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 24 May 2022 09:05:53 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 19 Oct 2022 05:27:45 GMT
etag: "0b5d34933a08814748892937a7d6a30e"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: TAT6yeiMuib3BzJXSdyYGOVRxfAHttZcpFQuTsHthTk0A5bAEH_Cog==
age: 535
GET

https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/ActiefGrotesque_W_Rg.63479c54248fa038db83.woff2

msedge.exe

Remote address:

13.227.219.49:443

Request

GET /creator/wetransfer/2203-WTO/static-6/1_QMdy6g/ActiefGrotesque_W_Rg.63479c54248fa038db83.woff2 HTTP/2.0
host: backgrounds.wetransfer.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://backgrounds.wetransfer.net
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: font/woff2
content-length: 25564
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 24 May 2022 09:05:52 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 19 Oct 2022 05:27:45 GMT
etag: "36a1d73bfbadc61bbff427b079548a67"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: QoqrHb_x91ZL1lEBbVTz69tErDqlguknABLBIKRBOuEe1YtAz1xiSA==
age: 535
GET

https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/ActiefGrotesque_W_Md.23817d3ab6c377c0a652.woff2

msedge.exe

Remote address:

13.227.219.49:443

Request

GET /creator/wetransfer/2203-WTO/static-6/1_QMdy6g/ActiefGrotesque_W_Md.23817d3ab6c377c0a652.woff2 HTTP/2.0
host: backgrounds.wetransfer.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://backgrounds.wetransfer.net
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: font/woff2
content-length: 26436
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 24 May 2022 09:05:51 GMT
accept-ranges: bytes
server: AmazonS3
date: Wed, 19 Oct 2022 05:28:38 GMT
etag: "fb6ee6d06c40ef384895f47aa20f7ef0"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: OWlW_SDc8KGcx0u8LfhM4jU5N2fDmBe14CPy_OUws4kwvtcyO-RTLg==
age: 389
GET

https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lrw1j_2_16251438&_origin=https://wetransfer.com

msedge.exe

Remote address:

13.227.219.49:443

Request

GET /creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lrw1j_2_16251438&_origin=https://wetransfer.com HTTP/2.0
host: backgrounds.wetransfer.net
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
last-modified: Tue, 24 May 2022 09:05:56 GMT
server: AmazonS3
content-encoding: gzip
date: Wed, 19 Oct 2022 05:32:52 GMT
etag: W/"38aca77c5a87e710005890e6e3b3e257"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b8eaad25e4131c15c21d3d50aac2684c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: zCJZS-son1BIlVZvHE7teHaWTCx6SAWFof-6jxUXRy5885A5ROB5Kg==
age: 176
GET

https://z.moatads.com/wetransferadzerk716769425458/moatad.js

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /wetransferadzerk716769425458/moatad.js HTTP/2.0
host: z.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

x-amz-id-2: IYHJ7TD30OztfiuFdqaqIyM/B2s3jjyyS9rHZxoH6y3ot0HRFFgrouvxLghq9u3n8EBD2ltTC1U=
x-amz-request-id: 5EH0QP5N7M66S72T
last-modified: Tue, 11 Oct 2022 17:05:07 GMT
etag: "f645268706030a9c5688432b369ac5cb"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
content-length: 106818
vary: Accept-Encoding
cache-control: max-age=17655
date: Wed, 19 Oct 2022 05:35:06 GMT
GET

https://px.moatads.com/pixel.gif?e=17&i=WETRANSFER_ADZERK_DISPLAY1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&m=0&ar=e27dbc83ae5-clean&iw=e44cbc7&q=2&cb=0&ym=0&cu=1666157705795&ll=1&lm=1&ln=1&r=0&em=0&en=0&d=552079%3A7170338%3A16251438%3A127818137&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&bo=US&bd=199071&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&gw=wetransferadzerk716769425458&fd=1&it=500&ti=0&ih=2&pe=0%3A458%3A458%3A454%3A260&fs=200656&na=1133649203&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=17&i=WETRANSFER_ADZERK_DISPLAY1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&m=0&ar=e27dbc83ae5-clean&iw=e44cbc7&q=2&cb=0&ym=0&cu=1666157705795&ll=1&lm=1&ln=1&r=0&em=0&en=0&d=552079%3A7170338%3A16251438%3A127818137&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&bo=US&bd=199071&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&gw=wetransferadzerk716769425458&fd=1&it=500&ti=0&ih=2&pe=0%3A458%3A458%3A454%3A260&fs=200656&na=1133649203&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:07 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:07 GMT
GET

https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=0&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=244&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A458%3A458%3A454%3A260&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=213&cd=0&ah=213&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=DOMSEARCH&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=967964303&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=0&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=0&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=244&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A458%3A458%3A454%3A260&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=213&cd=0&ah=213&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=DOMSEARCH&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=967964303&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:07 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:07 GMT
GET

https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=1&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=682&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=0&ad=106&cn=0&gk=106&gl=0&ik=106&ic=106&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=453&cd=213&ah=453&am=213&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=2112826378&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=37&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=1&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=682&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=0&ad=106&cn=0&gk=106&gl=0&ik=106&ic=106&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=453&cd=213&ah=453&am=213&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=2112826378&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:07 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:07 GMT
GET

https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=1729&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=1156&cn=106&gn=1&gk=1156&gl=106&ik=1156&ic=1156&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1511&cd=453&ah=1511&am=453&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1896704529&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=37&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=1729&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=1156&cn=106&gn=1&gk=1156&gl=106&ik=1156&ic=1156&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1511&cd=453&ah=1511&am=453&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1896704529&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:08 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:08 GMT
GET

https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=1729&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=1156&cn=1156&gn=1&gk=1156&gl=1156&ik=1156&ic=1156&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1511&cd=1511&ah=1511&am=1511&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=874608788&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=5&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=1729&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=1156&cn=1156&gn=1&gk=1156&gl=1156&ik=1156&ic=1156&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1511&cd=1511&ah=1511&am=1511&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=874608788&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:08 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:08 GMT
GET

https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=1729&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=1156&cn=1156&gn=1&gk=1156&gl=1156&ik=1156&ic=1156&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1511&cd=1511&ah=1511&am=1511&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=103694036&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=37&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=1729&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=1156&cn=1156&gn=1&gk=1156&gl=1156&ik=1156&ic=1156&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1511&cd=1511&ah=1511&am=1511&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=103694036&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:08 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:08 GMT
GET

https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=5262&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=4671&cn=1156&gn=1&gk=4671&gl=1156&ik=4671&ic=4671&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5025&cd=1511&ah=5025&am=1511&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1215609395&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=9&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=5262&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=4671&cn=1156&gn=1&gk=4671&gl=1156&ik=4671&ic=4671&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5025&cd=1511&ah=5025&am=1511&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1215609395&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:12 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:12 GMT
GET

https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=5679&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=5106&cn=4671&gn=1&gk=5106&gl=4671&ik=5106&ic=5106&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5460&cd=5025&ah=5460&am=5025&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1034407743&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=9&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=5679&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=5106&cn=4671&gn=1&gk=5106&gl=4671&ik=5106&ic=5106&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5460&cd=5025&ah=5460&am=5025&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1034407743&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:12 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:12 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=0&m=7020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=6374&cn=5106&gn=1&gk=6374&gl=5106&ik=6374&ic=6374&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6932&cd=5460&ah=6932&am=5460&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&az=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=641a672a717a873&y=281a251a214a89&c=311a274a260a243&na=1939681432&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=0&m=7020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=6374&cn=5106&gn=1&gk=6374&gl=5106&ik=6374&ic=6374&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6932&cd=5460&ah=6932&am=5460&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&az=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=641a672a717a873&y=281a251a214a89&c=311a274a260a243&na=1939681432&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:14 GMT
GET

https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=8&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com%2F&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=10695&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=10122&cn=6374&gn=1&gk=10122&gl=6374&ik=10122&ic=10122&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10462&cd=6932&ah=10462&am=6932&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&ay=90&az=90&ba=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1335153979&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=25&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=8&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com%2F&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=10695&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=10122&cn=6374&gn=1&gk=10122&gl=6374&ik=10122&ic=10122&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10462&cd=6932&ah=10462&am=6932&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&ay=90&az=90&ba=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1335153979&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:17 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:17 GMT
GET

https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=9&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=15685&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=15112&cn=10122&gn=1&gk=15112&gl=10122&ik=15112&ic=15112&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15460&cd=10462&ah=15460&am=10462&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&ay=90&az=90&ba=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=566781503&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=9&q=3&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=9&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=15685&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=15112&cn=10122&gn=1&gk=15112&gl=10122&ik=15112&ic=15112&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15460&cd=10462&ah=15460&am=10462&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&ay=90&az=90&ba=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=566781503&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:22 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:22 GMT
GET

https://px.moatads.com/pixel.gif?e=17&i=WETRANSFER_ADZERK_DISPLAY1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&m=0&ar=e27dbc83ae5-clean&iw=e44cbc7&q=2&cb=0&ym=0&cu=1666157735301&ll=1&lm=1&ln=1&r=0&em=0&en=0&d=552079%3A7170338%3A16251438%3A127818137&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&bo=US&bd=199072&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&gw=wetransferadzerk716769425458&fd=1&it=500&ti=0&ih=2&pe=0%3A118%3A118%3A107%3A85&fs=200656&na=536643485&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=17&i=WETRANSFER_ADZERK_DISPLAY1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&m=0&ar=e27dbc83ae5-clean&iw=e44cbc7&q=2&cb=0&ym=0&cu=1666157735301&ll=1&lm=1&ln=1&r=0&em=0&en=0&d=552079%3A7170338%3A16251438%3A127818137&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&bo=US&bd=199072&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&gw=wetransferadzerk716769425458&fd=1&it=500&ti=0&ih=2&pe=0%3A118%3A118%3A107%3A85&fs=200656&na=536643485&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:36 GMT
GET

https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=0&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=113&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A118%3A118%3A107%3A85&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=92&cd=0&ah=92&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=DOMSEARCH&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1530414374&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=0&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=0&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=113&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A118%3A118%3A107%3A85&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=92&cd=0&ah=92&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=DOMSEARCH&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1530414374&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:36 GMT
GET

https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=1&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=210&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=0&ad=50&cn=0&gk=50&gl=0&ik=50&ic=50&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=92&cd=92&ah=92&am=92&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=946237885&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=37&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=1&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=210&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=0&ad=50&cn=0&gk=50&gl=0&ik=50&ic=50&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=92&cd=92&ah=92&am=92&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=946237885&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:36 GMT
GET

https://px.moatads.com/pixel.gif?e=21&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=10&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=29935&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=29282&cn=15112&gn=1&gk=29282&gl=15112&ik=29282&ic=29282&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=1&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=29840&cd=15460&ah=29840&am=15460&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&ay=90&az=90&ba=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=2030987668&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=21&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=10&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=29935&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=29282&cn=15112&gn=1&gk=29282&gl=15112&ik=29282&ic=29282&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=1&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=29840&cd=15460&ah=29840&am=15460&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&ay=90&az=90&ba=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=2030987668&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
cache-control: max-age=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:36 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:36 GMT
GET

https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=1240&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=1083&cn=50&gn=1&gk=1083&gl=50&ik=1083&ic=1083&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=92&ah=1022&am=92&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=505492567&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=37&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=1240&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=1083&cn=50&gn=1&gk=1083&gl=50&ik=1083&ic=1083&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=92&ah=1022&am=92&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=505492567&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:37 GMT
GET

https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=1240&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=1083&cn=1083&gn=1&gk=1083&gl=1083&ik=1083&ic=1083&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=544669188&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=5&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=1240&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=1083&cn=1083&gn=1&gk=1083&gl=1083&ik=1083&ic=1083&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=544669188&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:37 GMT
GET

https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=1240&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=1083&cn=1083&gn=1&gk=1083&gl=1083&ik=1083&ic=1083&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=555907004&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=37&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=1240&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=1083&cn=1083&gn=1&gk=1083&gl=1083&ik=1083&ic=1083&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=555907004&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:37 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:37 GMT
GET

https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=5325&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=5168&cn=1083&gn=1&gk=5168&gl=1083&ik=5168&ic=5168&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5107&cd=1022&ah=5107&am=1022&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=684533995&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=9&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=5325&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=5168&cn=1083&gn=1&gk=5168&gl=1083&ik=5168&ic=5168&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5107&cd=1022&ah=5107&am=1022&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=684533995&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:41 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:41 GMT
GET

https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=5541&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=5384&cn=5168&gn=1&gk=5384&gl=5168&ik=5384&ic=5384&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5310&cd=5107&ah=5310&am=5107&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1385496475&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=9&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=5541&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=5384&cn=5168&gn=1&gk=5384&gl=5168&ik=5384&ic=5384&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5310&cd=5107&ah=5310&am=5107&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1385496475&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:42 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=0&m=7004&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=6818&cn=5384&gn=1&gk=6818&gl=5384&ik=6818&ic=6818&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6960&cd=5310&ah=6960&am=5310&xd=00&rf=0&re=1&wb=2&ap=6760&ax=43&az=43&aw=43&bg=43&be=43&cl=0&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=927a912a896&y=187a199a215&c=43a29a14&na=2101095313&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=0&m=7004&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=6818&cn=5384&gn=1&gk=6818&gl=5384&ik=6818&ic=6818&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6960&cd=5310&ah=6960&am=5310&xd=00&rf=0&re=1&wb=2&ap=6760&ax=43&az=43&aw=43&bg=43&be=43&cl=0&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=927a912a896&y=187a199a215&c=43a29a14&na=2101095313&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:43 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=1&m=8032&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=8&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=7845&cn=6818&gn=1&gk=7845&gl=6818&ik=7845&ic=7845&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7987&cd=6960&ah=7987&am=6960&xd=00&rf=0&re=1&wb=2&ap=6760&ax=419&ay=43&az=1029&ba=43&aw=268&bg=268&be=653&bf=919&cl=8&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=882a881a882a887a911a920a933a927a911a884&y=230a238a250a259a278a283a290a301a329a370&c=1011a995a980a962a945a917a903a729a715a698&na=901540982&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=1&m=8032&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=8&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=7845&cn=6818&gn=1&gk=7845&gl=6818&ik=7845&ic=7845&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7987&cd=6960&ah=7987&am=6960&xd=00&rf=0&re=1&wb=2&ap=6760&ax=419&ay=43&az=1029&ba=43&aw=268&bg=268&be=653&bf=919&cl=8&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=882a881a882a887a911a920a933a927a911a884&y=230a238a250a259a278a283a290a301a329a370&c=1011a995a980a962a945a917a903a729a715a698&na=901540982&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:44 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:44 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=2&m=10039&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=9&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=9707&cn=7845&gn=1&gk=9707&gl=7845&ik=9707&ic=9707&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9849&cd=7987&ah=9849&am=7987&xd=00&rf=0&re=1&wb=2&ap=6760&ax=528&ay=419&az=2364&ba=1029&aw=268&bg=1880&be=1880&bf=919&bh=2256&cl=40&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=323a311a290a285a300a333&y=497a487a473a469a469a484&c=760a752a737a719a284a269&na=144853215&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=2&m=10039&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=9&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=9707&cn=7845&gn=1&gk=9707&gl=7845&ik=9707&ic=9707&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9849&cd=7987&ah=9849&am=7987&xd=00&rf=0&re=1&wb=2&ap=6760&ax=528&ay=419&az=2364&ba=1029&aw=268&bg=1880&be=1880&bf=919&bh=2256&cl=40&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=323a311a290a285a300a333&y=497a487a473a469a469a484&c=760a752a737a719a284a269&na=144853215&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:46 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:46 GMT
GET

https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=10&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com%2F&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=10271&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=10114&cn=9707&gn=1&gk=10114&gl=9707&ik=10114&ic=10114&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10053&cd=9849&ah=10053&am=9849&xd=00&rf=0&re=1&wb=2&ap=6760&ax=528&ay=528&az=2364&ba=2364&aw=268&bg=1880&be=1880&bf=919&bh=2256&cl=40&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1930775131&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=25&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=10&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com%2F&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=10271&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=10114&cn=9707&gn=1&gk=10114&gl=9707&ik=10114&ic=10114&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10053&cd=9849&ah=10053&am=9849&xd=00&rf=0&re=1&wb=2&ap=6760&ax=528&ay=528&az=2364&ba=2364&aw=268&bg=1880&be=1880&bf=919&bh=2256&cl=40&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1930775131&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:46 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:46 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=3&m=12018&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=11&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=11784&cn=10114&gn=1&gk=11784&gl=10114&ik=11784&ic=11784&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=11926&cd=10053&ah=11926&am=10053&xd=00&rf=0&re=1&wb=2&ap=6760&ax=931&ay=528&az=2767&ba=2364&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=57&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=0a13a19a26a38a54a77a109a112a116a119a122&y=428a428a428a428a432a438a454a467a470a470a470a470&c=606a593a577a560a545a527a495a443a431a403a389a373&na=1522441349&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=3&m=12018&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=11&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=11784&cn=10114&gn=1&gk=11784&gl=10114&ik=11784&ic=11784&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=11926&cd=10053&ah=11926&am=10053&xd=00&rf=0&re=1&wb=2&ap=6760&ax=931&ay=528&az=2767&ba=2364&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=57&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=0a13a19a26a38a54a77a109a112a116a119a122&y=428a428a428a428a432a438a454a467a470a470a470a470&c=606a593a577a560a545a527a495a443a431a403a389a373&na=1522441349&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:48 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:48 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=4&m=13020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=12&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=12804&cn=11784&gn=1&gk=12804&gl=11784&ik=12804&ic=12804&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=12946&cd=11926&ah=12946&am=11926&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1141&ay=931&az=2977&ba=2767&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=57&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=58a22a0a67a16a71a148a183&y=435a441a438a409a316a477a493a493&c=715a702a542a528a311a185a171a154&na=135958818&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=4&m=13020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=12&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=12804&cn=11784&gn=1&gk=12804&gl=11784&ik=12804&ic=12804&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=12946&cd=11926&ah=12946&am=11926&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1141&ay=931&az=2977&ba=2767&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=57&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=58a22a0a67a16a71a148a183&y=435a441a438a409a316a477a493a493&c=715a702a542a528a311a185a171a154&na=135958818&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:49 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:49 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=5&m=14021&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=13&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=13833&cn=12804&gn=1&gk=13833&gl=12804&ik=13833&ic=13833&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=13975&cd=12946&ah=13975&am=12946&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1450&ay=1141&az=3286&ba=2977&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=64a9a32a71a164a90a19a9a0a0a6&y=152a175a390a390a49a43a104a133a200a252a271&c=991a984a851a829a696a657a608a594a578a563a547&na=1195423863&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=5&m=14021&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=13&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=13833&cn=12804&gn=1&gk=13833&gl=12804&ik=13833&ic=13833&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=13975&cd=12946&ah=13975&am=12946&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1450&ay=1141&az=3286&ba=2977&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=64a9a32a71a164a90a19a9a0a0a6&y=152a175a390a390a49a43a104a133a200a252a271&c=991a984a851a829a696a657a608a594a578a563a547&na=1195423863&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:50 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=6&m=15020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=14&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=14662&cn=13833&gn=1&gk=14662&gl=13833&ik=14662&ic=14662&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14804&cd=13975&ah=14804&am=13975&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1773&ay=1450&az=3609&ba=3286&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=421a498a527a559a572a572a569a533a479a440a376a376a472a495a514a521a521a514a459a418&y=287a265a255a239a232a229a213a200a197a197a216a284a255a245a232a229a226a226a226a232&c=562a547a531a512a500a482a466a450a434a405a390a276a250a233a219a204a186a171a155a142&na=827803822&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=6&m=15020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=14&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=14662&cn=13833&gn=1&gk=14662&gl=13833&ik=14662&ic=14662&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14804&cd=13975&ah=14804&am=13975&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1773&ay=1450&az=3609&ba=3286&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=421a498a527a559a572a572a569a533a479a440a376a376a472a495a514a521a521a514a459a418&y=287a265a255a239a232a229a213a200a197a197a216a284a255a245a232a229a226a226a226a232&c=562a547a531a512a500a482a466a450a434a405a390a276a250a233a219a204a186a171a155a142&na=827803822&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:51 GMT
GET

https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=15&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=15244&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=15086&cn=14662&gn=1&gk=15086&gl=14662&ik=15086&ic=15086&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15015&cd=14804&ah=15015&am=14804&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1938&ay=1773&az=3774&ba=3609&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=2057230524&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=9&q=3&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=15&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=15244&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=15086&cn=14662&gn=1&gk=15086&gl=14662&ik=15086&ic=15086&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15015&cd=14804&ah=15015&am=14804&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1938&ay=1773&az=3774&ba=3609&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=2057230524&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:51 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:51 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=7&m=16027&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=16&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=15710&cn=15086&gn=1&gk=15710&gl=15086&ik=15710&ic=15710&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15852&cd=15015&ah=15852&am=15015&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2019&ay=1938&az=4467&ba=3774&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=463a485a508a514a508a492a469a434a360a431a482a543a569a575&y=329a329a329a329a329a329a329a329a329a287a271a255a245a245&c=990a970a956a941a913a899a883a867a851a693a678a663a649a633&na=1291323404&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=7&m=16027&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=16&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=15710&cn=15086&gn=1&gk=15710&gl=15086&ik=15710&ic=15710&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15852&cd=15015&ah=15852&am=15015&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2019&ay=1938&az=4467&ba=3774&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=463a485a508a514a508a492a469a434a360a431a482a543a569a575&y=329a329a329a329a329a329a329a329a329a287a271a255a245a245&c=990a970a956a941a913a899a883a867a851a693a678a663a649a633&na=1291323404&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:52 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:52 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=8&m=18020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=17&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=17785&cn=15710&gn=1&gk=17785&gl=15710&ik=17785&ic=17785&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=17927&cd=15852&ah=17927&am=15852&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2117&ay=2019&az=5895&ba=4467&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=569a556a511a479a421&y=252a258a281a297a319&c=663a642a623a610a594&na=1093953481&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=8&m=18020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=17&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=17785&cn=15710&gn=1&gk=17785&gl=15710&ik=17785&ic=17785&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=17927&cd=15852&ah=17927&am=15852&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2117&ay=2019&az=5895&ba=4467&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=569a556a511a479a421&y=252a258a281a297a319&c=663a642a623a610a594&na=1093953481&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:54 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:54 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=9&m=22195&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=18&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=21940&cn=17785&gn=1&gk=21940&gl=17785&ik=21940&ic=21940&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=22082&cd=17927&ah=22082&am=17927&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2135&ay=2117&az=5913&ba=5895&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=83&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=234&y=518&c=905&na=1070573784&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=9&m=22195&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=18&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=21940&cn=17785&gn=1&gk=21940&gl=17785&ik=21940&ic=21940&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=22082&cd=17927&ah=22082&am=17927&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2135&ay=2117&az=5913&ba=5895&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=83&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=234&y=518&c=905&na=1070573784&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:58 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:58 GMT
GET

https://px.moatads.com/pixel.gif?e=1&q=10&m=23020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=19&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=22771&cn=21940&gn=1&gk=22771&gl=21940&ik=22771&ic=22771&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=22913&cd=22082&ah=22913&am=22082&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2362&ay=2135&az=6140&ba=5913&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=83&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=173a173a180a180a180a183a183a186a186&y=509a506a496a493a490a486a483a477a470&c=798a778a764a745a732a716a684a672a656&na=610013779&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=1&q=10&m=23020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=19&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=22771&cn=21940&gn=1&gk=22771&gl=21940&ik=22771&ic=22771&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=22913&cd=22082&ah=22913&am=22082&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2362&ay=2135&az=6140&ba=5913&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=83&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=173a173a180a180a180a183a183a186a186&y=509a506a496a493a490a486a483a477a470&c=798a778a764a745a732a716a684a672a656&na=610013779&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:59 GMT
GET

https://px.moatads.com/pixel.gif?e=21&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=20&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=23337&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=22979&cn=22771&gn=1&gk=22979&gl=22771&ik=22979&ic=22979&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=23121&cd=22913&ah=23121&am=22913&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2362&ay=2362&az=6140&ba=6140&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=83&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1678296070&cs=0

msedge.exe

Remote address:

96.16.109.251:443

Request

GET /pixel.gif?e=21&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=20&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=23337&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=22979&cn=22771&gn=1&gk=22979&gl=22771&ik=22979&ic=22979&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=23121&cd=22913&ah=23121&am=22913&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2362&ay=2362&az=6140&ba=6140&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=83&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1678296070&cs=0 HTTP/2.0
host: px.moatads.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
cache-control: max-age=0
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://backgrounds.wetransfer.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/gif
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
content-length: 43
unused62: 8096267
expires: Wed, 19 Oct 2022 05:35:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 19 Oct 2022 05:35:59 GMT
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/otSDKStub.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /staticsb/statics/latest/oneTrust/1.5/scripttemplates/otSDKStub.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: Y7/+dPKCg0+OPHHgf5Uv/w==
last-modified: Mon, 17 Oct 2022 06:11:12 GMT
etag: 0x8DAB006646CDEA7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1fa19124-301e-0041-3c40-e25394000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:11 GMT
content-length: 6445
akamai-request-bc: [a=84.53.185.28,b=583108986,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=1, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1897a
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/otBannerSdk.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/otBannerSdk.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: VrXpO/sHi57vK6QdtSHqmw==
last-modified: Sat, 15 Oct 2022 04:02:26 GMT
etag: 0x8DAAE6212390185
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 07ffe4e2-401e-003f-5e62-e0afa1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:11 GMT
content-length: 77526
akamai-request-bc: [a=84.53.185.28,b=583110314,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c18eaa
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/otTCF.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/otTCF.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: BgbbN2ce5WxxlchLAM7xjw==
last-modified: Sat, 15 Oct 2022 04:02:27 GMT
etag: 0x8DAAE62131EB269
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b16b8ae4-101e-0037-4e50-e1888e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:14 GMT
content-length: 14978
akamai-request-bc: [a=84.53.185.28,b=583116669,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1a77d
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/service/news/feed/pages/ntp?activityId=A4B6769F-C217-4B64-AA81-622728CDC462&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&audienceMode=adult&caller=bgtask&contentType=article,video,slideshow,webcontent&duotone=true&fdhead=gholdout,prg-wx-mapv1&infopaneCount=17&market=nl-nl&memory=4&newsSkip=0&newsTop=48&ocid=anaheim-ntp-feeds&prerender=1&timeOut=2000

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /service/news/feed/pages/ntp?activityId=A4B6769F-C217-4B64-AA81-622728CDC462&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&audienceMode=adult&caller=bgtask&contentType=article,video,slideshow,webcontent&duotone=true&fdhead=gholdout,prg-wx-mapv1&infopaneCount=17&market=nl-nl&memory=4&newsSkip=0&newsTop=48&ocid=anaheim-ntp-feeds&prerender=1&timeOut=2000 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
muid: A4B6769F-C217-4B64-AA81-622728CDC462
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=
cookie: OptanonConsent=isGpcEnabled=0&datestamp=Wed+Oct+19+2022+05%3A35%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.25.0&isIABGlobal=false&hosts=&consentId=b7658048-6f9e-4cb4-961d-cd20df00a4a5&interactionCount=0&landingPath=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26fre%3D1%26dsp%3D1%26sp%3DBing%26prerender%3D1%26firstlaunch%3D1&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CSTACK42%3A0

Response

HTTP/2.0 200

accept-ranges: bytes
content-type: image/png
etag: "bed4a7cc95f6106c7a3d46d2b50cb3f8:1614709529.490117"
last-modified: Tue, 02 Mar 2021 18:25:29 GMT
server: AkamaiNetStorage
content-encoding: gzip
content-length: 373
unused62: 8096267
date: Wed, 19 Oct 2022 05:35:16 GMT
akamai-request-bc: [a=84.53.185.28,b=583121101,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b8cd
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
cache-control: public, max-age=31536000
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/statics/icons/favicon_newtabpage.png

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /statics/icons/favicon_newtabpage.png HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=
cookie: OptanonConsent=isGpcEnabled=0&datestamp=Wed+Oct+19+2022+05%3A35%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.25.0&isIABGlobal=false&hosts=&consentId=b7658048-6f9e-4cb4-961d-cd20df00a4a5&interactionCount=0&landingPath=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26fre%3D1%26dsp%3D1%26sp%3DBing%26prerender%3D1%26firstlaunch%3D1&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CSTACK42%3A0

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
content-encoding: br
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
ddd-authenticatedwithjwtflow: False
ddd-usertype: AnonymousMuid
ddd-tmpl: tmpl-l1-web:1;tmpl-l1-video:1;WasRecoNewUser:1;Static:1;ClientIpFallbackCohort:C_W;UsingClientIpUserProfile:1;XFeed;RR:0;MyFeed;tmpl-l1-shopping:1;ULatLon52.31:4.94;SportsMatch-23;IsRecoNewUser:1;ShoppingCard-4;HasClientIpUserProfile:1;SageUserStatus:0_0_0_0;MoneyInfo-18;WeatherSummary-9;tmpl-l1-local:1;FixIds:0;watch-video-24;PageViewCount0;IMArticleNegUser:0;TileID:u179;TrafficDelays-14;tmpl-place-place-video:1
ddd-feednewsitemcount: 48
x-wpo-activityid: EDB8DB31-8E5C-44DF-8DD4-2E4DADBBCBCD|2022-10-19T05:35:16Z|NEU1
ddd-featureset: 0,Msn.OneDataService.Search.FeatureTracker.Models.NewsFeedFeature:UwAA;
ddd-servername: BCD04221634A
ddd-storeentrytimeutc: 10/19/2022 5:35:16 AM
ddd-activityid: edb8db31-8e5c-44df-8dd4-2e4dadbbcbcd
ddd-datastore: News_PageFeedDataStore
ddd-storeexecutionlatency: 00:00:00.1877689
ddd-strategyid: News_PageFeedReadStrategy
ddd-strategyexecutionlatency: 00:00:00.1878145
onewebservicelatency: 189
x-msedge-responseinfo: 189
x-fd-features: prg-adspeek,btrecrow3,1s-winauthservice,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,1s-fcrypt,prg-upsaip-w1-t,prg-1sw-psfy21,prg-upsaip-r-t,prg-wx-anmpr,prg-wea-allxap,prg-wea-subxap,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ccmfa-t,1s-rpssecautht,1s-xapsegment,prg-wx-wfv2,prg-ugc-test,prg-ugc-test-3,1s-xapntpseg,prg-weanouser1,prg-wpo-t20wc,prg-wea-zoompv,1s-compicsync
x-fd-detection-corpnet: 0
x-fd-flight: 2ml4=prg-adspeek,2rb5=btrecrow3,2tpu=1s-winauthservice,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3gk6=1s-fcrypt,3nhv=prg-upsaip-w1-t,3p16=prg-1sw-psfy21,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3sx0=prg-wea-allxap,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3v18=prg-ccmfa-t,3vhe=1s-rpssecautht,49pp=1s-xapsegment,49ym=prg-wx-wfv2,49zq=prg-ugc-test,4a51=prg-ugc-test-3,4a6y=1s-xapntpseg,4ax2=prg-weanouser1,edgidanaheimsports3=prg-wpo-t20wc,4bgo=prg-wea-zoompv,4fkl=1s-compicsync
ddd-debugid: edb8db31-8e5c-44df-8dd4-2e4dadbbcbcd|2022-10-19T05:35:16.6926737Z|fabric:/ntpfeed|NEU1|NtpFeed_133
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 686A4BB6F77C4585885B29956BE12E8E Ref B: AMS04EDGE3320 Ref C: 2022-10-19T05:35:16Z
expires: Wed, 19 Oct 2022 05:35:16 GMT
date: Wed, 19 Oct 2022 05:35:16 GMT
akamai-request-bc: [a=84.53.185.28,b=583120787,c=g,n=NL__AMSTERDAM,o=20940],[a=204.79.197.203,c=o]
server-timing: clientrtt; dur=2, clienttt; dur=218, origin; dur=217 , cdntime; dur=1
akamai-cache-status: Miss from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b793
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: private, max-age=0
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/weathermapdata/1/static/svg/72/v2/card/CloudyV3.svg

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /weathermapdata/1/static/svg/72/v2/card/CloudyV3.svg HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=
cookie: OptanonConsent=isGpcEnabled=0&datestamp=Wed+Oct+19+2022+05%3A35%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.25.0&isIABGlobal=false&hosts=&consentId=b7658048-6f9e-4cb4-961d-cd20df00a4a5&interactionCount=0&landingPath=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26fre%3D1%26dsp%3D1%26sp%3DBing%26prerender%3D1%26firstlaunch%3D1&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CSTACK42%3A0

Response

HTTP/2.0 200

content-type: image/svg+xml
content-md5: pr9pwGXKaaPtnQ1gF3vqPg==
last-modified: Tue, 24 May 2022 11:16:01 GMT
etag: 0x8DA3D76C93F46FE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 083745e1-801e-005d-043a-712c71000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
expires: Sat, 29 Oct 2022 20:14:35 GMT
date: Wed, 19 Oct 2022 05:35:17 GMT
content-length: 867
akamai-request-bc: [a=84.53.185.28,b=583123784,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c348
cache-control: public, max-age=2592000
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/weathermapdata/1/static/svg/72/v2/card/ClearNightV3.svg

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /weathermapdata/1/static/svg/72/v2/card/ClearNightV3.svg HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=
cookie: OptanonConsent=isGpcEnabled=0&datestamp=Wed+Oct+19+2022+05%3A35%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.25.0&isIABGlobal=false&hosts=&consentId=b7658048-6f9e-4cb4-961d-cd20df00a4a5&interactionCount=0&landingPath=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26fre%3D1%26dsp%3D1%26sp%3DBing%26prerender%3D1%26firstlaunch%3D1&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CSTACK42%3A0

Response

HTTP/2.0 200

content-type: image/svg+xml
content-md5: hBwfCrPY178H8nVVFo8zdQ==
last-modified: Tue, 24 May 2022 11:16:01 GMT
etag: 0x8DA3D76C93EF8E9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0ecda935-b01e-00ef-4b3a-71d300000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 525
expires: Wed, 26 Oct 2022 19:15:46 GMT
date: Wed, 19 Oct 2022 05:35:17 GMT
akamai-request-bc: [a=84.53.185.28,b=583123800,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c358
cache-control: public, max-age=2592000
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/weathermapdata/1/static/svg/72/v2/card/MostlySunnyDay.svg

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /weathermapdata/1/static/svg/72/v2/card/MostlySunnyDay.svg HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=
cookie: OptanonConsent=isGpcEnabled=0&datestamp=Wed+Oct+19+2022+05%3A35%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.25.0&isIABGlobal=false&hosts=&consentId=b7658048-6f9e-4cb4-961d-cd20df00a4a5&interactionCount=0&landingPath=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26fre%3D1%26dsp%3D1%26sp%3DBing%26prerender%3D1%26firstlaunch%3D1&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CSTACK42%3A0

Response

HTTP/2.0 200

content-type: image/svg+xml
content-md5: RnxYSyXZwdP8sHaa2nNLNA==
last-modified: Tue, 24 May 2022 11:16:04 GMT
etag: 0x8DA3D76CABEA902
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 52676cce-801e-004d-213a-71e919000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 1066
expires: Tue, 25 Oct 2022 12:16:40 GMT
date: Wed, 19 Oct 2022 05:35:17 GMT
akamai-request-bc: [a=84.53.185.28,b=583123811,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c363
cache-control: public, max-age=2592000
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/weathermapdata/1/static/svg/72/v2/card/PartlyCloudyDayV3.svg

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /weathermapdata/1/static/svg/72/v2/card/PartlyCloudyDayV3.svg HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=
cookie: OptanonConsent=isGpcEnabled=0&datestamp=Wed+Oct+19+2022+05%3A35%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.25.0&isIABGlobal=false&hosts=&consentId=b7658048-6f9e-4cb4-961d-cd20df00a4a5&interactionCount=0&landingPath=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26fre%3D1%26dsp%3D1%26sp%3DBing%26prerender%3D1%26firstlaunch%3D1&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CSTACK42%3A0

Response

HTTP/2.0 200

content-type: image/svg+xml
content-md5: R4INzOAQqsBxib+jG6nkbw==
last-modified: Wed, 29 Jun 2022 11:13:33 GMT
etag: 0x8DA59C067F731DD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 304d69ad-a01e-0108-08a9-9bc2f7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
expires: Thu, 27 Oct 2022 16:14:01 GMT
date: Wed, 19 Oct 2022 05:35:17 GMT
content-length: 1043
akamai-request-bc: [a=84.53.185.28,b=583123821,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c36d
cache-control: public, max-age=2592000
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/weathermapdata/1/static/background/v2.0/jpg/cloudy_2.jpg

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /weathermapdata/1/static/background/v2.0/jpg/cloudy_2.jpg HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=
cookie: OptanonConsent=isGpcEnabled=0&datestamp=Wed+Oct+19+2022+05%3A35%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.25.0&isIABGlobal=false&hosts=&consentId=b7658048-6f9e-4cb4-961d-cd20df00a4a5&interactionCount=0&landingPath=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26fre%3D1%26dsp%3D1%26sp%3DBing%26prerender%3D1%26firstlaunch%3D1&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CSTACK42%3A0

Response

HTTP/2.0 200

content-type: image/jpeg
content-md5: kRnBpupjr6VeYnS1W0WIFw==
last-modified: Tue, 17 Aug 2021 10:15:39 GMT
etag: 0x8D96167F6CB9DB1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 798f1ebd-101e-0075-2c6c-0e027a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 1546
unused62: 8096267
expires: Mon, 24 Oct 2022 15:46:48 GMT
date: Wed, 19 Oct 2022 05:35:17 GMT
akamai-request-bc: [a=84.53.185.28,b=583123849,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c389
cache-control: public, max-age=2592000
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/weathermapdata/1/static/background/v2.0/jpg/sunny.jpg

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /weathermapdata/1/static/background/v2.0/jpg/sunny.jpg HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=
cookie: OptanonConsent=isGpcEnabled=0&datestamp=Wed+Oct+19+2022+05%3A35%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.25.0&isIABGlobal=false&hosts=&consentId=b7658048-6f9e-4cb4-961d-cd20df00a4a5&interactionCount=0&landingPath=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26fre%3D1%26dsp%3D1%26sp%3DBing%26prerender%3D1%26firstlaunch%3D1&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CSTACK42%3A0

Response

HTTP/2.0 200

content-type: image/jpeg
content-md5: cqxTyRjzWnOAkxfsRuKFlA==
last-modified: Tue, 17 Aug 2021 10:15:39 GMT
etag: 0x8D96167F6CB9DB1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 93a3bcd2-701e-004c-156d-0ef966000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
unused62: 8096267
content-length: 1608
expires: Wed, 16 Nov 2022 21:36:48 GMT
date: Wed, 19 Oct 2022 05:35:17 GMT
akamai-request-bc: [a=84.53.185.28,b=583123859,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c393
cache-control: public, max-age=2592000
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/weathermapdata/1/static/weatherEplant/animation/greeting_once_cv2.gif

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /weathermapdata/1/static/weatherEplant/animation/greeting_once_cv2.gif HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=
cookie: OptanonConsent=isGpcEnabled=0&datestamp=Wed+Oct+19+2022+05%3A35%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.25.0&isIABGlobal=false&hosts=&consentId=b7658048-6f9e-4cb4-961d-cd20df00a4a5&interactionCount=0&landingPath=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26fre%3D1%26dsp%3D1%26sp%3DBing%26prerender%3D1%26firstlaunch%3D1&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CSTACK42%3A0

Response

HTTP/2.0 200

content-type: image/gif
content-md5: 0EA3eCUvECcuDWLgvwY2+Q==
last-modified: Tue, 26 Jul 2022 07:10:48 GMT
etag: 0x8DA6ED5F77CE083
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 584af4de-301e-00f1-4c28-a13fd8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 223818
expires: Sun, 30 Oct 2022 09:11:04 GMT
date: Wed, 19 Oct 2022 05:35:19 GMT
akamai-request-bc: [a=84.53.185.28,b=583127178,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d08a
cache-control: public, max-age=2592000
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/weathermapdata/1/static/weatherEplant/bubble/32x32.png

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /weathermapdata/1/static/weatherEplant/bubble/32x32.png HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: USRLOC=
cookie: OptanonConsent=isGpcEnabled=0&datestamp=Wed+Oct+19+2022+05%3A35%3A14+GMT%2B0000+(Coordinated+Universal+Time)&version=6.25.0&isIABGlobal=false&hosts=&consentId=b7658048-6f9e-4cb4-961d-cd20df00a4a5&interactionCount=0&landingPath=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-US%26title%3DNew%2520tab%26fre%3D1%26dsp%3D1%26sp%3DBing%26prerender%3D1%26firstlaunch%3D1&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CSTACK42%3A0
cookie: _SS=SID=00

Response

HTTP/2.0 200

content-type: image/png
content-md5: B1C+HDCYvtchdeC81gjRGw==
last-modified: Tue, 28 Sep 2021 02:11:32 GMT
etag: 0x8D982254A479430
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8267de8a-101e-0091-1a29-3a0ce4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
content-encoding: gzip
content-length: 1986
unused62: 8096267
expires: Mon, 07 Nov 2022 08:28:55 GMT
date: Wed, 19 Oct 2022 05:35:20 GMT
akamai-request-bc: [a=84.53.185.28,b=583128739,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d6a3
cache-control: public, max-age=2592000
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/vendors.a651ede35d61930b4252.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/vendors.a651ede35d61930b4252.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 23426
content-md5: BKGoPtWe9xqM1ieFnJES+Q==
last-modified: Mon, 10 Oct 2022 21:29:49 GMT
etag: 0x8DAAB068FBA6CCC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ec285263-401e-00e8-6a26-dd40fe000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:11 GMT
akamai-request-bc: [a=84.53.185.28,b=583108992,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=1, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c18980
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/microsoft.9547ad654f6676820cce.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/microsoft.9547ad654f6676820cce.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 79936
content-md5: lw6+2fzy1oqumvlJxkfIWQ==
last-modified: Tue, 11 Oct 2022 21:28:40 GMT
etag: 0x8DAABCF911285DE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2f948f1c-a01e-009e-56b8-dd48f2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:11 GMT
akamai-request-bc: [a=84.53.185.28,b=583108995,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=1, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c18983
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/common.5c6ba596a471604c2321.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/common.5c6ba596a471604c2321.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 234664
content-md5: 4zkPgiMdcino9JVkBkc+9g==
last-modified: Tue, 18 Oct 2022 15:09:54 GMT
etag: 0x8DAB11ACFE53D60
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 497409fe-f01e-00fb-1f03-e38dda000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:11 GMT
akamai-request-bc: [a=84.53.185.28,b=583109121,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c18a01
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/experience.a4af0f3f9faf4c9cae35.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/experience.a4af0f3f9faf4c9cae35.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 28649
content-md5: 4jfSWmmb3fFXilKWm3FNAQ==
last-modified: Tue, 18 Oct 2022 15:10:01 GMT
etag: 0x8DAB11AD46D6C92
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f66ae19c-e01e-0076-2403-e30594000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:11 GMT
akamai-request-bc: [a=84.53.185.28,b=583109170,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c18a32
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/consent/55a804ab-e5c6-4b97-9319-86263d365d28/55a804ab-e5c6-4b97-9319-86263d365d28.json

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /staticsb/statics/latest/oneTrust/1.5/consent/55a804ab-e5c6-4b97-9319-86263d365d28/55a804ab-e5c6-4b97-9319-86263d365d28.json HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
content-md5: r7mh/7URLmEu+g0rwicZlg==
last-modified: Tue, 18 Oct 2022 22:08:52 GMT
etag: 0x8DAB155575D8FDB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8d721f96-601e-004f-203e-e3927a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:11 GMT
content-length: 1503
akamai-request-bc: [a=84.53.185.28,b=583109309,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c18abd
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/consent/55a804ab-e5c6-4b97-9319-86263d365d28/3f919e77-021f-4b8a-a023-eb702b275e96/nl-nl.json

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /staticsb/statics/latest/oneTrust/1.5/consent/55a804ab-e5c6-4b97-9319-86263d365d28/3f919e77-021f-4b8a-a023-eb702b275e96/nl-nl.json HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
content-md5: 6ONjmBOdHHZakgVMvszI8A==
last-modified: Thu, 13 Oct 2022 21:50:37 GMT
etag: 0x8DAAD64F69EE5A8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c41cfeaf-001e-005f-3268-df2d52000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:14 GMT
content-length: 18200
akamai-request-bc: [a=84.53.185.28,b=583116525,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1a6ed
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/consent/55a804ab-e5c6-4b97-9319-86263d365d28/iab2Data.json

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /staticsb/statics/latest/oneTrust/1.5/consent/55a804ab-e5c6-4b97-9319-86263d365d28/iab2Data.json HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
content-md5: AiX/meRydA2i5/EidiP9EA==
last-modified: Sat, 15 Oct 2022 04:02:26 GMT
etag: 0x8DAAE621222BD0E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c3d80426-301e-0047-2ce1-e0b555000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:14 GMT
content-length: 39019
akamai-request-bc: [a=84.53.185.28,b=583116537,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1a6f9
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/topicData.3601f983a491b0a0d1de.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/topicData.3601f983a491b0a0d1de.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 19692
content-md5: irqy9oXnVcHmMwAEz21mYA==
last-modified: Fri, 14 Oct 2022 16:16:09 GMT
etag: 0x8DAADFF67785EED
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 506fc0be-801e-0008-02e8-df5589000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:14 GMT
akamai-request-bc: [a=84.53.185.28,b=583117255,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=12, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1a9c7
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/otFlat.json

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/otFlat.json HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
content-md5: AJdDbL1JQ/gyq5yBloy2oA==
last-modified: Mon, 17 Oct 2022 06:11:11 GMT
etag: 0x8DAB00663EBF9AF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 975337e8-b01e-008d-7140-e29bf0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:15 GMT
content-length: 2942
akamai-request-bc: [a=84.53.185.28,b=583118562,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1aee2
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/v2/otPcCenter.json

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/v2/otPcCenter.json HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
content-md5: kovU8FjDzh/SC+UP508c2A==
last-modified: Sat, 15 Oct 2022 04:02:27 GMT
etag: 0x8DAAE6212E61CF1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 20c9c9cd-401e-005b-40e2-e0c6fe000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:15 GMT
content-length: 11812
akamai-request-bc: [a=84.53.185.28,b=583118567,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1aee7
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/otCookieSettingsButton.json

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/otCookieSettingsButton.json HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
content-md5: yzAZBWkftRV1wIDl+iOMtQ==
last-modified: Mon, 17 Oct 2022 22:24:29 GMT
etag: 0x8DAB08E5B77093F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cff29e09-601e-002b-1093-e2fb25000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:15 GMT
content-length: 2120
akamai-request-bc: [a=84.53.185.28,b=583118571,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1aeeb
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/otCommonStyles.css

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/otCommonStyles.css HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/css
content-md5: 5PiOOvIRvZ6iA9I8sLJh1Q==
last-modified: Sat, 15 Oct 2022 04:02:27 GMT
etag: 0x8DAAE621328272D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 96cfbbcf-201e-002f-5b50-e11089000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:15 GMT
content-length: 4135
akamai-request-bc: [a=84.53.185.28,b=583118588,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1aefc
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
cache-control: public, max-age=1209600
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/feed-navigation-header.c0fe05d66edd98832e38.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/feed-navigation-header.c0fe05d66edd98832e38.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 44997
content-md5: Zim8mQv1Y8tJniAuUofrKA==
last-modified: Fri, 14 Oct 2022 16:16:00 GMT
etag: 0x8DAADFF62A3497B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e9c6f6ee-f01e-003b-1de8-df099e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:15 GMT
akamai-request-bc: [a=84.53.185.28,b=583119025,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b0b1
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_finance-service-library_dist_redux_FinanceData_connector_js.29a45b9af292d2c27c4f.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/libs_finance-service-library_dist_redux_FinanceData_connector_js.29a45b9af292d2c27c4f.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 76107
content-md5: gAYxtkkhcTeZsVwvN9+pNw==
last-modified: Tue, 18 Oct 2022 15:09:53 GMT
etag: 0x8DAB11ACFB53425
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f66aec15-e01e-0076-5603-e30594000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:15 GMT
akamai-request-bc: [a=84.53.185.28,b=583119039,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b0bf
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_super-feed_dist_feed-manager_FeedManagerWithClientAd_js-node_modules_lodash-es_camelCase-c142b4.eea99423dcea3617423c.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/libs_super-feed_dist_feed-manager_FeedManagerWithClientAd_js-node_modules_lodash-es_camelCase-c142b4.eea99423dcea3617423c.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 294515
content-md5: p3+XnGAhDllRwG/79teXgQ==
last-modified: Tue, 18 Oct 2022 15:09:59 GMT
etag: 0x8DAB11AD33F7BC7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4974128e-f01e-00fb-2d03-e38dda000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:15 GMT
akamai-request-bc: [a=84.53.185.28,b=583119043,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b0c3
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_feed-layout_dist_layout-templates_template-maps_AnaheimLayoutTemplateMap_js.11d1aec880792966f8ce.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/libs_feed-layout_dist_layout-templates_template-maps_AnaheimLayoutTemplateMap_js.11d1aec880792966f8ce.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 13498
content-md5: PUzC7P8EhRZfM+pIyGuQlQ==
last-modified: Thu, 13 Oct 2022 18:53:09 GMT
etag: 0x8DAAD4C2BFCC700
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b1738f64-401e-00d4-2135-df95f6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:15 GMT
akamai-request-bc: [a=84.53.185.28,b=583119193,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b159
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/pivot-content-wc.400f904d4896e0e40815.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/pivot-content-wc.400f904d4896e0e40815.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 26911
content-md5: 1degce5AEnfFWHmDw0vo9w==
last-modified: Tue, 18 Oct 2022 15:10:01 GMT
etag: 0x8DAB11AD42F0DAD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 49741327-f01e-00fb-2b03-e38dda000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:15 GMT
akamai-request-bc: [a=84.53.185.28,b=583119305,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b1c9
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedModule_js.d3a4e61618bf269c1eae.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedModule_js.d3a4e61618bf269c1eae.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 17873
content-md5: 5+G9IJ4YoUBh3/vaDhB3/Q==
last-modified: Wed, 12 Oct 2022 18:35:21 GMT
etag: 0x8DAAC80855E7BEA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 43969d6d-701e-00df-1969-deb0e1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:15 GMT
akamai-request-bc: [a=84.53.185.28,b=583119312,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b1d0
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_ads-constants_dist_AdTemplate_config_schema_js-libs_experiences-constants_dist_ZoomStyle-65215d.46a52dae5b2ee630e8ea.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/libs_ads-constants_dist_AdTemplate_config_schema_js-libs_experiences-constants_dist_ZoomStyle-65215d.46a52dae5b2ee630e8ea.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 65172
content-md5: /UTp2kpxse3Mc77uBd8R2Q==
last-modified: Tue, 18 Oct 2022 15:09:54 GMT
etag: 0x8DAB11AD04F3957
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f66af603-e01e-0076-0b03-e30594000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:16 GMT
akamai-request-bc: [a=84.53.185.28,b=583119933,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b43d
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/grid-view-feed.aba4da6582914b4429ae.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/grid-view-feed.aba4da6582914b4429ae.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 20154
content-md5: 4aHMbhTXPH6t8BF63McNNA==
last-modified: Fri, 14 Oct 2022 16:16:06 GMT
etag: 0x8DAADFF65FAD080
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 506ffb78-801e-0008-14e8-df5589000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:16 GMT
akamai-request-bc: [a=84.53.185.28,b=583119938,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b442
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 401

content-length: 48
content-type: application/json; charset=utf-8
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
ddd-authenticatedwithjwtflow: False
ddd-usertype: Unknown
onewebservicelatency: 0
x-msedge-responseinfo: 0
x-fd-features: prg-adspeek,btrecrow3,1s-winauthservice,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,1s-fcrypt,prg-upsaip-w1-t,prg-1sw-psfy21,prg-upsaip-r-t,prg-wx-anmpr,prg-wea-allxap,prg-wea-subxap,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ccmfa-t,1s-rpssecautht,1s-xapsegment,prg-wx-wfv2,prg-ugc-test,prg-ugc-test-3,1s-xapntpseg,prg-weanouser1,prg-wpo-t20wc,prg-wea-zoompv,1s-compicsync
x-fd-detection-corpnet: 0
x-fd-flight: 2ml4=prg-adspeek,2rb5=btrecrow3,2tpu=1s-winauthservice,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3gk6=1s-fcrypt,3nhv=prg-upsaip-w1-t,3p16=prg-1sw-psfy21,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3sx0=prg-wea-allxap,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3v18=prg-ccmfa-t,3vhe=1s-rpssecautht,49pp=1s-xapsegment,49ym=prg-wx-wfv2,49zq=prg-ugc-test,4a51=prg-ugc-test-3,4a6y=1s-xapntpseg,4ax2=prg-weanouser1,edgidanaheimsports3=prg-wpo-t20wc,4bgo=prg-wea-zoompv,4fkl=1s-compicsync
ddd-debugid: d7ea384d-f183-4f31-857b-c23ac4c48e25|2022-10-19T05:35:16.2456158Z|fabric:/msn|NEU1|News_73
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EC8DF0B9D8004EADB7512040A08D9C0A Ref B: DUS30EDGE0711 Ref C: 2022-10-19T05:35:16Z
date: Wed, 19 Oct 2022 05:35:16 GMT
akamai-request-bc: [a=84.53.185.28,b=583120069,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__AMSTERDAM,o=20940],[a=204.79.197.203,c=o]
server-timing: clientrtt; dur=9, clienttt; dur=35, origin; dur=29 , cdntime; dur=6
akamai-cache-status: Miss from child, Miss from parent
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b4c5
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: public, max-age=300
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/service/msn/topics?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&queryType=MyFeed&$top=1000&allTopics=true&responseSchema=cardview&location=52.3056|4.9421

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /service/msn/topics?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&queryType=MyFeed&$top=1000&allTopics=true&responseSchema=cardview&location=52.3056|4.9421 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
ddd-authenticatedwithjwtflow: False
ddd-usertype: Unknown
ddd-tmpl: Static:1
ddd-servername: 607A4709700B
ddd-storeentrytimeutc: 10/19/2022 05:35:16
ddd-activityid: e20fdfdd-1137-416f-a2a0-6e312fc25fc5
ddd-datastore: MSN_Topics
ddd-storeexecutionlatency: 00:00:00.0025530
ddd-strategyid: MSN_TopicsReadStrategy
ddd-strategyexecutionlatency: 00:00:00.0025654
onewebservicelatency: 2
x-msedge-responseinfo: 2
x-fd-features: prg-adspeek,btrecrow3,1s-winauthservice,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,1s-fcrypt,prg-upsaip-w1-t,prg-1sw-psfy21,prg-upsaip-r-t,prg-wx-anmpr,prg-wea-allxap,prg-wea-subxap,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ccmfa-t,1s-rpssecautht,1s-xapsegment,prg-wx-wfv2,prg-ugc-test,prg-ugc-test-3,1s-xapntpseg,prg-weanouser1,prg-wpo-t20wc,prg-wea-zoompv,1s-compicsync
x-fd-detection-corpnet: 0
x-fd-flight: 2ml4=prg-adspeek,2rb5=btrecrow3,2tpu=1s-winauthservice,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3gk6=1s-fcrypt,3nhv=prg-upsaip-w1-t,3p16=prg-1sw-psfy21,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3sx0=prg-wea-allxap,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3v18=prg-ccmfa-t,3vhe=1s-rpssecautht,49pp=1s-xapsegment,49ym=prg-wx-wfv2,49zq=prg-ugc-test,4a51=prg-ugc-test-3,4a6y=1s-xapntpseg,4ax2=prg-weanouser1,edgidanaheimsports3=prg-wpo-t20wc,4bgo=prg-wea-zoompv,4fkl=1s-compicsync
ddd-debugid: e20fdfdd-1137-416f-a2a0-6e312fc25fc5|2022-10-19T05:35:16.2631871Z|fabric:/msn|NEU1|News_64
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 48CCAB00BF774C228CFE22EF155DF495 Ref B: AMS04EDGE1618 Ref C: 2022-10-19T05:35:16Z
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:16 GMT
content-length: 942
akamai-request-bc: [a=84.53.185.28,b=583120110,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__AMSTERDAM,o=20940],[c=p,n=NL__AMSTERDAM,o=20940],[a=204.79.197.203,c=o]
server-timing: clientrtt; dur=9, clienttt; dur=36, origin; dur=0 , cdntime; dur=36
akamai-cache-status: Miss from child, Miss from parent
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b4ee
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: public, max-age=300
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
OPTIONS

https://assets.msn.com/service/news/feed/pages/ntp?activityId=A4B6769F-C217-4B64-AA81-622728CDC462&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&audienceMode=adult&caller=bgtask&contentType=article,video,slideshow,webcontent&duotone=true&fdhead=gholdout,prg-wx-mapv1&infopaneCount=17&market=nl-nl&memory=4&newsSkip=0&newsTop=48&ocid=anaheim-ntp-feeds&prerender=1&timeOut=2000

msedge.exe

Remote address:

84.53.185.32:443

Request

OPTIONS /service/news/feed/pages/ntp?activityId=A4B6769F-C217-4B64-AA81-622728CDC462&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&audienceMode=adult&caller=bgtask&contentType=article,video,slideshow,webcontent&duotone=true&fdhead=gholdout,prg-wx-mapv1&infopaneCount=17&market=nl-nl&memory=4&newsSkip=0&newsTop=48&ocid=anaheim-ntp-feeds&prerender=1&timeOut=2000 HTTP/2.0
host: assets.msn.com
accept: */*
access-control-request-method: GET
access-control-request-headers: muid
origin: https://ntp.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
sec-fetch-mode: cors
sec-fetch-site: same-site
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
content-length: 2
expires: Wed, 19 Oct 2022 05:35:16 GMT
date: Wed, 19 Oct 2022 05:35:16 GMT
akamai-request-bc: [a=84.53.185.28,b=583120774,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=14, clienttt; dur=0, origin; dur= , cdntime; dur=0
akamai-cache-status: Constructed from child
access-control-max-age: 300
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b786
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,X-Statics-Fallback,X-FD-RevIP,X-FD-ClientIP,s-xbox-token,X-Client-Data,x-fd-features,cache-control,pragma,Akamai-Request-BC
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,X-Statics-Fallback,X-FD-RevIP,X-FD-ClientIP,s-xbox-token,X-Client-Data,x-fd-features,cache-control,pragma
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: public, max-age=300
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/node_modules_sortablejs_modular_sortable_esm_js.883fee7723671fc5aa12.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/node_modules_sortablejs_modular_sortable_esm_js.883fee7723671fc5aa12.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 13259
content-md5: HK7K9ddrBqCi4sQF9Yddhw==
last-modified: Thu, 13 Oct 2022 18:53:13 GMT
etag: 0x8DAAD4C2E4AA61D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 66b0f14a-201e-0056-6cca-df94a7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:16 GMT
akamai-request-bc: [a=84.53.185.28,b=583121026,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=12, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1b882
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/weather-data-connector.cd1a653de0797bd3da00.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/weather-data-connector.cd1a653de0797bd3da00.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 52455
content-md5: +KE2ym4ygv/pPNAm/dQwzQ==
last-modified: Tue, 18 Oct 2022 15:10:04 GMT
etag: 0x8DAB11AD61C6034
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 497429b4-f01e-00fb-0a03-e38dda000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:16 GMT
akamai-request-bc: [a=84.53.185.28,b=583121474,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=20, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ba42
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_icons-wc_icons_AqiIcon_svg-libs_icons-wc_icons_BannerRainStart_svg-libs_icons-wc_icons_B-0f469e.78580366a9f229bfb314.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/libs_icons-wc_icons_AqiIcon_svg-libs_icons-wc_icons_BannerRainStart_svg-libs_icons-wc_icons_B-0f469e.78580366a9f229bfb314.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 83319
content-md5: GOMRUvtlPAUm1wmTYn1eMQ==
last-modified: Tue, 18 Oct 2022 15:09:54 GMT
etag: 0x8DAB11ACFDAB7AF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f66b06fc-e01e-0076-1f03-e30594000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:16 GMT
akamai-request-bc: [a=84.53.185.28,b=583121478,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=20, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ba46
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_index_js.fa93ead74fa0df4c0084.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_index_js.fa93ead74fa0df4c0084.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 45199
content-md5: 2dWfE8cGebrNaHInaarocw==
last-modified: Tue, 18 Oct 2022 15:09:53 GMT
etag: 0x8DAB11ACF7CEED6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 49742f13-f01e-00fb-7a03-e38dda000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:16 GMT
akamai-request-bc: [a=84.53.185.28,b=583121541,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=19, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ba85
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_icons-wc_icons_CardActionFluentButton_svg-libs_icons-wc_icons_HideV2_svg-libs_icons-wc_i-46086e.082cddef7423ca63da35.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/libs_icons-wc_icons_CardActionFluentButton_svg-libs_icons-wc_icons_HideV2_svg-libs_icons-wc_i-46086e.082cddef7423ca63da35.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 125108
content-md5: AlqLpMB487Bu8PazZldr4A==
last-modified: Tue, 18 Oct 2022 15:09:55 GMT
etag: 0x8DAB11AD0F634CE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f66cfd0d-e01e-0076-1f04-e30594000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:17 GMT
akamai-request-bc: [a=84.53.185.28,b=583122214,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1bd26
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/shopping-card-wce.8a022da69a56d5687819.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/shopping-card-wce.8a022da69a56d5687819.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 35352
content-md5: hMCsenytmChnoC3Ziv4Sgw==
last-modified: Tue, 18 Oct 2022 15:09:59 GMT
etag: 0x8DAB11AD356D0AF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 712aadb2-b01e-0057-3704-e3bfa5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:17 GMT
akamai-request-bc: [a=84.53.185.28,b=583122244,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1bd44
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 401

content-length: 48
content-type: application/json; charset=utf-8
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
ddd-authenticatedwithjwtflow: False
ddd-usertype: Unknown
onewebservicelatency: 0
x-msedge-responseinfo: 0
x-fd-features: prg-adspeek,btrecrow3,1s-winauthservice,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,1s-fcrypt,prg-upsaip-w1-t,prg-1sw-psfy21,prg-upsaip-r-t,prg-wx-anmpr,prg-wea-allxap,prg-wea-subxap,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ccmfa-t,1s-rpssecautht,1s-xapsegment,prg-wx-wfv2,prg-ugc-test,prg-ugc-test-3,1s-xapntpseg,prg-weanouser1,prg-wpo-t20wc,prg-wea-zoompv,1s-compicsync
x-fd-detection-corpnet: 0
x-fd-flight: 2ml4=prg-adspeek,2rb5=btrecrow3,2tpu=1s-winauthservice,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3gk6=1s-fcrypt,3nhv=prg-upsaip-w1-t,3p16=prg-1sw-psfy21,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3sx0=prg-wea-allxap,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3v18=prg-ccmfa-t,3vhe=1s-rpssecautht,49pp=1s-xapsegment,49ym=prg-wx-wfv2,49zq=prg-ugc-test,4a51=prg-ugc-test-3,4a6y=1s-xapntpseg,4ax2=prg-weanouser1,edgidanaheimsports3=prg-wpo-t20wc,4bgo=prg-wea-zoompv,4fkl=1s-compicsync
ddd-debugid: 3e57b317-a4d8-4a8e-94bf-02c7422066bf|2022-10-19T05:35:17.4726543Z|fabric:/msn|NEU1|News_86
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C462CD087F64E04A314ACC9A57F4DA2 Ref B: AMS04EDGE2817 Ref C: 2022-10-19T05:35:17Z
date: Wed, 19 Oct 2022 05:35:17 GMT
akamai-request-bc: [a=84.53.185.28,b=583122881,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__AMSTERDAM,o=20940],[a=204.79.197.203,c=o]
server-timing: clientrtt; dur=9, clienttt; dur=29, origin; dur=24 , cdntime; dur=5
akamai-cache-status: Miss from child, Miss from parent
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1bfc1
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: public, max-age=300
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_components_weather-hide-dialog_index_js.5b7ba2c26bad62ecf8d9.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_components_weather-hide-dialog_index_js.5b7ba2c26bad62ecf8d9.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2113
content-md5: YLLVPWSPb5A/NYLGani7vQ==
last-modified: Mon, 10 Oct 2022 21:29:45 GMT
etag: 0x8DAAB068D0242D6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d015ba40-401e-00c4-4049-dd25d4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:17 GMT
akamai-request-bc: [a=84.53.185.28,b=583123781,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c345
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_components_weather-hide-remind_index_js.88b7d28d697039071577.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_components_weather-hide-remind_index_js.88b7d28d697039071577.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2043
content-md5: jxryjFiCYMROYEXVhYOYyw==
last-modified: Fri, 14 Oct 2022 16:16:02 GMT
etag: 0x8DAADFF63C1FCEB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8902869f-c01e-000c-17e6-e1f981000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124150,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=25, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c4b6
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_components_weather-report-issue_index_js.747deb3201dde54adda3.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_components_weather-report-issue_index_js.747deb3201dde54adda3.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2901
content-md5: Hfaq8xj3e4FPZnMhV/CS8w==
last-modified: Fri, 14 Oct 2022 16:16:09 GMT
etag: 0x8DAADFF677D402F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5a162c28-001e-0084-6a4c-e2f6c5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124191,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=21, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c4df
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 9902
content-md5: 1WwrCtLdiGfEslzcIXiMCw==
last-modified: Wed, 12 Oct 2022 18:35:17 GMT
etag: 0x8DAAC80826EF62E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44c4a8dc-301e-00a3-3569-deb6f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124404,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=26, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c5b4
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/coachmark-wc.a29a16af92d15f2b4968.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/coachmark-wc.a29a16af92d15f2b4968.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3617
content-md5: DXN7BE9SEeSJUQNI2SIN9g==
last-modified: Thu, 13 Oct 2022 18:53:13 GMT
etag: 0x8DAAD4C2EC0AF28
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b1739e72-401e-00d4-7a35-df95f6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124409,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=26, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c5b9
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/conditionalBannerWC.9d5ecc1c353ecfcd0abd.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/conditionalBannerWC.9d5ecc1c353ecfcd0abd.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 30441
content-md5: smpbtdE2HEU5Wow9TDyFiQ==
last-modified: Mon, 17 Oct 2022 17:27:33 GMT
etag: 0x8DAB064E02F12CB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4cc17f32-e01e-008a-1b4e-e254d8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124434,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c5d2
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/settings-dialog-edgenext-wc.7efb66ce86463bb5410d.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/settings-dialog-edgenext-wc.7efb66ce86463bb5410d.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 401

content-length: 48
content-type: application/json; charset=utf-8
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
ddd-authenticatedwithjwtflow: False
ddd-usertype: Unknown
onewebservicelatency: 0
x-msedge-responseinfo: 0
x-fd-features: prg-adspeek,btrecrow3,1s-winauthservice,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,1s-fcrypt,prg-upsaip-w1-t,prg-1sw-psfy21,prg-upsaip-r-t,prg-wx-anmpr,prg-wea-allxap,prg-wea-subxap,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ccmfa-t,1s-rpssecautht,1s-xapsegment,prg-wx-wfv2,prg-ugc-test,prg-ugc-test-3,1s-xapntpseg,prg-weanouser1,prg-wpo-t20wc,prg-wea-zoompv,1s-compicsync
x-fd-detection-corpnet: 0
x-fd-flight: 2ml4=prg-adspeek,2rb5=btrecrow3,2tpu=1s-winauthservice,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3gk6=1s-fcrypt,3nhv=prg-upsaip-w1-t,3p16=prg-1sw-psfy21,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3sx0=prg-wea-allxap,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3v18=prg-ccmfa-t,3vhe=1s-rpssecautht,49pp=1s-xapsegment,49ym=prg-wx-wfv2,49zq=prg-ugc-test,4a51=prg-ugc-test-3,4a6y=1s-xapntpseg,4ax2=prg-weanouser1,edgidanaheimsports3=prg-wpo-t20wc,4bgo=prg-wea-zoompv,4fkl=1s-compicsync
ddd-debugid: 09b07515-b975-4529-8b77-fc37acb6908b|2022-10-19T05:35:18.1908034Z|fabric:/msn|NEU1|News_136
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 618D8835F79D4F0EAD2756A4B4FF5999 Ref B: AMS04EDGE2611 Ref C: 2022-10-19T05:35:18Z
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124385,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__AMSTERDAM,o=20940],[a=204.79.197.203,c=o]
server-timing: clientrtt; dur=26, clienttt; dur=44, origin; dur=39 , cdntime; dur=5
akamai-cache-status: Miss from child, Miss from parent
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c5a1
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: public, max-age=300
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
last-modified: Tue, 18 Oct 2022 22:02:18 GMT
etag: W/"753"
server: Microsoft-HTTPAPI/2.0
x-cms-documentstoragetier: Cache
x-cms-documentid: BBGgoUg
x-cms-version: 316
x-cms-state: Published
x-cms-tenant: amp
x-cms-type: list
x-cms-executiontimeinmilliseconds: 0
access-control-allow-origin: https://ntp.msn.com
access-control-expose-headers: X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
appex-activity-id: 050a49ba-04fe-4b21-813f-dea1497a4e7e
x-trace-context: {"ActivityId":"050a49ba-04fe-4b21-813f-dea1497a4e7e"}
ms-cv: jTT4oUPeW0qs135moLiJDA.0
x-cms-servicelocation: eastus:0
content-encoding: gzip
cache-control: max-age=900
date: Wed, 19 Oct 2022 05:35:18 GMT
content-length: 2246
akamai-request-bc: [a=84.53.185.28,b=583124492,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c60c
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/content/v1/cms/api/amp/Document/BBGgoUg

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /content/v1/cms/api/amp/Document/BBGgoUg HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 401

content-length: 48
content-type: application/json; charset=utf-8
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
ddd-authenticatedwithjwtflow: False
ddd-usertype: Unknown
onewebservicelatency: 0
x-msedge-responseinfo: 0
x-fd-features: prg-adspeek,btrecrow3,1s-winauthservice,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,1s-fcrypt,prg-upsaip-w1-t,prg-1sw-psfy21,prg-upsaip-r-t,prg-wx-anmpr,prg-wea-allxap,prg-wea-subxap,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ccmfa-t,1s-rpssecautht,1s-xapsegment,prg-wx-wfv2,prg-ugc-test,prg-ugc-test-3,1s-xapntpseg,prg-weanouser1,prg-wpo-t20wc,prg-wea-zoompv,1s-compicsync
x-fd-detection-corpnet: 0
x-fd-flight: 2ml4=prg-adspeek,2rb5=btrecrow3,2tpu=1s-winauthservice,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3gk6=1s-fcrypt,3nhv=prg-upsaip-w1-t,3p16=prg-1sw-psfy21,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3sx0=prg-wea-allxap,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3v18=prg-ccmfa-t,3vhe=1s-rpssecautht,49pp=1s-xapsegment,49ym=prg-wx-wfv2,49zq=prg-ugc-test,4a51=prg-ugc-test-3,4a6y=1s-xapntpseg,4ax2=prg-weanouser1,edgidanaheimsports3=prg-wpo-t20wc,4bgo=prg-wea-zoompv,4fkl=1s-compicsync
ddd-debugid: b8f1b68b-86c4-4d9f-bae2-6d70e5060125|2022-10-19T05:35:18.2241007Z|fabric:/msn|NEU1|News_101
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 80F887559EA3457899420F523BD11E24 Ref B: AMS04EDGE2114 Ref C: 2022-10-19T05:35:18Z
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124466,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__AMSTERDAM,o=20940],[a=204.79.197.203,c=o]
server-timing: clientrtt; dur=6, clienttt; dur=26, origin; dur=22 , cdntime; dur=4
akamai-cache-status: Miss from child, Miss from parent
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c5f2
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: public, max-age=300
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/super-coach-mark-wc.8de273ea96f246406ff8.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/super-coach-mark-wc.8de273ea96f246406ff8.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 7719
content-md5: kdTvVz1U79Ve1zw6oABovg==
last-modified: Mon, 17 Oct 2022 17:27:26 GMT
etag: 0x8DAB064DBFB3D28
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b7cc5f9e-601e-003a-6a4e-e2229c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124557,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c64d
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/waffle-wc.ba0bc7e8d735f037f0d8.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/waffle-wc.ba0bc7e8d735f037f0d8.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 8129
content-md5: 8pO8ProE2P4FLAaoMhxt1w==
last-modified: Fri, 14 Oct 2022 16:16:02 GMT
etag: 0x8DAADFF6394D903
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e9c703c0-f01e-003b-6fe8-df099e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124559,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c64f
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/content/v1/cms/api/amp/Document/BBOTMVt

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /content/v1/cms/api/amp/Document/BBOTMVt HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
content-encoding: gzip
last-modified: Thu, 25 Oct 2018 19:18:55 GMT
etag: W/"14"
x-cms-documentstoragetier: Cache
x-cms-documentid: BBOTMVt
x-cms-version: 4
x-cms-state: Published
x-cms-tenant: amp
x-cms-type: provider
x-cms-executiontimeinmilliseconds: 0
access-control-allow-origin: https://ntp.msn.com
access-control-expose-headers: X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
appex-activity-id: ec0a95e1-de77-4ead-971c-3e3187e86d9e
x-trace-context: {"ActivityId":"ec0a95e1-de77-4ead-971c-3e3187e86d9e"}
ms-cv: Q7XzyzmSjUaM5za/eSTMJg.0
x-cms-servicelocation: eastus:1
x-frame-options: deny
content-length: 601
cache-control: max-age=900
expires: Wed, 19 Oct 2022 05:50:18 GMT
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124581,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c665
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/welcomeGreeting.8505a116f4bdb64523c6.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/welcomeGreeting.8505a116f4bdb64523c6.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 80411
content-md5: G3tDm/TtJDAfzZcg5RixnQ==
last-modified: Tue, 18 Oct 2022 15:09:53 GMT
etag: 0x8DAB11ACFCA8D97
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f66b239f-e01e-0076-6d03-e30594000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124609,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c681
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/articleFre.9c6b38fc418ba3ec849c.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/articleFre.9c6b38fc418ba3ec849c.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 46821
content-md5: 9rDr5rfG84Zm+kGjcOuZvQ==
last-modified: Wed, 12 Oct 2022 18:35:20 GMT
etag: 0x8DAAC808479BBB4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 64f66a5e-601e-0102-4f6a-de0440000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124781,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c72d
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/notification-bell-wc.c1c23e024cc4990e8074.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/notification-bell-wc.c1c23e024cc4990e8074.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 54833
content-md5: lPNwwdchfj+kPjVK4jnLBg==
last-modified: Tue, 18 Oct 2022 15:09:57 GMT
etag: 0x8DAB11AD1ED3FAA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9d558416-801e-0024-4b03-e330a3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124817,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c751
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/feedback.718b143d7dd195e0e78c.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/feedback.718b143d7dd195e0e78c.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2003
content-md5: JZKEYvDBMIKkahTMxsB1GA==
last-modified: Tue, 11 Oct 2022 21:28:39 GMT
etag: 0x8DAABCF9046C839
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2f949dfc-a01e-009e-75b8-dd48f2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124852,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=12, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c774
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/content/v1/cms/api/amp/Document/BB1dwxz2

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /content/v1/cms/api/amp/Document/BB1dwxz2 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 16:23:05 GMT
etag: W/"6"
x-cms-documentstoragetier: Cache
x-cms-documentid: BB1dwxz2
x-cms-version: 2
x-cms-state: Published
x-cms-tenant: amp
x-cms-type: provider
x-cms-executiontimeinmilliseconds: 0
access-control-allow-origin: https://ntp.msn.com
access-control-expose-headers: X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
appex-activity-id: a5d3863e-6636-4786-ad4a-15f4b1cf2412
x-trace-context: {"ActivityId":"a5d3863e-6636-4786-ad4a-15f4b1cf2412"}
ms-cv: XyfyUDS01Ee7054+V21McQ.0
x-cms-servicelocation: eastus:2
x-frame-options: deny
content-length: 951
cache-control: max-age=900
expires: Wed, 19 Oct 2022 05:50:18 GMT
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583124895,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c79f
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/sign-in-control-wc.5d6a24cfa3a5d942c0a3.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/sign-in-control-wc.5d6a24cfa3a5d942c0a3.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 6616
content-md5: qoQQr0eAyaBN51ADJ25sZg==
last-modified: Mon, 10 Oct 2022 21:29:42 GMT
etag: 0x8DAAB068B574296
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a9544b7a-201e-003e-0e25-dd8e94000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125069,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c84d
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/office-leftrail.7e2fb8b907a0c4ee27c0.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/office-leftrail.7e2fb8b907a0c4ee27c0.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 8377
content-md5: 5adq9+jsgfck+CKdDH7R/w==
last-modified: Thu, 13 Oct 2022 01:15:25 GMT
etag: 0x8DAACB8685C26BA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bae66ed4-601e-0102-5def-de0440000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125075,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c853
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/breakingNewsWC.0592b6bc5b7136c7eccc.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/breakingNewsWC.0592b6bc5b7136c7eccc.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 4171
content-md5: LyfkC3r20W0TjjUhraxIiA==
last-modified: Tue, 18 Oct 2022 15:10:04 GMT
etag: 0x8DAB11AD61D9889
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f66b2502-e01e-0076-5d03-e30594000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125198,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c8ce
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/articleRelatedStories.62682c041e678b91a8b6.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/articleRelatedStories.62682c041e678b91a8b6.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 31423
content-md5: 1K7+thRmxzz3nQ+QIgCpcw==
last-modified: Wed, 12 Oct 2022 18:35:23 GMT
etag: 0x8DAAC80865B2D65
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 64f66ac7-601e-0102-2e6a-de0440000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125217,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c8e1
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/articleTopComment.0e5ffce51cde09df79dd.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/articleTopComment.0e5ffce51cde09df79dd.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 28277
content-md5: S6SphoKW9hjGcRbupjtlvQ==
last-modified: Mon, 17 Oct 2022 17:27:30 GMT
etag: 0x8DAB064DE60B75C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d0dcd423-201e-0002-664f-e25b9c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125447,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=15, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c9c7
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/ms-rewards-wc.6f002634d9bab5423468.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/ms-rewards-wc.6f002634d9bab5423468.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2848
content-md5: B0fK0phxOdJBu7YX/puamQ==
last-modified: Fri, 14 Oct 2022 16:16:01 GMT
etag: 0x8DAADFF63088C1E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: dee7f496-801e-0060-0de8-df4fba000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125477,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c9e5
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/outlook-email-preview-wc.ede92f09038701c2a74f.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/outlook-email-preview-wc.ede92f09038701c2a74f.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 18432
content-md5: iQ0zOEOyzzUYCqKB9gFkGA==
last-modified: Thu, 13 Oct 2022 18:53:32 GMT
etag: 0x8DAAD4C39A4645C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 41d0d305-601e-0042-2a56-df888d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125487,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1c9ef
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/feed-toggle-wc.72314c7e53c6581b6213.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/feed-toggle-wc.72314c7e53c6581b6213.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 10499
content-md5: +uJfrdxhMdTW6BnLFnJ18A==
last-modified: Mon, 17 Oct 2022 17:27:50 GMT
etag: 0x8DAB064EA9264AD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b7cc5fb8-601e-003a-7d4e-e2229c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125580,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ca4c
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/breakingnews/v1/cms/api/amp/article/AA430z6

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /breakingnews/v1/cms/api/amp/article/AA430z6 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
last-modified: Thu, 08 Sep 2022 18:21:54 GMT
etag: W/"1884"
server: Microsoft-HTTPAPI/2.0
x-cms-documentstoragetier: Cache
x-cms-documentid: AA430z6
x-cms-version: 667
x-cms-state: Published
x-cms-tenant: amp
x-cms-type: article
x-cms-executiontimeinmilliseconds: 0
access-control-allow-origin: https://ntp.msn.com
access-control-expose-headers: X-Trace-Context,X-CMS-DocumentId,X-CMS-Type,X-CMS-Tenant,X-CMS-State,X-CMS-Version,ETag,X-CMS-SearchElapsedTimeInMilliseconds,X-CMS-SearchBackendTimeInMilliseconds,X-CMS-SearchMatchedTotal,X-CMS-SearchMaxScore,X-CMS-SearchShardsTotal,X-CMS-SearchShardsSuccessful,X-CMS-SearchShardsFailed,X-CMS-SearchReturnedCount,X-CMS-ExecutionTimeInMilliseconds,MS-CV
appex-activity-id: 12910fe1-3908-4d04-80d5-b60e55f5f93d
x-trace-context: {"ActivityId":"12910fe1-3908-4d04-80d5-b60e55f5f93d"}
ms-cv: l4S9B0kjS0KQ+bVpn4vg2A.0
x-cms-servicelocation: eastus:0
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:18 GMT
content-length: 1211
akamai-request-bc: [a=84.53.185.28,b=583125658,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ca9a
cache-control: max-age=30
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/layout-toggle.deddb838ef17b0c7d2d6.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/layout-toggle.deddb838ef17b0c7d2d6.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1988
content-md5: cp3iL4NG2pbj6QknbY3ksw==
last-modified: Mon, 10 Oct 2022 21:29:48 GMT
etag: 0x8DAAB068F0BCFF5
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 303bf076-401e-00ac-0e49-dd3fe7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125700,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cac4
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/autos-carousel.b8aa9b3d98beec05d7c8.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/autos-carousel.b8aa9b3d98beec05d7c8.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 22611
content-md5: MJ9fT5XncB0luyjd/oHfgg==
last-modified: Mon, 10 Oct 2022 21:29:47 GMT
etag: 0x8DAAB068EBE578C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6fb8f56b-201e-00d2-7126-dd6ffa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125730,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cae2
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/pill-wc.992b8b6b050ad85c22e8.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/pill-wc.992b8b6b050ad85c22e8.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 6372
content-md5: TvJghusK8rjcsKZNZNveig==
last-modified: Wed, 05 Oct 2022 18:41:39 GMT
etag: 0x8DAA7013D848044
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4f54b6df-b01e-00c3-53c4-d9f4da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125865,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cb69
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/card-actions-wc.6ee74bc3568f1ed2e1e8.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/card-actions-wc.6ee74bc3568f1ed2e1e8.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 32985
content-md5: IQnmCsENwV4NcmFn+yiJ+A==
last-modified: Tue, 18 Oct 2022 15:09:59 GMT
etag: 0x8DAB11AD34A4F79
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f66b26b1-e01e-0076-0703-e30594000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125909,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cb95
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/autosMarketplaceCard.5de27813433717f66680.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/autosMarketplaceCard.5de27813433717f66680.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 65218
content-md5: /e1cuZfS3qphj9c8IaP3Ug==
last-modified: Fri, 14 Oct 2022 16:16:04 GMT
etag: 0x8DAADFF6493D413
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3c47ea8e-701e-005b-07e8-df4bbc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583125937,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cbb1
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/CoachmarkData.4b820d591661c69411df.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/CoachmarkData.4b820d591661c69411df.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 377
content-md5: 95Co5C+eF75DxGmBy94lJg==
last-modified: Mon, 17 Oct 2022 17:27:26 GMT
etag: 0x8DAB064DC10486D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d5444a49-301e-0027-6f7a-e24da5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583126020,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cc04
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/RewardsData.f113cb990b879e374393.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/RewardsData.f113cb990b879e374393.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 4994
content-md5: rB8t49RHDXi+nD0Zg/RohQ==
last-modified: Wed, 12 Oct 2022 18:35:17 GMT
etag: 0x8DAAC8082D411C7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ef22b285-c01e-0030-466a-de2c89000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583126027,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cc0b
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/ocvFeedback.89a10712feb248d098d8.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/ocvFeedback.89a10712feb248d098d8.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 727
content-md5: xaMVJF2bhqIlNPYqXaV6AA==
last-modified: Tue, 11 Oct 2022 21:28:42 GMT
etag: 0x8DAABCF9217737B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 53d29f12-a01e-000a-5606-de038d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583126128,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cc70
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/toast-wc.820ad4a1a9dab6c1a909.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/toast-wc.820ad4a1a9dab6c1a909.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 11361
content-md5: 1wYsGGYoivVPzsEEY/6EDw==
last-modified: Tue, 18 Oct 2022 15:09:58 GMT
etag: 0x8DAB11AD2A242BB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 71291039-b01e-0057-7c03-e3bfa5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583126196,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ccb4
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/weather-data-lazy-services.360f24dabe754cf44131.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/weather-data-lazy-services.360f24dabe754cf44131.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3337
content-md5: 34QGV3UMc9Q8BXXGBGmfjw==
last-modified: Wed, 12 Oct 2022 18:35:20 GMT
etag: 0x8DAAC80848C7DAA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ef229642-c01e-0030-6169-de2c89000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583126205,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ccbd
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_finance-service-library_dist_index_js.5866d3e60e1569e2a4ed.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/libs_finance-service-library_dist_index_js.5866d3e60e1569e2a4ed.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 11033
content-md5: vrOaXsy0Artb3PqFIjHG/A==
last-modified: Wed, 12 Oct 2022 18:35:18 GMT
etag: 0x8DAAC808338913B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ef22969e-c01e-0030-3669-de2c89000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583126227,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ccd3
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/back-to-top-button.ffd576e39db76f384151.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/back-to-top-button.ffd576e39db76f384151.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2557
content-md5: Te01OC0Kk57GDDxZHZVLFA==
last-modified: Mon, 10 Oct 2022 21:29:42 GMT
etag: 0x8DAAB068BC1DBA2
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ffb891df-c01e-0030-17f0-dc2c89000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:18 GMT
akamai-request-bc: [a=84.53.185.28,b=583126258,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ccf2
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/sticky-peek.4c4df533575914af9f03.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/sticky-peek.4c4df533575914af9f03.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3639
content-md5: NpD+Z+mzUAu/UdLd2vMQyg==
last-modified: Wed, 12 Oct 2022 18:35:23 GMT
etag: 0x8DAAC8086213A28
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ef2296f1-c01e-0030-7b69-de2c89000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:19 GMT
akamai-request-bc: [a=84.53.185.28,b=583126324,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cd34
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/background-gallery.df2e0ccbb7da047b68e8.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/background-gallery.df2e0ccbb7da047b68e8.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 11351
content-md5: xV4W18ePQ8dbl3d2tbxnrw==
last-modified: Tue, 18 Oct 2022 15:09:55 GMT
etag: 0x8DAB11AD067EDA3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 60239ea9-301e-009f-0904-e363f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:19 GMT
akamai-request-bc: [a=84.53.185.28,b=583126341,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cd45
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/service/Finance/Exchanges?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-Peregrine&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&ids=r6dwnt&wrapodata=false

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /service/Finance/Exchanges?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-Peregrine&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&ids=r6dwnt&wrapodata=false HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency
ddd-authenticatedwithjwtflow: False
ddd-usertype: Unknown
ddd-servername: 3127120FD2EF
ddd-storeentrytimeutc: 10/19/2022 5:34:36 AM
ddd-activityid: 3bc48269-d9a2-49c3-8a30-9489ef55d2c6
ddd-datastore: Finance_FinanceRedisCache
ddd-storeexecutionlatency: 00:00:00.0006553
ddd-strategyid: Finance_defaultReadStrategy
ddd-strategyexecutionlatency: 00:00:00.0015894
onewebservicelatency: 1
x-msedge-responseinfo: 1
x-fd-features: prg-adspeek,btrecrow3,1s-winauthservice,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,1s-fcrypt,prg-upsaip-w1-t,prg-1sw-psfy21,prg-upsaip-r-t,prg-wx-anmpr,prg-wea-allxap,prg-wea-subxap,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ccmfa-t,1s-rpssecautht,1s-xapsegment,prg-wx-wfv2,prg-ugc-test,prg-ugc-test-3,1s-xapntpseg,prg-weanouser1,prg-wpo-t20wc,prg-wea-zoompv,1s-compicsync
x-fd-detection-corpnet: 0
x-fd-flight: 2ml4=prg-adspeek,2rb5=btrecrow3,2tpu=1s-winauthservice,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3gk6=1s-fcrypt,3nhv=prg-upsaip-w1-t,3p16=prg-1sw-psfy21,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3sx0=prg-wea-allxap,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3v18=prg-ccmfa-t,3vhe=1s-rpssecautht,49pp=1s-xapsegment,49ym=prg-wx-wfv2,49zq=prg-ugc-test,4a51=prg-ugc-test-3,4a6y=1s-xapntpseg,4ax2=prg-weanouser1,edgidanaheimsports3=prg-wpo-t20wc,4bgo=prg-wea-zoompv,4fkl=1s-compicsync
ddd-debugid: 3bc48269-d9a2-49c3-8a30-9489ef55d2c6|10/19/2022 5:34:36 AM|fabric:/finance|NEU1|Finance_55
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3C120E78CB1F4404BDC7503A9B628E0E Ref B: AMS04EDGE1717 Ref C: 2022-10-19T05:34:36Z
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:19 GMT
content-length: 1417
akamai-request-bc: [a=84.53.185.28,b=583126406,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cd86
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: public, max-age=60
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/money-info-card-wc.8e45cde4c6f70835cc32.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/money-info-card-wc.8e45cde4c6f70835cc32.js HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
origin: https://ntp.msn.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 105767
content-md5: cg7Igu5dzZwDCLL7L8QUgA==
last-modified: Tue, 18 Oct 2022 15:10:07 GMT
etag: 0x8DAB11AD7A3ADC5
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f66b0d5e-e01e-0076-3b03-e30594000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:19 GMT
akamai-request-bc: [a=84.53.185.28,b=583126447,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1cdaf
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/bingHealth.4bd0d7683f434aab0027.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/bingHealth.4bd0d7683f434aab0027.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 6226
content-md5: bMPOVIXY1gcKVwXBJ5Vn7A==
last-modified: Fri, 14 Oct 2022 16:16:03 GMT
etag: 0x8DAADFF63F9CDA0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6204b4ba-901e-0055-4ee0-e1e9a1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:19 GMT
akamai-request-bc: [a=84.53.185.28,b=583127469,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d1ad
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 401

content-length: 48
content-type: application/json; charset=utf-8
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
ddd-authenticatedwithjwtflow: False
ddd-usertype: Unknown
onewebservicelatency: 0
x-msedge-responseinfo: 0
x-fd-features: prg-adspeek,btrecrow3,1s-winauthservice,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,1s-fcrypt,prg-upsaip-w1-t,prg-1sw-psfy21,prg-upsaip-r-t,prg-wx-anmpr,prg-wea-allxap,prg-wea-subxap,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ccmfa-t,1s-rpssecautht,1s-xapsegment,prg-wx-wfv2,prg-ugc-test,prg-ugc-test-3,1s-xapntpseg,prg-weanouser1,prg-wpo-t20wc,prg-wea-zoompv,1s-compicsync
x-fd-detection-corpnet: 0
x-fd-flight: 2ml4=prg-adspeek,2rb5=btrecrow3,2tpu=1s-winauthservice,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3gk6=1s-fcrypt,3nhv=prg-upsaip-w1-t,3p16=prg-1sw-psfy21,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3sx0=prg-wea-allxap,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3v18=prg-ccmfa-t,3vhe=1s-rpssecautht,49pp=1s-xapsegment,49ym=prg-wx-wfv2,49zq=prg-ugc-test,4a51=prg-ugc-test-3,4a6y=1s-xapntpseg,4ax2=prg-weanouser1,edgidanaheimsports3=prg-wpo-t20wc,4bgo=prg-wea-zoompv,4fkl=1s-compicsync
ddd-debugid: e5aa4f87-0995-4fe9-9d51-88d231a71e82|2022-10-19T05:35:19.5569907Z|fabric:/msn|NEU1|News_12
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5C7E7E9B31514E60BDD271DDF2BE3219 Ref B: AMS04EDGE2608 Ref C: 2022-10-19T05:35:19Z
date: Wed, 19 Oct 2022 05:35:19 GMT
akamai-request-bc: [a=84.53.185.28,b=583127472,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__AMSTERDAM,o=20940],[a=204.79.197.203,c=o]
server-timing: clientrtt; dur=5, clienttt; dur=32, origin; dur=25 , cdntime; dur=7
akamai-cache-status: Miss from child, Miss from parent
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d1b0
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: public, max-age=300
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 16502
content-md5: RXdXcgFWdGKWQpxqtCPdKw==
last-modified: Thu, 13 Oct 2022 01:15:14 GMT
etag: 0x8DAACB861DA8AB4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b2c265aa-301e-00cb-68a2-deaccb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:19 GMT
akamai-request-bc: [a=84.53.185.28,b=583127597,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d22d
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/bingHealthCard.58f3355c9628f0393e95.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/bingHealthCard.58f3355c9628f0393e95.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 401

content-length: 48
content-type: application/json; charset=utf-8
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
ddd-authenticatedwithjwtflow: False
ddd-usertype: Unknown
onewebservicelatency: 0
x-msedge-responseinfo: 0
x-fd-features: prg-adspeek,btrecrow3,1s-winauthservice,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,1s-fcrypt,prg-upsaip-w1-t,prg-1sw-psfy21,prg-upsaip-r-t,prg-wx-anmpr,prg-wea-allxap,prg-wea-subxap,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ccmfa-t,1s-rpssecautht,1s-xapsegment,prg-wx-wfv2,prg-ugc-test,prg-ugc-test-3,1s-xapntpseg,prg-weanouser1,prg-wpo-t20wc,prg-wea-zoompv,1s-compicsync
x-fd-detection-corpnet: 0
x-fd-flight: 2ml4=prg-adspeek,2rb5=btrecrow3,2tpu=1s-winauthservice,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3gk6=1s-fcrypt,3nhv=prg-upsaip-w1-t,3p16=prg-1sw-psfy21,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3sx0=prg-wea-allxap,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3v18=prg-ccmfa-t,3vhe=1s-rpssecautht,49pp=1s-xapsegment,49ym=prg-wx-wfv2,49zq=prg-ugc-test,4a51=prg-ugc-test-3,4a6y=1s-xapntpseg,4ax2=prg-weanouser1,edgidanaheimsports3=prg-wpo-t20wc,4bgo=prg-wea-zoompv,4fkl=1s-compicsync
ddd-debugid: a70c3860-b484-40c6-bd2c-fd2c5a5b4d90|2022-10-19T05:35:19.5960729Z|fabric:/msn|NEU1|News_89
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EEC29A46FC4D4F46897CC449BBD4D87A Ref B: AMS04EDGE1706 Ref C: 2022-10-19T05:35:19Z
date: Wed, 19 Oct 2022 05:35:19 GMT
akamai-request-bc: [a=84.53.185.28,b=583127558,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__AMSTERDAM,o=20940],[a=204.79.197.203,c=o]
server-timing: clientrtt; dur=3, clienttt; dur=33, origin; dur=24 , cdntime; dur=9
akamai-cache-status: Miss from child, Miss from parent
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d206
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: public, max-age=300
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/bundler.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/bundler.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: teTAnDnNepmWH2uJZJ2SJA==
last-modified: Fri, 14 Oct 2022 16:16:04 GMT
etag: 0x8DAADFF6490A043
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5feef1db-301e-00cb-30f7-dfaccb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:19 GMT
content-length: 3893
akamai-request-bc: [a=84.53.185.28,b=583127909,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d365
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/casual-games-card.1a6783c8a697d350b1eb.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/casual-games-card.1a6783c8a697d350b1eb.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 36747
content-md5: XDKxv+kMxRTo6pzbNRMVSw==
last-modified: Tue, 18 Oct 2022 15:09:53 GMT
etag: 0x8DAB11ACF4545AF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: feab51ca-601e-00ea-7b04-e316fa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:19 GMT
akamai-request-bc: [a=84.53.185.28,b=583128047,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d3ef
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/casual-games-experience.d7b7bc8d3f1bd29f6577.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/casual-games-experience.d7b7bc8d3f1bd29f6577.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 79187
content-md5: 9RiaBLyTTmK3UBM2Yp5hqQ==
last-modified: Tue, 18 Oct 2022 15:10:07 GMT
etag: 0x8DAB11AD7A20056
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6023a5ac-301e-009f-2e04-e363f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:19 GMT
akamai-request-bc: [a=84.53.185.28,b=583128277,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d4d5
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/category-data-connector.0ab64a9055bd2f4c19b3.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/category-data-connector.0ab64a9055bd2f4c19b3.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2183
content-md5: K9Z0RoDjBSDDWkQPQyYgjQ==
last-modified: Wed, 12 Oct 2022 18:35:19 GMT
etag: 0x8DAAC8084231CF3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 64f66c94-601e-0102-496a-de0440000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:20 GMT
akamai-request-bc: [a=84.53.185.28,b=583128486,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d5a6
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/clarity.0394c58f04e4aa405861.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/clarity.0394c58f04e4aa405861.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 761
content-md5: pyql6tOWQ96U7r+njcRliQ==
last-modified: Thu, 06 Oct 2022 21:44:26 GMT
etag: 0x8DAA7E3F09F56CB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 09247f61-e01e-008a-64d6-d954d8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:20 GMT
akamai-request-bc: [a=84.53.185.28,b=583128631,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=12, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d637
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 401

content-length: 48
content-type: application/json; charset=utf-8
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
ddd-authenticatedwithjwtflow: False
ddd-usertype: Unknown
onewebservicelatency: 0
x-msedge-responseinfo: 0
x-fd-features: prg-adspeek,btrecrow3,1s-winauthservice,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,1s-fcrypt,prg-upsaip-w1-t,prg-1sw-psfy21,prg-upsaip-r-t,prg-wx-anmpr,prg-wea-allxap,prg-wea-subxap,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ccmfa-t,1s-rpssecautht,1s-xapsegment,prg-wx-wfv2,prg-ugc-test,prg-ugc-test-3,1s-xapntpseg,prg-weanouser1,prg-wpo-t20wc,prg-wea-zoompv,1s-compicsync
x-fd-detection-corpnet: 0
x-fd-flight: 2ml4=prg-adspeek,2rb5=btrecrow3,2tpu=1s-winauthservice,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3gk6=1s-fcrypt,3nhv=prg-upsaip-w1-t,3p16=prg-1sw-psfy21,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3sx0=prg-wea-allxap,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3v18=prg-ccmfa-t,3vhe=1s-rpssecautht,49pp=1s-xapsegment,49ym=prg-wx-wfv2,49zq=prg-ugc-test,4a51=prg-ugc-test-3,4a6y=1s-xapntpseg,4ax2=prg-weanouser1,edgidanaheimsports3=prg-wpo-t20wc,4bgo=prg-wea-zoompv,4fkl=1s-compicsync
ddd-debugid: 186bc8ae-a0df-4269-a200-0a9904137f03|2022-10-19T05:35:20.3801371Z|fabric:/msn|NEU1|News_189
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 832A78EC759A4B7E8A13CDE8FD7FBA46 Ref B: AMS04EDGE2011 Ref C: 2022-10-19T05:35:20Z
date: Wed, 19 Oct 2022 05:35:20 GMT
akamai-request-bc: [a=84.53.185.28,b=583129195,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__AMSTERDAM,o=20940],[a=204.79.197.203,c=o]
server-timing: clientrtt; dur=11, clienttt; dur=27, origin; dur=22 , cdntime; dur=5
akamai-cache-status: Miss from child, Miss from parent
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d86b
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: public, max-age=300
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/cold-start-gif.05ea6cc30c2f0977775a.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/cold-start-gif.05ea6cc30c2f0977775a.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 69153
content-md5: a22o3O1W1NwZhQQ8LGmOJg==
last-modified: Thu, 13 Oct 2022 18:53:21 GMT
etag: 0x8DAAD4C333D2A3A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 901b54c4-501e-00f1-6dca-df83cf000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:20 GMT
akamai-request-bc: [a=84.53.185.28,b=583129310,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d8de
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/cold-start-wc.86b8563f1977fcdb6e4b.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/cold-start-wc.86b8563f1977fcdb6e4b.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 26339
content-md5: eCGkkdj78XYX/JTR4Zbi6Q==
last-modified: Wed, 12 Oct 2022 18:35:21 GMT
etag: 0x8DAAC8085008B2F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 64f66cef-601e-0102-1a6a-de0440000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:20 GMT
akamai-request-bc: [a=84.53.185.28,b=583129393,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d931
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/common-settings-edgenext.12c182fb6de97f4c203d.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/common-settings-edgenext.12c182fb6de97f4c203d.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 25070
content-md5: VZMgRcpVsm9690N1nI+QkA==
last-modified: Thu, 13 Oct 2022 18:53:21 GMT
etag: 0x8DAAD4C3362870F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b4c59e39-d01e-0091-2236-dfc1ed000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:20 GMT
akamai-request-bc: [a=84.53.185.28,b=583129500,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1d99c
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/company-news-card.8a6e4dc33f3e3debfe65.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/company-news-card.8a6e4dc33f3e3debfe65.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 13983
content-md5: pt8pqlaRx7o1d4nAYJZNgA==
last-modified: Wed, 12 Oct 2022 18:35:24 GMT
etag: 0x8DAAC8086A01B83
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 64f66dd3-601e-0102-606a-de0440000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:20 GMT
akamai-request-bc: [a=84.53.185.28,b=583130269,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1dc9d
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/content-group-card.e2522c74ad29071967c1.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/content-group-card.e2522c74ad29071967c1.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 51493
content-md5: ie5F8/m/auSSAeph7hrFOQ==
last-modified: Mon, 17 Oct 2022 17:27:36 GMT
etag: 0x8DAB064E21E85A0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 42edbb67-f01e-0007-1b4e-e2dc96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:20 GMT
akamai-request-bc: [a=84.53.185.28,b=583130453,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=13, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1dd55
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/daily-brief-wc.80aabe26082b2a333c80.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/daily-brief-wc.80aabe26082b2a333c80.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 5322
content-md5: mefoI+gCA5IxMakB3fV/uw==
last-modified: Wed, 12 Oct 2022 18:35:20 GMT
etag: 0x8DAAC808435DEE0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e352ce64-001e-00a8-5b6a-de93ef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583130656,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=15, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1de20
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/default-browser-reclaim-banner.f9f6932c87c7d309dd5f.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/default-browser-reclaim-banner.f9f6932c87c7d309dd5f.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 4789
content-md5: a7YNxDq8zCo/4SoCUJ5Jeg==
last-modified: Tue, 18 Oct 2022 15:09:55 GMT
etag: 0x8DAB11AD0DC6F3E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: feab5a54-601e-00ea-2e04-e316fa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583130709,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=13, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1de55
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/DefaultBrowserReclaimData.8abfe95ed5d89b77eb4c.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/DefaultBrowserReclaimData.8abfe95ed5d89b77eb4c.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 218
content-md5: NR6XYmO4W1tDoXWj+z+niQ==
last-modified: Thu, 13 Oct 2022 18:53:11 GMT
etag: 0x8DAAD4C2D852929
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2ffcf095-201e-0096-37ca-df10e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583130765,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=12, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1de8d
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/dev-tools.f74ce40844294f403d22.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/dev-tools.f74ce40844294f403d22.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 9705
content-md5: M0LlRegyGaM6UbV+54nTuA==
last-modified: Fri, 07 Oct 2022 18:07:58 GMT
etag: 0x8DAA88EDDDD37A8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5398c0b3-001e-00ec-2a79-daecf6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583130805,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=12, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1deb5
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100 HTTP/2.0
host: assets.msn.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 401

content-length: 48
content-type: application/json; charset=utf-8
access-control-allow-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
access-control-expose-headers: TicketType,RequestContinuationKey,AuthToken,Content-Type,x-client-activityid,ms-cv,signedInCookieName,muid,appid,User-Location,user-location,userauthtoken,usertickettype,sitename,s2sauthtoken,thumbprint,Authorization,Ent-Authorization,UserIdToken,DDD-TMPL,DDD-ActivityId,DDD-FeatureSet,DDD-Session-ID,Date,date,ads-referer,ads-referer,taboola-sessionId,taboola-sessionid,Akamai-Request-ID,Akamai-Server-IP,X-MSEdge-Ref,DDD-DebugId,s-xbox-token,OneWebServiceLatency,X-FD-Features,DDD-UserType
ddd-authenticatedwithjwtflow: False
ddd-usertype: Unknown
onewebservicelatency: 0
x-msedge-responseinfo: 0
x-fd-features: prg-adspeek,btrecrow3,1s-winauthservice,prg-1sw-clrot,prg-1s-mtsn,prg-1sw-wxrus,prg-ias,1s-fcrypt,prg-upsaip-w1-t,prg-1sw-psfy21,prg-upsaip-r-t,prg-wx-anmpr,prg-wea-allxap,prg-wea-subxap,prg-wx-sbn-vm,prg-1sw-sbn-mm,prg-ccmfa-t,1s-rpssecautht,1s-xapsegment,prg-wx-wfv2,prg-ugc-test,prg-ugc-test-3,1s-xapntpseg,prg-weanouser1,prg-wpo-t20wc,prg-wea-zoompv,1s-compicsync
x-fd-detection-corpnet: 0
x-fd-flight: 2ml4=prg-adspeek,2rb5=btrecrow3,2tpu=1s-winauthservice,prong2flyout3=prg-1sw-clrot,314c=prg-ias,3gk6=1s-fcrypt,3nhv=prg-upsaip-w1-t,3p16=prg-1sw-psfy21,3pum=prg-upsaip-r-t,3qpc=prg-wx-anmpr,3sx0=prg-wea-allxap,3t7d=prg-wx-sbn-vm,3txa=prg-1sw-sbn-mm,3v18=prg-ccmfa-t,3vhe=1s-rpssecautht,49pp=1s-xapsegment,49ym=prg-wx-wfv2,49zq=prg-ugc-test,4a51=prg-ugc-test-3,4a6y=1s-xapntpseg,4ax2=prg-weanouser1,edgidanaheimsports3=prg-wpo-t20wc,4bgo=prg-wea-zoompv,4fkl=1s-compicsync
ddd-debugid: 9ef324f5-910c-40d2-9674-fe15a38f60ef|2022-10-19T05:35:21.1608803Z|fabric:/msn|NEU1|News_201
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7656DE03D9474A609FBCDB8F16C6CCD0 Ref B: DUS30EDGE0917 Ref C: 2022-10-19T05:35:21Z
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583130828,c=g,n=NL__AMSTERDAM,o=20940],[c=c,n=NL__AMSTERDAM,o=20940],[a=204.79.197.203,c=o]
server-timing: clientrtt; dur=8, clienttt; dur=35, origin; dur=31 , cdntime; dur=4
akamai-cache-status: Miss from child, Miss from parent
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1decc
access-control-allow-methods: PUT,PATCH,POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
x-as-suppresssetcookie: 1
cache-control: public, max-age=300
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/digest-card.1711d413e9b6080b8602.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/digest-card.1711d413e9b6080b8602.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 50606
content-md5: YBSnmoGAbKTCoem7YK1ILA==
last-modified: Thu, 13 Oct 2022 18:53:11 GMT
etag: 0x8DAAD4C2D478CF8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 89f3146f-c01e-001c-1436-df49a3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583130929,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1df31
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/edge-shopping.b651c559352230d9c256.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/edge-shopping.b651c559352230d9c256.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 8648
content-md5: SMj84NOLC9YE/lLixCrNqA==
last-modified: Mon, 10 Oct 2022 21:29:47 GMT
etag: 0x8DAAB068E72DAB5
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3c019e28-301e-00f7-01ef-dc79c3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583131089,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1dfd1
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/EdgeNextPage.constants.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/EdgeNextPage.constants.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: nXbL4jSaEHnr/kaAFVdYkA==
last-modified: Fri, 07 Oct 2022 18:08:01 GMT
etag: 0x8DAA88EDFA09E59
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1f8fcdd1-c01e-0058-7bfd-db36ba000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:21 GMT
content-length: 440
akamai-request-bc: [a=84.53.185.28,b=583131244,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1e06c
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/EdgeNextSSRInteropContract.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/EdgeNextSSRInteropContract.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: MqsWe5UNBK5UhlUMrexxyw==
last-modified: Fri, 07 Oct 2022 18:08:06 GMT
etag: 0x8DAA88EE25239B6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 89c2df64-401e-0028-4613-dcc4ba000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
content-length: 400
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583131563,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=26, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1e1ab
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/EdgeNextTelemetry.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/EdgeNextTelemetry.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: HsVQmct05PESckzbU+z3CA==
last-modified: Fri, 14 Oct 2022 16:16:10 GMT
etag: 0x8DAADFF682638A3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 97a55a55-001e-0084-209a-e1f6c5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:21 GMT
content-length: 3013
akamai-request-bc: [a=84.53.185.28,b=583131627,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=26, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1e1eb
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/esports-card.a81b95825fc5ba6bce88.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/esports-card.a81b95825fc5ba6bce88.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 30972
content-md5: R32ZqtcKwWs6jnpG86ls9Q==
last-modified: Mon, 17 Oct 2022 17:27:31 GMT
etag: 0x8DAB064DF4D6264
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6944b130-201e-0096-3d4f-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583131675,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=23, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1e21b
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/esports-streams-card.4d4fc788e9166843e521.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/esports-streams-card.4d4fc788e9166843e521.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 18140
content-md5: fPtX390R6AvPs8LlCkQmkQ==
last-modified: Mon, 17 Oct 2022 17:27:40 GMT
etag: 0x8DAB064E48F96CD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6944b176-201e-0096-784f-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583131775,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=12, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1e27f
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/ExperienceLoadedData.503d466bcf252ff0962b.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/ExperienceLoadedData.503d466bcf252ff0962b.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 214
content-md5: i0LNxXwQ7ssfddpNK+qu8g==
last-modified: Thu, 06 Oct 2022 21:44:28 GMT
etag: 0x8DAA7E3F1E7370B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 25c7ae8f-c01e-0020-5d25-da9cab000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583131960,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=13, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1e338
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-coldstart_index_js.f7ce9aecd185bba95e4d.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-coldstart_index_js.f7ce9aecd185bba95e4d.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2559
content-md5: 47n8i1HtIb7EgSePmT6CHQ==
last-modified: Mon, 10 Oct 2022 21:29:43 GMT
etag: 0x8DAAB068C526DA6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5adb028b-901e-00d1-42f0-dc12fc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583132041,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=16, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1e389
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-feedback_index_js.f0dbfbc2e88ab7e18b34.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-feedback_index_js.f0dbfbc2e88ab7e18b34.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3379
content-md5: BvKXoF1cE2HhwxwfuL6xtQ==
last-modified: Mon, 17 Oct 2022 17:27:32 GMT
etag: 0x8DAB064DFFE6DA4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ee8ab083-901e-00fd-2da5-e277d6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583132135,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=18, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1e3e7
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-hidepopup_index_js.78f6a23fecd9007da334.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-hidepopup_index_js.78f6a23fecd9007da334.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3096
content-md5: Iqd/Crhg01vj1FS6wLcicQ==
last-modified: Fri, 14 Oct 2022 16:16:00 GMT
etag: 0x8DAADFF62302630
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 96d8a002-201e-0046-794c-e22485000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583132273,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=14, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1e471
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-hidereminder_index_js.2fddf8f6f7c8755ea82a.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-hidereminder_index_js.2fddf8f6f7c8755ea82a.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1536
content-md5: WD1LCtmb4Tr1Xaq3n56gow==
last-modified: Tue, 18 Oct 2022 15:09:53 GMT
etag: 0x8DAB11ACF76FC52
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a931bb40-e01e-004a-0624-e3d09c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:21 GMT
akamai-request-bc: [a=84.53.185.28,b=583132389,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=16, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1e4e5
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/feedback-dialog.af4f225ad995a45ab3b0.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/feedback-dialog.af4f225ad995a45ab3b0.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 26978
content-md5: NHWrlEwQPgTk614CCkH4cg==
last-modified: Fri, 14 Oct 2022 16:16:04 GMT
etag: 0x8DAADFF64B6E756
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 25ff1ad2-701e-009b-61e1-e1cff8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:22 GMT
akamai-request-bc: [a=84.53.185.28,b=583133512,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=14, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1e948
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/FeedNavHeaderData.599a3827c3bf66e36e86.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/FeedNavHeaderData.599a3827c3bf66e36e86.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 418
content-md5: BpniHyt1iePksiFe666iAg==
last-modified: Wed, 05 Oct 2022 18:41:38 GMT
etag: 0x8DAA7013D14DEE5
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4f53c444-b01e-00c3-11c4-d9f4da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:22 GMT
akamai-request-bc: [a=84.53.185.28,b=583133758,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ea3e
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/FontUtility.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/FontUtility.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: ViYo4OFvRKjsLf6QTbO9ug==
last-modified: Wed, 05 Oct 2022 18:41:44 GMT
etag: 0x8DAA70140A5E426
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8ebce37a-501e-00a5-2ca3-d94cf4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:22 GMT
content-length: 937
akamai-request-bc: [a=84.53.185.28,b=583133884,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1eabc
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/game-card.9e09d6dab71642fd4787.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/game-card.9e09d6dab71642fd4787.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 96601
content-md5: 4NF2NQO29+bY4iOMnOQBWA==
last-modified: Mon, 10 Oct 2022 21:29:49 GMT
etag: 0x8DAAB068F73F84B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3cc8d027-e01e-0076-7d26-dd0594000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:22 GMT
akamai-request-bc: [a=84.53.185.28,b=583133960,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1eb08
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-compete-card.84699e4932e25b662a71.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-compete-card.84699e4932e25b662a71.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 33876
content-md5: qTp6l0AQKrbNnqB4HA9uTA==
last-modified: Mon, 17 Oct 2022 17:27:43 GMT
etag: 0x8DAB064E6A29198
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b7ccd3b0-601e-003a-5b4e-e2229c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:22 GMT
akamai-request-bc: [a=84.53.185.28,b=583134293,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ec55
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-match-card.a4401d46db63d2635ad1.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-match-card.a4401d46db63d2635ad1.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 29279
content-md5: EBvdCseKMCYLG9Kkwc7f6A==
last-modified: Mon, 17 Oct 2022 17:27:33 GMT
etag: 0x8DAB064E056DFB8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d0d59882-201e-0002-0d4e-e25b9c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:22 GMT
akamai-request-bc: [a=84.53.185.28,b=583134455,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ecf7
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-media-carousel.032e111c0822a925280d.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-media-carousel.032e111c0822a925280d.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 16243
content-md5: Qz0Y6Bm4sJycWMQfY0PP+g==
last-modified: Mon, 17 Oct 2022 17:27:41 GMT
etag: 0x8DAB064E511D15E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 42f379ba-f01e-0007-674f-e2dc96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:22 GMT
akamai-request-bc: [a=84.53.185.28,b=583134672,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1edd0
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-personalization-card.5324d2a652dcfa8f473f.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-personalization-card.5324d2a652dcfa8f473f.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 21223
content-md5: ks17Ghr5NfVK45lFf7zitw==
last-modified: Mon, 17 Oct 2022 17:27:35 GMT
etag: 0x8DAB064E1EC0BF4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d0d5962c-201e-0002-154e-e25b9c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:22 GMT
akamai-request-bc: [a=84.53.185.28,b=583134809,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ee59
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-recentlyplayed-card.dd84940f6a70d47339af.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-recentlyplayed-card.dd84940f6a70d47339af.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 29954
content-md5: tH/KeAgrqRzBmTlvEXbISg==
last-modified: Mon, 17 Oct 2022 17:27:39 GMT
etag: 0x8DAB064E436FDA4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d0d59744-201e-0002-014e-e25b9c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:22 GMT
akamai-request-bc: [a=84.53.185.28,b=583134930,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1eed2
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-recommended-card.90886855f238981d9c76.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-recommended-card.90886855f238981d9c76.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 23335
content-md5: 9HWgpnJVSls2FPMryqv12A==
last-modified: Mon, 17 Oct 2022 17:27:30 GMT
etag: 0x8DAB064DEDBC707
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6944b22c-201e-0096-144f-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:22 GMT
akamai-request-bc: [a=84.53.185.28,b=583135077,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1ef65
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-reddit-card.accf97f0eb8c9e795cbe.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-reddit-card.accf97f0eb8c9e795cbe.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 30630
content-md5: oZW/Fd9XmaDZBc8qia4s3w==
last-modified: Mon, 17 Oct 2022 17:27:51 GMT
etag: 0x8DAB064EB48031E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 42f05b25-f01e-0007-774e-e2dc96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:22 GMT
akamai-request-bc: [a=84.53.185.28,b=583135250,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f012
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-rewards-card.f5608f31ab077a3b82ae.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-rewards-card.f5608f31ab077a3b82ae.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 31180
content-md5: UKl1zKd6yR+bT1XQP4mNWQ==
last-modified: Mon, 17 Oct 2022 17:27:50 GMT
etag: 0x8DAB064EAC61699
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b7ccd375-601e-003a-364e-e2229c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583135474,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f0f2
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-stream-card.dc386a7ca84c329504d3.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-stream-card.dc386a7ca84c329504d3.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 31960
content-md5: Zcckdhka4FbT3EqykpPz9w==
last-modified: Mon, 17 Oct 2022 17:27:42 GMT
etag: 0x8DAB064E5E4DE20
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 42ed751e-f01e-0007-364e-e2dc96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583135623,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f187
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-tournament-card.5acafdb89f44ff05db4d.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-tournament-card.5acafdb89f44ff05db4d.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 27650
content-md5: Lpl9Lv+gqRzPVacrJC11zQ==
last-modified: Mon, 17 Oct 2022 17:27:31 GMT
etag: 0x8DAB064DF162E9B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 42ee0a09-f01e-0007-644e-e2dc96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583135816,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f248
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-upcoming-card.757737acf1d188cd8a53.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-upcoming-card.757737acf1d188cd8a53.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 33572
content-md5: uAWwM6rPybTLueCAu7P2ug==
last-modified: Mon, 17 Oct 2022 17:27:34 GMT
etag: 0x8DAB064E1197453
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 42ed75a8-f01e-0007-234e-e2dc96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583136032,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f320
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-video-card.4afdb83f0ea8502c708a.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/gaming-video-card.4afdb83f0ea8502c708a.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 33565
content-md5: 8X+AJFJJf5ylhQWGEVB9dA==
last-modified: Mon, 17 Oct 2022 17:27:36 GMT
etag: 0x8DAB064E2190833
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6944b2ad-201e-0096-034f-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583136255,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f3ff
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/general-elections.fa624b4ffcabe8e7aad1.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/general-elections.fa624b4ffcabe8e7aad1.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 16379
content-md5: l3qkJpS/LnNi+RAieHKqVQ==
last-modified: Thu, 13 Oct 2022 01:15:08 GMT
etag: 0x8DAACB85E52D30A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b2c5ae81-301e-00cb-2da2-deaccb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583136458,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f4ca
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/grocery-coupon-sd-card.ade8877df81a553cb1c6.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/grocery-coupon-sd-card.ade8877df81a553cb1c6.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 5944
content-md5: 5WG5aoyivcsW0mSGsmAqsw==
last-modified: Mon, 17 Oct 2022 17:27:38 GMT
etag: 0x8DAB064E38F66C1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6944b2df-201e-0096-334f-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583136749,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f5ed
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/health-tip-wc.fb4fc0c4c1180544c832.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/health-tip-wc.fb4fc0c4c1180544c832.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 10301
content-md5: uyazyHdhOjWTBvS59f390g==
last-modified: Fri, 14 Oct 2022 16:16:06 GMT
etag: 0x8DAADFF65F9BF3A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e9c82674-f01e-003b-16e8-df099e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583136818,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f632
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/healthFitnessCarousel.6720603d9f43541b6a27.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/healthFitnessCarousel.6720603d9f43541b6a27.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 22673
content-md5: rwpfZryZJ9W2aCXBLOnSHg==
last-modified: Wed, 12 Oct 2022 18:35:20 GMT
etag: 0x8DAAC8084B5AA7D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f03f349f-701e-000f-586a-de8487000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583136924,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f69c
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/holiday-effects.d49a242a20a5e24b0382.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/holiday-effects.d49a242a20a5e24b0382.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 12961
content-md5: smbYlWbZtx6CzW5TexfNjw==
last-modified: Mon, 10 Oct 2022 21:29:49 GMT
etag: 0x8DAAB068FF21674
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fc713661-b01e-00ef-6d25-dd91f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583137031,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f707
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/horizontal-nav.151da93f5720fd6c2633.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/horizontal-nav.151da93f5720fd6c2633.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 9642
content-md5: 4iE5Xea83c6Twv/lP1lDhg==
last-modified: Thu, 06 Oct 2022 21:44:25 GMT
etag: 0x8DAA7E3F0163DB7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0e9f7ae6-001e-0094-6029-da46e7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583137099,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f74b
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/horoscope-answer-card-wc.a83789354995ac943a1f.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/horoscope-answer-card-wc.a83789354995ac943a1f.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 26505
content-md5: ZvsZKzfDK/PdDIPn8RlcvA==
last-modified: Thu, 13 Oct 2022 01:15:28 GMT
etag: 0x8DAACB86A5DECD5
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 49584c12-401e-0014-29a2-de11b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583137206,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f7b6
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/image-search-wc.70bb67979f3bddfa04b6.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/image-search-wc.70bb67979f3bddfa04b6.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2078
content-md5: dPi/pK3q1iVgUk7p0VFgzQ==
last-modified: Thu, 06 Oct 2022 21:44:27 GMT
etag: 0x8DAA7E3F19CA467
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a6dc4a2e-801e-0060-7325-da4fba000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583137333,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f835
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/inline-head.6a6ff7926a1425eeea85.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/inline-head.6a6ff7926a1425eeea85.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 6880
content-md5: +/X2h7rMVP/waxsy+nOstA==
last-modified: Mon, 17 Oct 2022 17:27:41 GMT
etag: 0x8DAB064E50E9D8E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6944b321-201e-0096-6a4f-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583137418,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f88a
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/inline-head.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/inline-head.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: HkfLFatVlD4S4lI7bEx/Mg==
last-modified: Wed, 05 Oct 2022 18:41:31 GMT
etag: 0x8DAA7013889BFE3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 951e3a3f-b01e-0057-5740-d9bfa5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:23 GMT
content-length: 3266
akamai-request-bc: [a=84.53.185.28,b=583137513,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f8e9
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/inline-tuning-upsell.28914ad1e1f83f24d738.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/inline-tuning-upsell.28914ad1e1f83f24d738.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 11004
content-md5: 1rjMYYRuAeCiaP91x5zDYQ==
last-modified: Wed, 12 Oct 2022 18:35:19 GMT
etag: 0x8DAAC8083B4B3DD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 64f670b0-601e-0102-546a-de0440000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583137560,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f918
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/interests-wc.7ce4ac698286bac157df.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/interests-wc.7ce4ac698286bac157df.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 156988
content-md5: nUSnniU26uuK4MUD37Odbg==
last-modified: Tue, 18 Oct 2022 15:10:04 GMT
etag: 0x8DAB11AD61AD9D1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6023c98c-301e-009f-4a04-e363f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:23 GMT
akamai-request-bc: [a=84.53.185.28,b=583137668,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1f984
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/language-mismatch-banner.6ab6edea60ecd9a9fb9e.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/language-mismatch-banner.6ab6edea60ecd9a9fb9e.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3898
content-md5: ZklXXipGcPafDe3lmvDeng==
last-modified: Tue, 18 Oct 2022 15:10:01 GMT
etag: 0x8DAB11AD43415F6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6023cc2d-301e-009f-5d04-e363f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:24 GMT
akamai-request-bc: [a=84.53.185.28,b=583138055,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=14, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1fb07
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/LanguageMismatchData.1deacf2a60938e450289.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/LanguageMismatchData.1deacf2a60938e450289.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 434
content-md5: mddyj5KuBkTC2KMJJjvOMg==
last-modified: Tue, 18 Oct 2022 15:09:53 GMT
etag: 0x8DAB11ACFC02EFC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6023cd09-301e-009f-0c04-e363f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:24 GMT
akamai-request-bc: [a=84.53.185.28,b=583138135,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1fb57
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/layoutPreferenceData.31fc4154cdf13f310027.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/layoutPreferenceData.31fc4154cdf13f310027.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1303
content-md5: eZRGfF9P3AXFT9+a3tVL6A==
last-modified: Tue, 11 Oct 2022 21:28:45 GMT
etag: 0x8DAABCF940E3EC7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 141fa2aa-601e-0092-59e5-ddbceb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:24 GMT
akamai-request-bc: [a=84.53.185.28,b=583138289,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=15, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1fbf1
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_feed-layout-common_dist_FeedLayoutCardSize_js-libs_feed-layout_dist_index_js.5015f916ceef187ad4ff.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/libs_feed-layout-common_dist_FeedLayoutCardSize_js-libs_feed-layout_dist_index_js.5015f916ceef187ad4ff.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 337
content-md5: gwMQSj535lm8f0k6pamSCw==
last-modified: Thu, 13 Oct 2022 18:53:27 GMT
etag: 0x8DAAD4C36952659
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 771c0b33-e01e-001e-6235-df1fa7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:24 GMT
akamai-request-bc: [a=84.53.185.28,b=583138847,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=14, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c1fe1f
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_super-feed_dist_index_js.21442c5c22f8f45015b9.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/libs_super-feed_dist_index_js.21442c5c22f8f45015b9.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 154
content-md5: oE3zUN23ujlJWpQ6lGigNg==
last-modified: Thu, 13 Oct 2022 18:53:12 GMT
etag: 0x8DAAD4C2DA8155C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c3627691-301e-00db-3b35-df1ce9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:25 GMT
akamai-request-bc: [a=84.53.185.28,b=583140672,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=18, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c20540
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_traffic-chart-utils_dist_index_js.12bf0722ec19678a678b.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/libs_traffic-chart-utils_dist_index_js.12bf0722ec19678a678b.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 58960
content-md5: ID+DwEdD0QB+1kdG1aR/Mg==
last-modified: Mon, 10 Oct 2022 21:29:46 GMT
etag: 0x8DAAB068DFBC071
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e140f6fa-801e-0008-447e-dd5589000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:25 GMT
akamai-request-bc: [a=84.53.185.28,b=583140751,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=20, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c2058f
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_video-card-plugin-factory_dist_virtualadsplayer_plugin_js.386fbdeace8bc8e9ec4f.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/libs_video-card-plugin-factory_dist_virtualadsplayer_plugin_js.386fbdeace8bc8e9ec4f.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 111776
content-md5: mMpB79FfbLbqmCZoUMSTEg==
last-modified: Thu, 13 Oct 2022 01:15:19 GMT
etag: 0x8DAACB864FCB1AE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d0292e62-901e-0001-36f0-de269a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:25 GMT
akamai-request-bc: [a=84.53.185.28,b=583141004,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c2068c
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/linear-view-feed.6a845b5c4b9eb288a26a.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/linear-view-feed.6a845b5c4b9eb288a26a.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 6884
content-md5: WA1jS/zuVjm0/rmVgif0gQ==
last-modified: Tue, 18 Oct 2022 15:09:53 GMT
etag: 0x8DAB11ACF6A7B27
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 7129262b-b01e-0057-6803-e3bfa5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:25 GMT
akamai-request-bc: [a=84.53.185.28,b=583141279,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c2079f
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/linked-in-card.9f427c45242aedb94987.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/linked-in-card.9f427c45242aedb94987.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 19616
content-md5: ojHdNpVCPK0XAfd2HMnscg==
last-modified: Wed, 12 Oct 2022 18:35:20 GMT
etag: 0x8DAAC80845F0BB1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e358be8d-001e-00a8-766a-de93ef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:25 GMT
akamai-request-bc: [a=84.53.185.28,b=583141340,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c207dc
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/locationMarker.e77fc7e71abb3a686f68.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/locationMarker.e77fc7e71abb3a686f68.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 26414
content-md5: H/aPenBBVqw9hAjerxEy9Q==
last-modified: Tue, 18 Oct 2022 15:10:01 GMT
etag: 0x8DAB11AD4093C0C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6023d58d-301e-009f-4004-e363f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:25 GMT
akamai-request-bc: [a=84.53.185.28,b=583141441,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c20841
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/lottery-card.7ceb80f1794621e8bb44.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/lottery-card.7ceb80f1794621e8bb44.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 12646
content-md5: DDOz2G4C7uUgWFPlG6oTWA==
last-modified: Wed, 12 Oct 2022 18:35:24 GMT
etag: 0x8DAAC808696A713
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 439dead8-701e-00df-706a-deb0e1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:25 GMT
akamai-request-bc: [a=84.53.185.28,b=583141583,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c208cf
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/marketplace-card-wc.48446e8074dde23b0f0a.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/marketplace-card-wc.48446e8074dde23b0f0a.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 16322
content-md5: 4llbei7T0juVd7dLg1BOag==
last-modified: Thu, 13 Oct 2022 01:15:11 GMT
etag: 0x8DAACB86021A9BE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4958cde4-401e-0014-60a2-de11b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:26 GMT
akamai-request-bc: [a=84.53.185.28,b=583142961,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c20e31
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/mobile-app-upsell-floating-btn.413e115ad8d2473f5fd8.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/mobile-app-upsell-floating-btn.413e115ad8d2473f5fd8.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2837
content-md5: Qg3Oq8/MTY8MmKK5A2JSpw==
last-modified: Wed, 05 Oct 2022 18:41:43 GMT
etag: 0x8DAA7013FF1C9B9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6dc4c20a-f01e-00c7-61c4-d958d2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:26 GMT
akamai-request-bc: [a=84.53.185.28,b=583143405,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c20fed
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/mobile-app-upsell.8c83effaaaf90b58b6f6.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/mobile-app-upsell.8c83effaaaf90b58b6f6.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3964
content-md5: k9YL97cJSFdr9Hp+B8PDsg==
last-modified: Mon, 10 Oct 2022 21:29:39 GMT
etag: 0x8DAAB0689A1957A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3726b6d4-e01e-00b6-7626-dd81d0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:26 GMT
akamai-request-bc: [a=84.53.185.28,b=583143492,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21044
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/mockConfigs.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/mockConfigs.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: 2PbYhKftC6sHG4VCLMBs8w==
last-modified: Thu, 06 Oct 2022 21:44:29 GMT
etag: 0x8DAA7E3F28ED023
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: de125210-c01e-00cc-414d-da7dc5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:26 GMT
content-length: 1681
akamai-request-bc: [a=84.53.185.28,b=583143594,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c210aa
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/mockHeader.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/mockHeader.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: mP+99WK6z1bCAUGoJWoZqA==
last-modified: Mon, 17 Oct 2022 17:27:40 GMT
etag: 0x8DAB064E4ABA5D3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e388e958-f01e-00fb-774f-e28dda000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
content-length: 375
date: Wed, 19 Oct 2022 05:35:26 GMT
akamai-request-bc: [a=84.53.185.28,b=583143656,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c210e8
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/money-info-shared-state.991d5bd1ac0e6daf4788.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/money-info-shared-state.991d5bd1ac0e6daf4788.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 580
content-md5: mJ8TzA4M280+GUrQjX7skA==
last-modified: Thu, 06 Oct 2022 21:44:26 GMT
etag: 0x8DAA7E3F0B60FC6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2dd55e19-b01e-00ab-631e-daeee9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:26 GMT
akamai-request-bc: [a=84.53.185.28,b=583143965,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c2121d
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/msccCookieBanner.33bd1baa253920774704.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/msccCookieBanner.33bd1baa253920774704.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1345
content-md5: h70ios7Nex5j60K0ztJjcg==
last-modified: Tue, 11 Oct 2022 21:28:20 GMT
etag: 0x8DAABCF84C0F71A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cb690e5f-801e-0060-700e-de4fba000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583145524,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21834
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-call-to-action.2a74d2bf16e40627a28a.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/native-ad-call-to-action.2a74d2bf16e40627a28a.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 158
content-md5: 32P2MZ/bpvkNONaz3cXPMA==
last-modified: Thu, 06 Oct 2022 21:44:35 GMT
etag: 0x8DAA7E3F658DE5A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b68b574c-201e-003e-251b-da8e94000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583145610,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c2188a
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-decoration-combo.dde4b1c2e91d0ae13ee5.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/native-ad-decoration-combo.dde4b1c2e91d0ae13ee5.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1864
content-md5: A3jVnsVIoFL6+h7bs6qLAA==
last-modified: Mon, 10 Oct 2022 21:29:41 GMT
etag: 0x8DAAB068ABC03C1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ac8be6cd-a01e-0036-1249-ddd685000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583145717,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=12, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c218f5
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-like-button.68a5d03024e2d997e0d8.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/native-ad-like-button.68a5d03024e2d997e0d8.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 6809
content-md5: VmMof/afZYVl5D7dvkWPBQ==
last-modified: Tue, 11 Oct 2022 21:28:23 GMT
etag: 0x8DAABCF86AAF302
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 330ccacc-301e-00a3-80e6-ddb6f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583145828,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21964
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-sales-highlight-v1.fc83432c05225bef9020.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/native-ad-sales-highlight-v1.fc83432c05225bef9020.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 164
content-md5: tiluJs6z0KRw597bqUu04Q==
last-modified: Thu, 13 Oct 2022 18:53:30 GMT
etag: 0x8DAAD4C3885D7FC
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5936912e-401e-00c4-23ca-df25d4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583145940,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c219d4
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-sales-highlight-v3v4.f899fae2a4c0ee0a240e.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/native-ad-sales-highlight-v3v4.f899fae2a4c0ee0a240e.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1240
content-md5: I8auvdtAD7rmguR4KOSLKQ==
last-modified: Thu, 13 Oct 2022 18:53:30 GMT
etag: 0x8DAAD4C38B370F6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 94bac10e-a01e-00a2-4aca-df9dfa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583146062,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=13, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21a4e
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-trending.0170e00a2d7de64c7c7e.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/native-ad-trending.0170e00a2d7de64c7c7e.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1138
content-md5: 8CweXfWODCSpf64aB6kIQg==
last-modified: Thu, 06 Oct 2022 21:44:33 GMT
etag: 0x8DAA7E3F5385671
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 09249e0f-e01e-008a-39d6-d954d8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583146197,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21ad5
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/nativeadsdecorations.a97b85a690ead9e855a6.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/nativeadsdecorations.a97b85a690ead9e855a6.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2645
content-md5: uuW7/QRQGQOhmBmQ29y1+w==
last-modified: Wed, 05 Oct 2022 18:41:37 GMT
etag: 0x8DAA7013C7C10AE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2e77fe5e-901e-0069-38f5-d83ca9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583146286,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21b2e
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/nativeadstemplates.301f6fd9e32c6946e4d5.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/nativeadstemplates.301f6fd9e32c6946e4d5.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 9082
content-md5: 9hK0ujrOMDtYS4TsVeAmjQ==
last-modified: Thu, 06 Oct 2022 21:44:27 GMT
etag: 0x8DAA7E3F1656FE3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f84855aa-c01e-00a4-5a17-da67f6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583146554,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=15, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21c3a
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/news-headline-below-searchbox.599fed15e11671d38e24.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/news-headline-below-searchbox.599fed15e11671d38e24.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 9049
content-md5: DDsleXf3VGZsWEFNmp26FQ==
last-modified: Thu, 13 Oct 2022 18:53:28 GMT
etag: 0x8DAAD4C371BF5D1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fa1cbc4f-401e-0014-6c36-df11b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583146646,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21c96
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/news-segment-carousel.e7b1615739e64749e372.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/news-segment-carousel.e7b1615739e64749e372.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 23081
content-md5: nT4onqeHXGMcmlx0h4Oteg==
last-modified: Wed, 12 Oct 2022 18:35:19 GMT
etag: 0x8DAAC8083E99EC9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 64f67260-601e-0102-446a-de0440000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583146726,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21ce6
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/newsbar-toggle.fe0019ee9422861ce6fa.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/newsbar-toggle.fe0019ee9422861ce6fa.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2507
content-md5: fBmc+HksGYqcuZx+UqTQmA==
last-modified: Mon, 10 Oct 2022 21:29:48 GMT
etag: 0x8DAAB068F3C75AE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8811e370-a01e-00f6-5226-dd52c1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583146827,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21d4b
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/node_modules_intersection-observer_intersection-observer_js.7ed8a4e215d160c64db4.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/node_modules_intersection-observer_intersection-observer_js.7ed8a4e215d160c64db4.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2172
content-md5: KfJen2ElIR0LMPgn38lbTQ==
last-modified: Thu, 06 Oct 2022 21:44:25 GMT
etag: 0x8DAA7E3F05F22E7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0924a031-e01e-008a-66d6-d954d8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:27 GMT
akamai-request-bc: [a=84.53.185.28,b=583146939,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=12, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21dbb
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/node.index.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/node.index.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: j5x9z7v9efnGuM30ftmcyw==
last-modified: Fri, 07 Oct 2022 18:08:07 GMT
etag: 0x8DAA88EE3014BB5
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 48220a7c-201e-00ba-6e79-da75c9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:27 GMT
content-length: 724
akamai-request-bc: [a=84.53.185.28,b=583147201,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=15, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21ec1
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/ocv-feedback-data/index.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/ocv-feedback-data/index.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: sh0Y2R0+5hPEZgmdJrV71w==
last-modified: Fri, 07 Oct 2022 18:08:07 GMT
etag: 0x8DAA88EE32EBDBA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fc6abe95-001e-00b8-4bdd-dc23cd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:27 GMT
content-length: 151
akamai-request-bc: [a=84.53.185.28,b=583147409,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=13, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21f91
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/ocv-feedback-data/OcvFeedbackData.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/ocv-feedback-data/OcvFeedbackData.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: z9uClsAMcyenVD3wZdZUtg==
last-modified: Fri, 07 Oct 2022 18:07:56 GMT
etag: 0x8DAA88EDC78D2F1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d19f5876-201e-00ba-23a9-db75c9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:28 GMT
content-length: 1433
akamai-request-bc: [a=84.53.185.28,b=583147481,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=15, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c21fd9
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/office-coachmark.49e075c972b8a58454a9.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/office-coachmark.49e075c972b8a58454a9.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3255
content-md5: UgwDyIpGbSxHN1zkEs+5FA==
last-modified: Wed, 05 Oct 2022 18:41:46 GMT
etag: 0x8DAA70141932E89
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 339ac4da-401e-0014-7ceb-d811b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583147640,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=13, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22078
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/office-feed.17ac0a59c7eb7a8f5362.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/office-feed.17ac0a59c7eb7a8f5362.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 246457
content-md5: xkFypQJoI75tF9JD82Hh6Q==
last-modified: Tue, 18 Oct 2022 15:09:55 GMT
etag: 0x8DAB11AD094EA0D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: fe54e2b5-401e-0090-4303-e3eaef000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583147746,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=14, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c220e2
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/on-this-day-card-small.5b52f49b4016d391b40d.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/on-this-day-card-small.5b52f49b4016d391b40d.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3452
content-md5: kAmMjSY/aTVsaHrLBEqaSQ==
last-modified: Tue, 11 Oct 2022 21:28:26 GMT
etag: 0x8DAABCF8897FBBD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0402b588-a01e-001a-80b9-ddb3af000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583148626,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=21, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22452
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/on-this-day-card-wc.126b15edcdd24e5185e7.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/on-this-day-card-wc.126b15edcdd24e5185e7.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 12623
content-md5: Xq+eNozciN/mRCRIVXxxng==
last-modified: Thu, 13 Oct 2022 01:15:17 GMT
etag: 0x8DAACB863F74EE8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 55c16d66-d01e-007d-01a2-de2083000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583148679,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=16, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22487
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/oneTrustCookieConsentData.9e76f91797f1e6b4ae9d.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/oneTrustCookieConsentData.9e76f91797f1e6b4ae9d.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 894
content-md5: Zg1OTJpGsRXC7aHBAcG49w==
last-modified: Mon, 10 Oct 2022 21:29:45 GMT
etag: 0x8DAAB068D6DC618
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 238a02d0-501e-0089-7f49-dd29de000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583148793,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c224f9
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/overlay-wc.7cca6e3f28f198f19d27.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/overlay-wc.7cca6e3f28f198f19d27.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2769
content-md5: JGcIR1ljt3RwqORALNiz3w==
last-modified: Mon, 10 Oct 2022 21:29:44 GMT
etag: 0x8DAAB068CF720E8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cf0a2189-301e-00b3-2e26-dd06da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583148934,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22586
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/page-error-handling.db84b2a12deadb7bcb1b.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/page-error-handling.db84b2a12deadb7bcb1b.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1873
content-md5: jWV22O8ppOwm89Aqgt1NTQ==
last-modified: Mon, 17 Oct 2022 17:27:50 GMT
etag: 0x8DAB064EACE0491
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6944b598-201e-0096-654f-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583148997,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c225c5
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/page-error-handling.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/page-error-handling.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: OnlGsjx7ezEiCltcDq94fg==
last-modified: Fri, 14 Oct 2022 16:15:57 GMT
etag: 0x8DAADFF60924349
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: dfaaf0e1-a01e-008e-189a-e1f8d0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:28 GMT
content-length: 188
akamai-request-bc: [a=84.53.185.28,b=583149064,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22608
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/page.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/page.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-md5: i7/Nq5MhOhc31fArlZzyPQ==
last-modified: Fri, 14 Oct 2022 16:16:07 GMT
etag: 0x8DAADFF66A1CD75
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8e204eb2-701e-0067-35e3-e19eb4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: gzip
date: Wed, 19 Oct 2022 05:35:28 GMT
content-length: 12080
akamai-request-bc: [a=84.53.185.28,b=583149124,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22644
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/personalize-nav-button.d25ece26429e20bee910.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/personalize-nav-button.d25ece26429e20bee910.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1655
content-md5: dtqocjIrsr27cxikm3/L5w==
last-modified: Thu, 06 Oct 2022 21:44:32 GMT
etag: 0x8DAA7E3F4122A0D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 0ea08207-001e-0094-5229-da46e7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583149176,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22678
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/pivots-nav-edgenext.8589bf13131ae9fc5475.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/pivots-nav-edgenext.8589bf13131ae9fc5475.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3577
content-md5: 1IPQ9fMXaJ/LAhtA2PUfWA==
last-modified: Mon, 10 Oct 2022 21:29:41 GMT
etag: 0x8DAAB068AD8FD65
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6fb7fef0-201e-00d2-0f26-dd6ffa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583149401,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22759
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/polls-card-wc.aa32f933b296dbcecace.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/polls-card-wc.aa32f933b296dbcecace.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 43346
content-md5: AJLGEY0rYgYPujQQuhKDdg==
last-modified: Thu, 13 Oct 2022 18:53:26 GMT
etag: 0x8DAAD4C364F7503
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9b16e490-f01e-00c7-2936-df58d2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583149488,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c227b0
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/poweredby-legend-wc.26ef6c1ffbff4473faef.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/poweredby-legend-wc.26ef6c1ffbff4473faef.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1282
content-md5: XXXQx/l/mcbhJ+R5rjkUgg==
last-modified: Thu, 06 Oct 2022 21:44:28 GMT
etag: 0x8DAA7E3F224FA4C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: bbd7e2e1-401e-00c4-6c1a-da25d4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583149659,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c2285b
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/poweredByData.8d934c50f38e418267ab.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/poweredByData.8d934c50f38e418267ab.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 713
content-md5: rbE1X6pV5u2+0WI+X4BMXA==
last-modified: Thu, 06 Oct 2022 21:44:27 GMT
etag: 0x8DAA7E3F19C0845
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44868776-101e-0009-221c-da7e8b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583149736,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c228a8
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/premium-profile-promo-card.f9d39baff159c7a2c439.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/premium-profile-promo-card.f9d39baff159c7a2c439.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 38322
content-md5: suVT3lpQDnlsS99ZCkOroA==
last-modified: Mon, 17 Oct 2022 17:27:42 GMT
etag: 0x8DAB064E5AB39B5
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d0dce5e5-201e-0002-664f-e25b9c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583149797,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c228e5
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/prism-sd-card.265cef4eff59378bfee0.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/prism-sd-card.265cef4eff59378bfee0.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 10737
content-md5: DF0qZrvokUSx+RICJodw4A==
last-modified: Wed, 12 Oct 2022 18:35:16 GMT
etag: 0x8DAAC80822D89F6
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 64f6736c-601e-0102-1e6a-de0440000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:28 GMT
akamai-request-bc: [a=84.53.185.28,b=583150011,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c229bb
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/profile-promo-card.92fe974a1af3653126d2.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/profile-promo-card.92fe974a1af3653126d2.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 36287
content-md5: k91oIg/5NFkuMuHgiolxrQ==
last-modified: Mon, 17 Oct 2022 17:27:32 GMT
etag: 0x8DAB064DFB93252
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d0dce6d2-201e-0002-2f4f-e25b9c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583150129,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22a31
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/promoBannerWC.dfb54065b3f588a9fb57.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/promoBannerWC.dfb54065b3f588a9fb57.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3203
content-md5: Fzn6eebOOEGME/LhRgxQyQ==
last-modified: Tue, 11 Oct 2022 21:28:25 GMT
etag: 0x8DAABCF8839BCEB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e7d8b23c-601e-002a-5bfb-dd92be000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583151046,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22dc6
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/publisher-carousel.1ea500b511b4fffba59b.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/publisher-carousel.1ea500b511b4fffba59b.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 80383
content-md5: D3TXZlaBUt6KITABEaHsjA==
last-modified: Mon, 17 Oct 2022 17:27:51 GMT
etag: 0x8DAB064EB4DF59D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6944b68e-201e-0096-2c4f-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583151122,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22e12
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/qna-card.2b682c662093bdcb4605.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/qna-card.2b682c662093bdcb4605.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 24084
content-md5: 2WM91+Fsi4AhjwbDID3xmw==
last-modified: Fri, 14 Oct 2022 16:15:59 GMT
etag: 0x8DAADFF62117F1F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 66f5f683-401e-0100-7de9-df5244000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583151439,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c22f4f
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/quiz-card.71cf4f609e05076553ab.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/quiz-card.71cf4f609e05076553ab.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 17326
content-md5: t/nw9fvUG1CoT13lIczFVQ==
last-modified: Wed, 12 Oct 2022 18:35:20 GMT
etag: 0x8DAAC8084508EE1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 64f6748c-601e-0102-086a-de0440000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583151616,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=2, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23000
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/reaction-breakdown-dialog.c95ec5b3c2813eca2486.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/reaction-breakdown-dialog.c95ec5b3c2813eca2486.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 50675
content-md5: ma212BC81egmmoDgFjKL0w==
last-modified: Mon, 17 Oct 2022 17:27:40 GMT
etag: 0x8DAB064E453A8CB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 42eb5e08-f01e-0007-804e-e2dc96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583151752,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23088
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/recipes-sd-card.b5b6b07448d62643c2f9.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/recipes-sd-card.b5b6b07448d62643c2f9.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 15246
content-md5: Qy8DR1XkSnwjeMeDkPCq+A==
last-modified: Thu, 13 Oct 2022 01:15:07 GMT
etag: 0x8DAACB85DF0C439
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 55be84a0-d01e-007d-07a2-de2083000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583151924,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23134
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/recommended-interests.2ad44a3763142a90dfd9.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/recommended-interests.2ad44a3763142a90dfd9.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 19904
content-md5: gqAijm6YW1LabJ/CQI6PDA==
last-modified: Tue, 18 Oct 2022 15:09:59 GMT
etag: 0x8DAB11AD33A4C65
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ac494c4a-401e-0038-2204-e37498000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583152052,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c231b4
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/recommended-search-carousel-wc.54ddc218865cc02bdb02.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/recommended-search-carousel-wc.54ddc218865cc02bdb02.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 13451
content-md5: cpw7429omTzQfg2dQYec+w==
last-modified: Fri, 14 Oct 2022 16:16:00 GMT
etag: 0x8DAADFF62335A0A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d9ed39e8-c01e-0048-2ee1-e18698000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583152242,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23272
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/recommended-searches-card.0450dae92ff70fdad7f7.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/recommended-searches-card.0450dae92ff70fdad7f7.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 20997
content-md5: Mc/8z5rV6PbTbZ/M7oNhyg==
last-modified: Thu, 13 Oct 2022 01:15:06 GMT
etag: 0x8DAACB85D6B7B2E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 55c53284-d01e-007d-09a2-de2083000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583152384,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23300
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/recommendedSites-wc.e811d47a62accc6e9e30.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/recommendedSites-wc.e811d47a62accc6e9e30.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 4179
content-md5: meKAeNrSZMvY19R2Jsd/3g==
last-modified: Mon, 10 Oct 2022 21:29:43 GMT
etag: 0x8DAAB068BFA216E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 4c93c362-401e-0040-2a25-ddde89000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583152535,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23397
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/rewards-card-wc.7596eccd2530255bd3ab.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/rewards-card-wc.7596eccd2530255bd3ab.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 107437
content-md5: ggh9QRt9f68CCMmzznYDvw==
last-modified: Wed, 12 Oct 2022 18:35:24 GMT
etag: 0x8DAAC8086AD600B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44cc6d55-301e-00a3-7d6a-deb6f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:29 GMT
akamai-request-bc: [a=84.53.185.28,b=583152636,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c233fc
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/rewards-daily-set-card.06133958457f4fe750cf.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/rewards-daily-set-card.06133958457f4fe750cf.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 29831
content-md5: FEHrupAWfIU/0MoHRc7kAg==
last-modified: Wed, 12 Oct 2022 18:35:26 GMT
etag: 0x8DAAC80882A5246
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 439df4f4-701e-00df-236a-deb0e1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583153033,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23589
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/RewardsCoachmarkData.811235af21c913c4adb3.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/RewardsCoachmarkData.811235af21c913c4adb3.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3033
content-md5: Q/GHEz7i4Cc8Ca85sh104Q==
last-modified: Wed, 05 Oct 2022 18:41:42 GMT
etag: 0x8DAA7013F6D43D4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 39df9a4a-301e-000b-4d81-d9288f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583153191,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23627
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/sd-card-mask-wc.5d21caf63fb9cb8aa7ba.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/sd-card-mask-wc.5d21caf63fb9cb8aa7ba.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3225
content-md5: LacJG2pQHLFppHIEOixPig==
last-modified: Mon, 10 Oct 2022 21:29:44 GMT
etag: 0x8DAAB068C8DC03F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 78b08bbb-b01e-00ab-6226-ddeee9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583153384,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c236e8
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/search-history-edgenext-wc.5ec9754a8026d09d4788.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/search-history-edgenext-wc.5ec9754a8026d09d4788.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 14543
content-md5: aBq7N2x6boD+HbuoNVc9Mg==
last-modified: Thu, 13 Oct 2022 18:53:33 GMT
etag: 0x8DAAD4C3A48C99D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b173a4bc-401e-00d4-4e35-df95f6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583153464,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23738
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/SearchHistoryEdgenextData.374a311a416d7d948536.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/SearchHistoryEdgenextData.374a311a416d7d948536.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 409
content-md5: 1A/8J3PLPKrDurprAtID0w==
last-modified: Wed, 05 Oct 2022 18:41:37 GMT
etag: 0x8DAA7013C0F7C1F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 334522d1-501e-00e1-0869-d933ed000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583153585,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c237b1
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/select-carousel.a8af4a8f3c78195cde69.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/select-carousel.a8af4a8f3c78195cde69.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 61433
content-md5: ic4TOrUGelOZDFEtLtO0pQ==
last-modified: Tue, 18 Oct 2022 15:09:54 GMT
etag: 0x8DAB11AD0652EED
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ac494e2b-401e-0038-0204-e37498000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583153641,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c237e9
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/shared-links.8906b9de33efc8b35ac2.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/shared-links.8906b9de33efc8b35ac2.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 10028
content-md5: ZqHZocP7xAv1Sr/rs1Mcpg==
last-modified: Thu, 06 Oct 2022 21:44:34 GMT
etag: 0x8DAA7E3F5CD54A3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 77e58a08-001e-0010-80cd-d9bdba000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583153999,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c2394f
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/sharepoint-news-card.1d0ecc57811dc3e151bc.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/sharepoint-news-card.1d0ecc57811dc3e151bc.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 17346
content-md5: RYd1HksOzEdYyiKU8jWZPg==
last-modified: Thu, 06 Oct 2022 21:44:34 GMT
etag: 0x8DAA7E3F5C280C7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f36e345a-101e-0025-6ecd-d91ba1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583154107,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c239bb
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/shopping-edge-insights-card.74340e84e9bfe0a2710b.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/shopping-edge-insights-card.74340e84e9bfe0a2710b.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 12647
content-md5: ltIUxZttJ28Q6QhUHd/i5Q==
last-modified: Wed, 12 Oct 2022 18:35:21 GMT
etag: 0x8DAAC808533EFB9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ef2916d1-c01e-0030-486a-de2c89000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583154365,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23abd
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/shopping-smart-list.56a461aa3e68d4f728bc.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/shopping-smart-list.56a461aa3e68d4f728bc.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 6461
content-md5: Awtcb5o9FUaTk+MrCMZGiQ==
last-modified: Wed, 12 Oct 2022 18:35:22 GMT
etag: 0x8DAAC8085E2B3B4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 439769ce-701e-00df-736a-deb0e1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583154492,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23b3c
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/shuffle-fre.617078965e558a1d2dac.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/shuffle-fre.617078965e558a1d2dac.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 10147
content-md5: MEzVTQkDW1tOUSkhfSKn4Q==
last-modified: Wed, 12 Oct 2022 18:35:25 GMT
etag: 0x8DAAC80878E2930
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44cc6f91-301e-00a3-7e6a-deb6f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583154615,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23bb7
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/side-bar.ac99d53a746a6efed66f.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/side-bar.ac99d53a746a6efed66f.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 3496
content-md5: xlzGnh+7n8XaQCAThuRcvg==
last-modified: Mon, 10 Oct 2022 21:29:39 GMT
etag: 0x8DAAB0689FE74E9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 262b220e-a01e-00a2-7026-dd9dfa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583154723,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23c23
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/sign-in-banner-wc.89134d824c16beeaa0ea.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/sign-in-banner-wc.89134d824c16beeaa0ea.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 7229
content-md5: AMKByWHmZ9BilBIYm3OChA==
last-modified: Mon, 10 Oct 2022 21:29:50 GMT
etag: 0x8DAAB069064286A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c2f0e42e-801e-0060-1c26-dd4fba000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583154797,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23c6d
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/sign-in-flyout-wc.86d8d2e257c765559901.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/sign-in-flyout-wc.86d8d2e257c765559901.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 4204
content-md5: Mi7T7iLdsuFqtxSQ8Nk9kg==
last-modified: Mon, 10 Oct 2022 21:29:44 GMT
etag: 0x8DAAB068CEC2608
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: cf080ae7-301e-00b3-2926-dd06da000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583154917,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23ce5
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/SignInData.81c3c0c99a253c9ea77a.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/SignInData.81c3c0c99a253c9ea77a.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 220
content-md5: KuWGorLUoIZ6aKDsGdMJcw==
last-modified: Thu, 13 Oct 2022 18:53:14 GMT
etag: 0x8DAAD4C2F3BC082
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b8c2ccc0-c01e-0074-25ca-df5390000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583154976,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23d20
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/social-avatar.0df0fdd130694364eae8.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/social-avatar.0df0fdd130694364eae8.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 4356
content-md5: Sb41arYjmEK2lwIwyhEbNg==
last-modified: Tue, 11 Oct 2022 21:28:31 GMT
etag: 0x8DAABCF8BB51A73
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: a44c36cc-401e-00e8-52fb-dd40fe000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583155034,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23d5a
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/social-bar-wc.8ebf9d66c25c13b738b4.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/social-bar-wc.8ebf9d66c25c13b738b4.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 109412
content-md5: Q9lGhnhNBTpSF8fRwTbynw==
last-modified: Tue, 18 Oct 2022 15:10:04 GMT
etag: 0x8DAB11AD610C944
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9d5585b8-801e-0024-5903-e330a3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:30 GMT
akamai-request-bc: [a=84.53.185.28,b=583155099,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23d9b
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/social-data-connector.ef246fbabd550bf02893.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/social-data-connector.ef246fbabd550bf02893.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 30377
content-md5: JjiCBjTm/wnD1Z8N9B2Fkg==
last-modified: Mon, 17 Oct 2022 17:27:32 GMT
etag: 0x8DAB064DFE19B6D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6944b73c-201e-0096-314f-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:31 GMT
akamai-request-bc: [a=84.53.185.28,b=583155307,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23e6b
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/social-report-menu.7569d6971e88b4accd7f.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/social-report-menu.7569d6971e88b4accd7f.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 25524
content-md5: /VerULCZK7TsPbNanR7jeQ==
last-modified: Mon, 17 Oct 2022 17:27:45 GMT
etag: 0x8DAB064E7DAB89E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6944b785-201e-0096-6d4f-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:31 GMT
akamai-request-bc: [a=84.53.185.28,b=583155523,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c23f43
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/sports-card-wc.9579fa88576068e0b6c3.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/sports-card-wc.9579fa88576068e0b6c3.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 99655
content-md5: a+oAq3kHAUy0E5y6Wlbdvg==
last-modified: Mon, 17 Oct 2022 17:27:26 GMT
etag: 0x8DAB064DC252CA4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 42eb75d7-f01e-0007-194e-e2dc96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:31 GMT
akamai-request-bc: [a=84.53.185.28,b=583156491,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=7, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c2430b
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/sports-olympic-card-wc.2138006942c08424e887.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/sports-olympic-card-wc.2138006942c08424e887.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 38291
content-md5: oegQCO+KMS6CErIY6zICeA==
last-modified: Mon, 17 Oct 2022 17:27:26 GMT
etag: 0x8DAB064DC820ACE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6944b7f5-201e-0096-4c4f-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:31 GMT
akamai-request-bc: [a=84.53.185.28,b=583156887,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c24497
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/sports-worldcup-card-wc.9557273ad0b564a2f20a.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/sports-worldcup-card-wc.9557273ad0b564a2f20a.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 53469
content-md5: eLKBlJsJPZzljsBJk68TpQ==
last-modified: Tue, 18 Oct 2022 15:10:06 GMT
etag: 0x8DAB11AD776D862
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ac4951c9-401e-0038-4204-e37498000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:31 GMT
akamai-request-bc: [a=84.53.185.28,b=583157092,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c24564
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/spotlight-card-wc.f0beb5ef32036b54a36a.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/spotlight-card-wc.f0beb5ef32036b54a36a.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 11219
content-md5: vJm2PEsLDZgCIchRipwP4A==
last-modified: Wed, 12 Oct 2022 18:35:25 GMT
etag: 0x8DAAC8087B07939
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ef291bbc-c01e-0030-5f6a-de2c89000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:31 GMT
akamai-request-bc: [a=84.53.185.28,b=583157319,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c24647
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/super-nav.c0f5a2ebe1a8d06b9af4.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/super-nav.c0f5a2ebe1a8d06b9af4.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 17524
content-md5: oEIt5QSACix9+TDGZd+2ug==
last-modified: Fri, 14 Oct 2022 16:16:05 GMT
etag: 0x8DAADFF6563139A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 25fed919-701e-009b-6de1-e1cff8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:31 GMT
akamai-request-bc: [a=84.53.185.28,b=583157671,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=13, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c247a7
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/theme-picker-wc.a6d3097fcc0811844b6f.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/theme-picker-wc.a6d3097fcc0811844b6f.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2092
content-md5: URZcI9RK6iGDpdvv9KQpMQ==
last-modified: Thu, 06 Oct 2022 21:44:30 GMT
etag: 0x8DAA7E3F2E5BD08
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 24d677ea-301e-00f7-56cd-d979c3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:31 GMT
akamai-request-bc: [a=84.53.185.28,b=583157804,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c2482c
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/traffic-card-wc.436abb8cf7f612e272ff.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/traffic-card-wc.436abb8cf7f612e272ff.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 138087
content-md5: xo/gjGN4+CXYxFp8V37Piw==
last-modified: Tue, 18 Oct 2022 15:10:02 GMT
etag: 0x8DAB11AD4CFEF99
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9d5577c9-801e-0024-3d03-e330a3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583158142,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=14, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c2497e
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/travel-destination.574c6ad2f6c705e4be68.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/travel-destination.574c6ad2f6c705e4be68.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 53213
content-md5: JzFEMwDbyb4+Z8sr2KeW4w==
last-modified: Tue, 18 Oct 2022 15:10:03 GMT
etag: 0x8DAB11AD58C448F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 9d57ebd7-801e-0024-7104-e330a3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583158399,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c24a7f
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/trendingNowWC.f60f3d1977d7eb782469.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/trendingNowWC.f60f3d1977d7eb782469.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 23960
content-md5: cxNxsbRBUG4eNCqMWlmE3w==
last-modified: Mon, 17 Oct 2022 17:27:42 GMT
etag: 0x8DAB064E5D96E44
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 694149f6-201e-0096-0e4e-e210e3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583158540,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c24b0c
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/trendingTopics.872371c3941cc051b3ff.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/trendingTopics.872371c3941cc051b3ff.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 4269
content-md5: tU4Fs3g6eh4JEZxZK3aU8A==
last-modified: Fri, 14 Oct 2022 16:15:59 GMT
etag: 0x8DAADFF62035065
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3640d1e2-901e-0001-05e1-e1269a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583158644,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c24b74
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/vertical-left-nav.252444d718e7b23144d5.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/vertical-left-nav.252444d718e7b23144d5.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 16856
content-md5: b+18gxM8YWsguAjwfikxLA==
last-modified: Fri, 14 Oct 2022 16:15:59 GMT
etag: 0x8DAADFF61EDCFBB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: c82bd9f3-b01e-003f-72e8-dfa596000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583158787,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c24c03
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/videoCard.4f35000a7c49ad78c957.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/videoCard.4f35000a7c49ad78c957.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 46254
content-md5: Qz5O6Z0v1i8SUC1RoJ/S0A==
last-modified: Tue, 18 Oct 2022 15:10:01 GMT
etag: 0x8DAB11AD469EAAB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 60225e6c-301e-009f-2304-e363f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583158900,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c24c74
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/voice-search-wc.257f441e8954f837193c.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/voice-search-wc.257f441e8954f837193c.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 53738
content-md5: 5maRNbX90RXnH/sUA5Dw7Q==
last-modified: Thu, 06 Oct 2022 21:44:25 GMT
etag: 0x8DAA7E3EFF35191
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: d86ef8d3-901e-0095-7504-da6de5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583159064,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c24d18
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/VpReadyHelper.a75547cb104126095d6f.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/VpReadyHelper.a75547cb104126095d6f.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 976
content-md5: 1mFoSudnugdVK4W+ARBHJw==
last-modified: Fri, 07 Oct 2022 18:07:56 GMT
etag: 0x8DAA88EDC7836C5
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 1b5c6d68-a01e-00a2-3746-db9dfa000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583159359,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c24e3f
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_content-video-player_dist_index_js.9f879229ab2d57803c46.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-components_content-video-player_dist_index_js.9f879229ab2d57803c46.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 170696
content-md5: IxrE1CmY3GgPMah/SjVpZQ==
last-modified: Thu, 13 Oct 2022 18:53:14 GMT
etag: 0x8DAAD4C2F0E9CAB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2d2254d2-601e-00c6-7335-df73d0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583159742,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=5, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c24fbe
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_native-ad-video_dist_index_js.821d931ca647b2d887d9.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-components_native-ad-video_dist_index_js.821d931ca647b2d887d9.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2890
content-md5: pMv3z2NZk696FRKx0DjlHA==
last-modified: Tue, 11 Oct 2022 21:28:29 GMT
etag: 0x8DAABCF8A331FFE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 862b16e0-701e-00f3-7c28-ded5cb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583160182,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c25176
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-cards_dist_cards_sub-components_card-action-tray_OptedOutReactionTemplate_js.524dd12dd27eec990560.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-components_super-cards_dist_cards_sub-components_card-action-tray_OptedOutReactionTemplate_js.524dd12dd27eec990560.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 18156
content-md5: 6B/PIsYozuO3aMjN++WZnQ==
last-modified: Fri, 14 Oct 2022 16:16:09 GMT
etag: 0x8DAADFF67B955FD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e8bffc1c-701e-0077-6ce8-df2e96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583160275,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c251d3
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedInfopane24Module_js.a9813170b5a62d08304a.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedInfopane24Module_js.a9813170b5a62d08304a.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 36339
content-md5: Zg9xQ5RTLnvHyZLHprx5Og==
last-modified: Wed, 12 Oct 2022 18:35:17 GMT
etag: 0x8DAAC8082F4B45D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44cc74c3-301e-00a3-1a6a-deb6f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:32 GMT
akamai-request-bc: [a=84.53.185.28,b=583160443,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=11, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c2527b
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedInfopaneModule_js.a5939e920cd8e83595b1.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedInfopaneModule_js.a5939e920cd8e83595b1.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 36257
content-md5: TSeLioe2mEA+PKwGZtzMrA==
last-modified: Wed, 12 Oct 2022 18:35:23 GMT
etag: 0x8DAAC80860BE087
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 44cc7549-301e-00a3-186a-deb6f8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:33 GMT
akamai-request-bc: [a=84.53.185.28,b=583160709,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c25385
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedNoHoverModule_js.c1e29709ede16305480f.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedNoHoverModule_js.c1e29709ede16305480f.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 28345
content-md5: blcq90kUz3U9wQPUq1vmmA==
last-modified: Fri, 14 Oct 2022 16:16:08 GMT
etag: 0x8DAADFF674DABA4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 3a66926f-901e-0055-72e9-dfe9a1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:33 GMT
akamai-request-bc: [a=84.53.185.28,b=583160914,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c25452
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedNoSeeMoreModule_js.f1e6445e44b28c8bca2e.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedNoSeeMoreModule_js.f1e6445e44b28c8bca2e.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 17534
content-md5: cHDCbWFntHwzjOSZhu0x7Q==
last-modified: Wed, 12 Oct 2022 18:35:20 GMT
etag: 0x8DAAC808499C229
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 439dfe61-701e-00df-1e6a-deb0e1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:33 GMT
akamai-request-bc: [a=84.53.185.28,b=583161109,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=8, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c25515
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedNoUnderlineModule_js.cb366ef222ed5ce5d9a7.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedNoUnderlineModule_js.cb366ef222ed5ce5d9a7.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 17900
content-md5: jxp3QgaBdLN7EhuIWpyIxw==
last-modified: Wed, 12 Oct 2022 18:35:26 GMT
etag: 0x8DAAC808841CE71
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f03f0554-701e-000f-336a-de8487000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:33 GMT
akamai-request-bc: [a=84.53.185.28,b=583161251,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=1, origin; dur=0 , cdntime; dur=1
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c255a3
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_MsftFeedModule_js.c0bc725f51bf2f707132.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_MsftFeedModule_js.c0bc725f51bf2f707132.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 11780
content-md5: 5+q0f+MBGlgHYqlW5oMccA==
last-modified: Fri, 14 Oct 2022 16:15:59 GMT
etag: 0x8DAADFF61BA6B3B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 56d12239-a01e-009e-704b-e248f2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:33 GMT
akamai-request-bc: [a=84.53.185.28,b=583161414,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=10, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c25646
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-worker.2a3970fffb468e468f0b.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-worker.2a3970fffb468e468f0b.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 30602
content-md5: XOtJbAIMpEnfDlKnVvwUUw==
last-modified: Mon, 17 Oct 2022 17:27:30 GMT
etag: 0x8DAB064DEAE7CB7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 04513267-401e-0014-534e-e211b2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:33 GMT
akamai-request-bc: [a=84.53.185.28,b=583161511,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=6, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c256a7
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/web-worker.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/web-worker.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 21190
content-md5: STo8nfMoyE4BPuJIxJpi6Q==
last-modified: Thu, 11 Jun 2020 17:20:36 GMT
etag: 0x8D80E2BC1564999
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2e0fd9a7-501e-00b5-3a49-91fcd6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:33 GMT
akamai-request-bc: [a=84.53.185.28,b=583161648,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=9, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c25730
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/xbox-feed-wc.3572571cbc645f2a823e.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/xbox-feed-wc.3572571cbc645f2a823e.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 1419
content-md5: sT6oFLt6V0mHrnoucJ365w==
last-modified: Mon, 10 Oct 2022 21:29:50 GMT
etag: 0x8DAAB06903AAD82
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 8d2e187f-501e-0059-5325-dd1db8000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:33 GMT
akamai-request-bc: [a=84.53.185.28,b=583161937,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=4, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c25851
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
GET

https://assets.msn.com/bundles/v1/edgeChromium/latest/xfeed.84234d1c09e85dc0db97.js

msedge.exe

Remote address:

84.53.185.32:443

Request

GET /bundles/v1/edgeChromium/latest/xfeed.84234d1c09e85dc0db97.js HTTP/2.0
host: assets.msn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
origin: https://ntp.msn.com
sec-fetch-site: same-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://ntp.msn.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 2918
content-md5: xc/SQOjnjq0pRVCrP6mhvw==
last-modified: Thu, 06 Oct 2022 21:44:27 GMT
etag: 0x8DAA7E3F15D0CAD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b68b8b78-201e-003e-461b-da8e94000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
content-encoding: br
date: Wed, 19 Oct 2022 05:35:33 GMT
akamai-request-bc: [a=84.53.185.28,b=583162028,c=g,n=NL__AMSTERDAM,o=20940]
server-timing: clientrtt; dur=3, clienttt; dur=0, origin; dur=0 , cdntime; dur=0
akamai-cache-status: Hit from child
content-type: application/javascript
akamai-server-ip: 84.53.185.28
akamai-request-id: 22c258ac
access-control-allow-credentials: true
access-control-allow-origin: https://ntp.msn.com
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":0.25}
cache-control: public, no-transform, max-age=31535892
timing-allow-origin: *
vary: Origin
OPTIONS

https://deff.nelreports.net/api/report?cat=msn

msedge.exe

Remote address:

2.16.107.75:443

Request

OPTIONS /api/report?cat=msn HTTP/1.1
Host: deff.nelreports.net
Connection: keep-alive
Origin: https://assets.msn.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 0
Access-Control-Allow-Headers: content-type
Date: Wed, 19 Oct 2022 05:35:17 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: *
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
POST

https://deff.nelreports.net/api/report?cat=msn

msedge.exe

Remote address:

2.16.107.75:443

Request

POST /api/report?cat=msn HTTP/1.1
Host: deff.nelreports.net
Connection: keep-alive
Content-Length: 659
Content-Type: application/reports+json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Length: 137
Content-Type: text/plain; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Wed, 19 Oct 2022 05:35:17 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: *
Access-Control-Allow-Methods: GET, OPTIONS, POST
Access-Control-Allow-Origin: *
POST

https://sslwidget.criteo.com/event?a=89395&v=5.12.1&p0=e%3Dvpg&adce=1&tld=wetransfer.com&dy=1&fu=https%253A%252F%252Fwetransfer.com%252Fdownloads%252Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%252F065093&dtycbr=31413&gra=1&grs=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA&grv=2

msedge.exe

Remote address:

178.250.2.151:443

Request

POST /event?a=89395&v=5.12.1&p0=e%3Dvpg&adce=1&tld=wetransfer.com&dy=1&fu=https%253A%252F%252Fwetransfer.com%252Fdownloads%252Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%252F065093&dtycbr=31413&gra=1&grs=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA&grv=2 HTTP/2.0
host: sslwidget.criteo.com
content-length: 0
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://wetransfer.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Wed, 19 Oct 2022 05:35:34 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.us.criteo.com/event?a=89395&v=5.12.1&p0=e%3Dvpg&adce=1&tld=wetransfer.com&dy=1&fu=https%253A%252F%252Fwetransfer.com%252Fdownloads%252Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%252F065093&dtycbr=31413&gra=1&grs=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA&grv=2
vary: Origin
access-control-allow-origin: https://wetransfer.com
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 2619437
strict-transport-security: max-age=31536000; preload;
GET

https://widget.us.criteo.com/event?a=89395&v=5.12.1&p0=e%3Dvpg&adce=1&tld=wetransfer.com&dy=1&fu=https%253A%252F%252Fwetransfer.com%252Fdownloads%252Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%252F065093&dtycbr=31413&gra=1&grs=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA&grv=2

msedge.exe

Remote address:

74.119.119.150:443

Request

GET /event?a=89395&v=5.12.1&p0=e%3Dvpg&adce=1&tld=wetransfer.com&dy=1&fu=https%253A%252F%252Fwetransfer.com%252Fdownloads%252Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%252F065093&dtycbr=31413&gra=1&grs=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA&grv=2 HTTP/2.0
host: widget.us.criteo.com
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://wetransfer.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Wed, 19 Oct 2022 05:35:33 GMT
content-type: application/x-javascript
server: Kestrel
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
timing-allow-origin: *
server-processing-duration-in-ticks: 5640403
strict-transport-security: max-age=31536000; preload;
GET

https://download.wetransfer.com/eugv/c24de51f882b1e76d03d5e5f15ce072c20221018174440/6d086cf466bd21b17a50e62e83198b14eaa983e5/slam%20ransomware%20builder%20installer.exe?token=eyJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NjYxNTc3NTksImV4cCI6MTY2NjE1ODM1OSwidW5pcXVlIjoiYzI0ZGU1MWY4ODJiMWU3NmQwM2Q1ZTVmMTVjZTA3MmMyMDIyMTAxODE3NDQ0MCIsImZpbGVuYW1lIjoic2xhbSByYW5zb213YXJlIGJ1aWxkZXIgaW5zdGFsbGVyLmV4ZSIsIndheWJpbGxfdXJsIjoiaHR0cDovL3N0b3JtLWludGVybmFsLnNlcnZpY2UuZXUtd2VzdC0xLndldHJhbnNmZXIubmV0L2FwaS93YXliaWxscz9zaWduZWRfd2F5YmlsbF9pZD1leUpmY21GcGJITWlPbnNpYldWemMyRm5aU0k2SWtKQmFITkxkMms0VEVaUWJrRlJRVDBpTENKbGVIQWlPaUl5TURJeUxURXdMVEU1VkRBMU9qUTFPalU1TGpBd01Gb2lMQ0p3ZFhJaU9pSjNZWGxpYVd4c1gybGtJbjE5LS03YWM5OGIyYzM2OWEwNmVkYjExYmRhYzFmMGIzZDliNTc0ODViOWZhOWNjYmJlZTg0NTFhYTU2ZWM4ZDA2NDc2IiwiZmluZ2VycHJpbnQiOiI2ZDA4NmNmNDY2YmQyMWIxN2E1MGU2MmU4MzE5OGIxNGVhYTk4M2U1IiwiY2FsbGJhY2siOiJ7XCJmb3JtZGF0YVwiOntcImFjdGlvblwiOlwiaHR0cDovL2Zyb250ZW5kLnNlcnZpY2UuZXUtd2VzdC0xLndldHJhbnNmZXIubmV0L3dlYmhvb2tzL2JhY2tlbmRcIn0sXCJmb3JtXCI6e1widHJhbnNmZXJfaWRcIjpcImMyNGRlNTFmODgyYjFlNzZkMDNkNWU1ZjE1Y2UwNzJjMjAyMjEwMTgxNzQ0NDBcIixcImRvd25sb2FkX2lkXCI6MTY3OTI3NzIxOTZ9fSJ9.iI_dMnwQgr93MLHJxEzTN6PULgkjApRERjL3IbrX8gs&cf=y

msedge.exe

Remote address:

52.222.139.114:443

Request

GET /eugv/c24de51f882b1e76d03d5e5f15ce072c20221018174440/6d086cf466bd21b17a50e62e83198b14eaa983e5/slam%20ransomware%20builder%20installer.exe?token=eyJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NjYxNTc3NTksImV4cCI6MTY2NjE1ODM1OSwidW5pcXVlIjoiYzI0ZGU1MWY4ODJiMWU3NmQwM2Q1ZTVmMTVjZTA3MmMyMDIyMTAxODE3NDQ0MCIsImZpbGVuYW1lIjoic2xhbSByYW5zb213YXJlIGJ1aWxkZXIgaW5zdGFsbGVyLmV4ZSIsIndheWJpbGxfdXJsIjoiaHR0cDovL3N0b3JtLWludGVybmFsLnNlcnZpY2UuZXUtd2VzdC0xLndldHJhbnNmZXIubmV0L2FwaS93YXliaWxscz9zaWduZWRfd2F5YmlsbF9pZD1leUpmY21GcGJITWlPbnNpYldWemMyRm5aU0k2SWtKQmFITkxkMms0VEVaUWJrRlJRVDBpTENKbGVIQWlPaUl5TURJeUxURXdMVEU1VkRBMU9qUTFPalU1TGpBd01Gb2lMQ0p3ZFhJaU9pSjNZWGxpYVd4c1gybGtJbjE5LS03YWM5OGIyYzM2OWEwNmVkYjExYmRhYzFmMGIzZDliNTc0ODViOWZhOWNjYmJlZTg0NTFhYTU2ZWM4ZDA2NDc2IiwiZmluZ2VycHJpbnQiOiI2ZDA4NmNmNDY2YmQyMWIxN2E1MGU2MmU4MzE5OGIxNGVhYTk4M2U1IiwiY2FsbGJhY2siOiJ7XCJmb3JtZGF0YVwiOntcImFjdGlvblwiOlwiaHR0cDovL2Zyb250ZW5kLnNlcnZpY2UuZXUtd2VzdC0xLndldHJhbnNmZXIubmV0L3dlYmhvb2tzL2JhY2tlbmRcIn0sXCJmb3JtXCI6e1widHJhbnNmZXJfaWRcIjpcImMyNGRlNTFmODgyYjFlNzZkMDNkNWU1ZjE1Y2UwNzJjMjAyMjEwMTgxNzQ0NDBcIixcImRvd25sb2FkX2lkXCI6MTY3OTI3NzIxOTZ9fSJ9.iI_dMnwQgr93MLHJxEzTN6PULgkjApRERjL3IbrX8gs&cf=y HTTP/1.1
Host: download.wetransfer.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
sec-ch-ua-mobile: ?0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://wetransfer.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: auth_session_uuid=aaa799b4-dd03-4828-bbb3-55c2404f4e78; _gcl_au=1.1.1715253222.1666157702; _ga_0M019DTWVR=GS1.1.1666157702.1.0.1666157702.0.0.0; _fbp=fb.1.1666157702782.1205250954; _au_1d=AU1D-0100-001666157703-ASM480KZ-DT3K; FPLC=zz9lGVLq2%2B%2Bgbo48e%2BzaFtz8YesV9vUvYEnaMTAOt2%2BiCB6l5xidShKEQnezqxdngZPl9na5K%2Fc%2FQ9x%2Bu30TQOvYSeg7GlZau3pZewj6uiYrgMA4HG4VTAlZbKncYw%3D%3D; FPID=FPID2.2.%2B4%2FxZU3z0HhfagvNmSXvIJwzADS8WPeonhwy%2FDBNlYc%3D.1666157703; _au_last_seen_pixels=eyJhcG4iOjE2NjYxNTc3MDMsInR0ZCI6MTY2NjE1NzcwMywicHViIjoxNjY2MTU3NzAzLCJhZHgiOjE2NjYxNTc3MDMsImdvbyI6MTY2NjE1NzcwMywiYmVlcyI6MTY2NjE1NzcwMywic21hcnQiOjE2NjYxNTc3MDMsInNvbiI6MTY2NjE1NzcwMywiYWRvIjoxNjY2MTU3NzAzLCJ0YWJvb2xhIjoxNjY2MTU3NzAzfQ==; _rdt_uuid=1666157703112.050e5868-cb92-47e7-93dc-7bb9d57198b7; _ga=GA1.2.1062815885.1666157703; _gid=GA1.2.2017078956.1666157703; _gat_UA-11792855-4=1; _wt_snowplowses.0497=*; sp=6813046d-2d81-4d8d-b807-4715c71ac564; _tt_enable_cookie=1; _ttp=096a41be-87a1-4987-9b08-63a08a136f90; _au_last_seen_iab_tcf=1666157704275; _clck=r6ze41|1|f5u|0; _clsk=1x19yxz|1666157705059|1|0|d.clarity.ms/collect; _uetsid=c76c0c204f6f11edabc389675951f726; _uetvid=c76c89e04f6f11edb82fb36f8fa27aa6; wt_tandc=20190527%3A1; _wt_snowplowid.0497=23e7ab20-ca17-43f0-a102-7873310ab1c5.1666157701.1.1666157758.1666157701.940ad5fb-0a40-4606-9681-aadab1625033; amp_874b77=5ccd1595-d901-4c5c-960c-6cf25de853a5...1gfnbpsd8.1gfnbri0a.i.1.j; wt_downloaded=1

Response

HTTP/1.1 200 OK

Content-Type: binary/octet-stream
Content-Length: 41148928
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: private, no-transform, no-store
Content-Disposition: attachment
Content-Transfer-Encoding: binary
Last-Modified: Wed, 19 Oct 2022 05:36:00 GMT
X-Content-Type-Options: nosniff
Date: Wed, 19 Oct 2022 05:36:00 GMT
X-Cache: Miss from cloudfront
Via: 1.1 618e94643d6094e9ff9adbaaa8ed3aee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
X-Amz-Cf-Id: 2B76-9heMhkA0r22SksFnG2gnL0JlcdG-tt-nGyVurnk90A3Am6Oyw==
DNS

nav.smartscreen.microsoft.com

msedge.exe

Remote address:

8.8.8.8:53

Request

nav.smartscreen.microsoft.com

IN A

Response

nav.smartscreen.microsoft.com

IN CNAME

wd-prod-ss.trafficmanager.net

wd-prod-ss.trafficmanager.net

IN CNAME

wd-prod-ss-eu-west-2-fe.westeurope.cloudapp.azure.com

wd-prod-ss-eu-west-2-fe.westeurope.cloudapp.azure.com

IN A

20.86.249.62
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

msedge.exe

Remote address:

20.86.249.62:443

Request

POST /api/browser/edge/navigate/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiQTc5TmVDckM2d2s9Iiwia2V5IjoiQmdZNE9HUElTOG5XdUsvQ3BPNzIvQT09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 3087
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Cache-Control: max-age=0, private
Content-Length: 3670
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Wed, 19 Oct 2022 05:36:00 GMT
Connection: close
POST

https://nav.smartscreen.microsoft.com/api/browser/edge/download/2

msedge.exe

Remote address:

20.86.249.62:443

Request

POST /api/browser/edge/download/2 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
Authorization: SmartScreenHash eyJhdXRoSWQiOiIzODFkZGQxZS1lNjAwLTQyZGUtOTRlZC04YzM0YmY3M2YxNmQiLCJoYXNoIjoiTGNNeUZxYXZEQmc9Iiwia2V5Ijoiay83UzlNakZSRFN1RnNNNDlZakthZz09In0=
User-Agent: SmartScreen/281479409565696
Content-Length: 2916
Host: nav.smartscreen.microsoft.com

Response

HTTP/1.1 200 OK

Cache-Control: max-age=0, private
Content-Length: 3585
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
X-SmartScreen-Flight-Vector: EnableNsHumorMatch,enableProxyLeniency,IsArsFmsIntegrationEnabled,IsCurfId0LoggingEnabled,isCurfTstEnabled,isNpPIOverrideBlockEnabled,ListApiE5V2Enabled,npSettings2004,SendGeoMapInSettingsToNewAnaheimClient,SrcEOPEnabled,topTrafficV2Enabled,UpdateOnMissingEtagEnabled,updateSigningCert,updateSigningCertForRS3RS4
Date: Wed, 19 Oct 2022 05:35:59 GMT
Connection: close
DNS

msedge.b.tlu.dl.delivery.mp.microsoft.com

Remote address:

8.8.8.8:53

Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN A

Response

msedge.b.tlu.dl.delivery.mp.microsoft.com

IN CNAME

cdp-tlu-shim.trafficmanager.net

cdp-tlu-shim.trafficmanager.net

IN CNAME

cds.c4s5i3x5.hwcdn.net

cds.c4s5i3x5.hwcdn.net

IN A

209.197.3.8
HEAD

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/27c205c0-4d23-4061-a4dc-efff6a98e2e1?P1=1666216863&P2=404&P3=2&P4=YFPZQfR%2bl0bRS06CY4bEkPHhd2uWC8szhya8eW6pte%2bxPKn1pSM2UHL4otmi0mPgaW%2fA%2fsHYHLWsi2xwKFVjpw%3d%3d

Remote address:

209.197.3.8:80

Request

HEAD /filestreamingservice/files/27c205c0-4d23-4061-a4dc-efff6a98e2e1?P1=1666216863&P2=404&P3=2&P4=YFPZQfR%2bl0bRS06CY4bEkPHhd2uWC8szhya8eW6pte%2bxPKn1pSM2UHL4otmi0mPgaW%2fA%2fsHYHLWsi2xwKFVjpw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 200 OK

Date: Wed, 19 Oct 2022 05:36:00 GMT
Connection: Keep-Alive
Cache-Control: public, max-age=17280000
Content-Length: 23709
Content-Type: application/x-chrome-extension
Last-Modified: Tue, 30 Aug 2022 01:05:04 GMT
Accept-Ranges: bytes
X-HW: 1666157760.dop258.am5.t,1666157760.cds017.am5.c
X-CID: 9
X-CCC: NL
GET

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/27c205c0-4d23-4061-a4dc-efff6a98e2e1?P1=1666216863&P2=404&P3=2&P4=YFPZQfR%2bl0bRS06CY4bEkPHhd2uWC8szhya8eW6pte%2bxPKn1pSM2UHL4otmi0mPgaW%2fA%2fsHYHLWsi2xwKFVjpw%3d%3d

Remote address:

209.197.3.8:80

Request

GET /filestreamingservice/files/27c205c0-4d23-4061-a4dc-efff6a98e2e1?P1=1666216863&P2=404&P3=2&P4=YFPZQfR%2bl0bRS06CY4bEkPHhd2uWC8szhya8eW6pte%2bxPKn1pSM2UHL4otmi0mPgaW%2fA%2fsHYHLWsi2xwKFVjpw%3d%3d HTTP/1.1
Connection: Keep-Alive
Accept: */*
Accept-Encoding: identity
If-Unmodified-Since: Tue, 30 Aug 2022 01:05:04 GMT
Range: bytes=0-1119
User-Agent: Microsoft BITS/7.8
Host: msedge.b.tlu.dl.delivery.mp.microsoft.com

Response

HTTP/1.1 206 Partial Content

Date: Wed, 19 Oct 2022 05:36:00 GMT
Connection: Keep-Alive
Cache-Control: public, max-age=17280000
Content-Length: 1120
Content-Range: bytes 0-1119/23709
Content-Type: application/x-chrome-extension
Last-Modified: Tue, 30 Aug 2022 01:05:04 GMT
Accept-Ranges: bytes
X-HW: 1666157760.dop258.am5.t,1666157760.cds017.am5.c
X-CID: 9
X-CCC: NL

20.86.249.62:443

https://nav.smartscreen.microsoft.com/api/browser/edge/actions

tls, http

msedge.exe

2.8kB
13.7kB
15
16

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/actions

HTTP Response

200
20.82.250.189:443

https://smartscreen-prod.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.19041.1288.vb_release

tls, http

msedge.exe

3.0kB
13.2kB
13
14

HTTP Request

GET https://smartscreen-prod.microsoft.com/windows/browser/edge/data/bloomfilter/x?pushCert=false&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D&os=10.0.19041.1288.vb_release

HTTP Response

200
20.82.250.189:443

https://smartscreen-prod.microsoft.com/api/browser/edge/data/settings

tls, http

msedge.exe

4.9kB
141.4kB
60
106

HTTP Request

POST https://smartscreen-prod.microsoft.com/api/browser/edge/data/settings

HTTP Response

200
20.82.250.189:443

https://smartscreen-prod.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19041.1288.vb_release&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D

tls, http

msedge.exe

10.8kB
483.6kB
182
350

HTTP Request

GET https://smartscreen-prod.microsoft.com/windows/browser/edge/data/toptraffic?pushCert=false&os=10.0.19041.1288.vb_release&flight=%7B%22ETag%22%3A%22%5C%22qm71OlKUSRZjCO0gWktyjTTJ0HwboTGlow9DAfvOC%2FQ%3D%5C%22%22%2C%22Ids%22%3A%5B%22P-R-1021007-4-5%2CP-R-99770-9-31%2CP-R-86682-4-37%2CP-R-73000-8-25%2CP-R-72999-9-23%2CP-R-70204-3-18%2CP-R-69385-1-5%2CP-R-68026-3-37%2CP-R-68490-1-3%2CP-R-68172-2-4%2CP-R-68175-1-6%2CP-R-68176-2-8%2CP-R-68179-1-3%2CP-R-68306-1-20%2CP-R-68307-1-3%2CP-D-68194-1-2%22%5D%2C%22Settings%22%3A%7B%22Names%22%3Anull%2C%22Ring%22%3A0%2C%22Models%22%3Anull%2C%22ServiceClientModelDetonate%22%3Afalse%2C%22WdsiFeedback%22%3Afalse%2C%22NPFeedbackUriOverride%22%3Anull%2C%22NetworkFilterDetonate%22%3Afalse%2C%22ServicePhishDetonate%22%3Afalse%2C%22ServicePhishDetonateLegacy%22%3Afalse%2C%22ServiceAdhocDetonate%22%3Afalse%2C%22NpSettings2004%22%3Atrue%2C%22UpdateSigningCert%22%3Atrue%2C%22UpdateSigningCertForRS3RS4%22%3Atrue%2C%22NpSettings2004Value%22%3A0%2C%22IsCOCOBlockEnabled%22%3Afalse%2C%22NpIpBlockOverrideValue%22%3A0%2C%22TopTrafficV2Enabled%22%3Atrue%2C%22ListApiE5V2Enabled%22%3Atrue%2C%22IsNpPIOverrideBlockEnabled%22%3Atrue%2C%22TopTrafficV2MobileFlightEnabled%22%3Afalse%2C%22BloomFilterDeltaFlag%22%3A1%2C%22SrcEOPEnabled%22%3Atrue%2C%22IsCurfId0LoggingEnabled%22%3Atrue%2C%22IsCurfId0BlockingEnabled%22%3Afalse%2C%22UpdateOnMissingEtagEnabled%22%3Atrue%2C%22EnableProxyLeniency%22%3Atrue%2C%22IsArsFmsIntegrationEnabled%22%3Atrue%2C%22EnableNsHumorMatch%22%3Atrue%2C%22ApplyNsHumorVerdict%22%3Afalse%2C%22EnableNpSkipNonWeb%22%3Afalse%2C%22SendGeoMapInSettingsToNewAnaheimClient%22%3Atrue%2C%22UmsSrcPhishBNRTEnabled%22%3Afalse%2C%22MTDThrottleFactor%22%3A0.0%2C%22UnsilenceModelGuid%22%3Anull%7D%7D

HTTP Response

200
13.227.219.61:80

we.tl

msedge.exe

190 B
132 B
4
3
13.227.219.61:80

http://we.tl/t-ZRlwhHea1p

http

msedge.exe

671 B
751 B
5
4

HTTP Request

GET http://we.tl/t-ZRlwhHea1p

HTTP Response

301
20.86.249.62:443

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

tls, http

msedge.exe

3.1kB
9.1kB
13
12

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

HTTP Response

200
204.79.197.200:443

www.bing.com

tls

msedge.exe

28.4kB
1.1MB
506
864
13.227.219.61:443

https://we.tl/t-ZRlwhHea1p

tls, http

msedge.exe

1.8kB
7.3kB
11
12

HTTP Request

GET https://we.tl/t-ZRlwhHea1p

HTTP Response

302
54.76.5.250:443

wetransfer.com

tls

msedge.exe

5.5kB
16.7kB
28
30
20.86.249.62:443

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

tls, http

msedge.exe

3.2kB
9.2kB
13
12

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

HTTP Response

200
34.240.180.53:443

wtplus.wetransfer.com

tls

msedge.exe

1.1kB
5.9kB
11
11
52.222.139.73:443

prod-cdn.wetransfer.net

tls, https

msedge.exe

21.8kB
1.1MB
427
781
52.222.139.73:443

prod-cdn.wetransfer.net

tls, https

msedge.exe

16.2kB
284.2kB
216
224
13.227.219.79:443

backgrounds.wetransfer.net

tls, https

msedge.exe

1.1kB
6.8kB
12
12
52.222.139.73:443

prod-cdn.wetransfer.net

tls

msedge.exe

931 B
6.4kB
9
9
52.222.139.73:443

prod-cdn.wetransfer.net

tls

msedge.exe

891 B
5.0kB
8
6
13.227.219.37:443

nolan.wetransfer.net

tls, https

msedge.exe

4.7kB
182.0kB
76
144
52.218.104.73:443

wetransferbackgrounds-eu.s3.amazonaws.com

tls

msedge.exe

2.2kB
6.2kB
13
17
174.129.146.50:443

e-10220.adzerk.net

tls

msedge.exe

5.8kB
13.9kB
27
26
13.227.219.51:443

assets.wetransfer.net

tls, https

msedge.exe

1.0kB
6.8kB
10
12
216.239.34.21:443

https://tag.wetransfer.com/g/collect?v=2&tid=G-0M019DTWVR&gtm=2reah0&_p=1047025375&cid=1062815885.1666157703&ul=en-us&_rdi=1&_geo=1&_s=2&sid=1666157702&sct=1&seg=1&dl=https%3A%2F%2Fwetransfer.com%2F&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&en=page_view&ep.gtm_info=GTM-NS54WBW%7Cversion%3A20%7Cenvironment%3ALive%7Cdebug%3Afalse&ep.consent_analytics=true&ep.consent_marketing=true&ep.hit_timestamp_local=2022-10-19T05%3A36%3A00.524%2B00%3A00&epn.hit_timestamp_unix=1666157760524&ep.tag_name=GA4%20-%20page_view&ep.event_id=1666157700524-53-55c2404f4e78&ep.test_event_code=TEST70911&_et=18747

tls, http2

msedge.exe

8.5kB
177.5kB
105
192

HTTP Request

GET https://tag.wetransfer.com/gtm.js?id=GTM-NS54WBW

HTTP Request

GET https://tag.wetransfer.com/gtag/js?id=G-0M019DTWVR&l=dataLayer&cx=c&sign=23a8b47cc4c80285da16b8db0a75188fb33c914459fd7200d6a6938c69dc1150_20221019

HTTP Request

GET https://tag.wetransfer.com/g/collect?v=2&tid=G-0M019DTWVR&gtm=2reah0&_p=1047025375&cid=1062815885.1666157703&ul=en-us&_fplc=0&_rdi=1&_geo=1&_s=1&sid=1666157702&sct=1&seg=0&dl=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_info=GTM-NS54WBW%7Cversion%3A20%7Cenvironment%3ALive%7Cdebug%3Afalse&ep.consent_analytics=true&ep.consent_marketing=true&ep.hit_timestamp_local=2022-10-19T05%3A35%3A02.023%2B00%3A00&epn.hit_timestamp_unix=1666157702023&ep.tag_name=GA4%20-%20page_view&ep.event_id=1666157700522-1-55c2404f4e78&ep.test_event_code=TEST70911&up._npa=1&richsstsse

HTTP Request

POST https://tag.wetransfer.com/g/collect?v=2&tid=G-0M019DTWVR&gtm=2reah0&_p=1047025375&cid=1062815885.1666157703&ul=en-us&_rdi=1&_geo=1&_s=2&sid=1666157702&sct=1&seg=1&dl=https%3A%2F%2Fwetransfer.com%2F&dt=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&en=page_view&ep.gtm_info=GTM-NS54WBW%7Cversion%3A20%7Cenvironment%3ALive%7Cdebug%3Afalse&ep.consent_analytics=true&ep.consent_marketing=true&ep.hit_timestamp_local=2022-10-19T05%3A36%3A00.524%2B00%3A00&epn.hit_timestamp_unix=1666157760524&ep.tag_name=GA4%20-%20page_view&ep.event_id=1666157700524-53-55c2404f4e78&ep.test_event_code=TEST70911&_et=18747
104.17.25.14:443

https://cdnjs.cloudflare.com/ajax/libs/snowplow/2.17.3/sp.js

tls, http2

msedge.exe

2.1kB
28.8kB
22
34

HTTP Request

GET https://cdnjs.cloudflare.com/ajax/libs/snowplow/2.17.3/sp.js

HTTP Response

200
88.221.25.153:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

msedge.exe

324 B
1.6kB
4
4

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
204.79.197.200:443

bat.bing.com

tls

msedge.exe

4.2kB
25.3kB
30
41
157.240.247.8:443

connect.facebook.net

tls

msedge.exe

5.4kB
212.7kB
92
167
52.222.139.90:443

https://public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1

tls, http2

msedge.exe

2.1kB
16.3kB
20
21

HTTP Request

GET https://public.profitwell.com/js/profitwell.js?auth=1a33eb12b20b92f6b89c398e023e2ca1

HTTP Response

200
142.250.179.134:443

https://12370788.fls.doubleclick.net/activityi;src=12370788;type=pagev0;cat=wetra0;ord=4666934002495;gtm=2ygah0;auiddc=1715253222.1666157702;u1=%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;u4=undefined;u8=en-US;u9=undefined;u11=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;~oref=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093?

tls, http2

msedge.exe

2.1kB
7.1kB
13
14

HTTP Request

GET https://12370788.fls.doubleclick.net/activityi;src=12370788;type=pagev0;cat=wetra0;ord=4666934002495;gtm=2ygah0;auiddc=1715253222.1666157702;u1=%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;u4=undefined;u8=en-US;u9=undefined;u11=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;~oref=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093?
8.8.8.8:443

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

tls, http2

msedge.exe

1.6kB
7.3kB
14
14

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
8.8.8.8:443

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBGVkZ2UJbWljcm9zb2Z0A2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

tls, http2

msedge.exe

2.0kB
8.3kB
18
20

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBGVkZ2UJbWljcm9zb2Z0A2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
199.232.148.157:443

static.ads-twitter.com

tls

msedge.exe

3.7kB
39.5kB
30
46
44.224.191.126:443

a.ad.gt

tls

msedge.exe

2.8kB
10.2kB
15
15
151.101.1.140:443

https://www.redditstatic.com/ads/pixel.js

tls, http2

msedge.exe

1.6kB
13.5kB
13
19

HTTP Request

GET https://www.redditstatic.com/ads/pixel.js

HTTP Response

200
178.250.2.140:443

https://dynamic.criteo.com/js/ld/ld.js?a=89395

tls, http2

msedge.exe

1.9kB
19.6kB
18
24

HTTP Request

GET https://dynamic.criteo.com/js/ld/ld.js?a=89395

HTTP Response

200
52.18.61.133:443

auth-session-caching.wetransfer.net

tls

msedge.exe

2.4kB
6.9kB
11
12
2.16.106.114:443

https://snap.licdn.com/li.lms-analytics/insight.min.js

tls, http2

msedge.exe

1.8kB
8.6kB
15
18

HTTP Request

GET https://snap.licdn.com/li.lms-analytics/insight.min.js

HTTP Response

200
23.202.229.163:443

https://analytics.tiktok.com/api/v2/pixel

tls, http2

msedge.exe

5.7kB
81.6kB
54
89

HTTP Request

GET https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C81T07NV9S6QTNQPBO0G&lib=ttq

HTTP Response

200

HTTP Request

GET https://analytics.tiktok.com/i18n/pixel/identify.js

HTTP Request

GET https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C81T07NV9S6QTNQPBO0G&hostname=wetransfer.com

HTTP Response

200

HTTP Response

200

HTTP Request

POST https://analytics.tiktok.com/api/v2/pixel

HTTP Response

200

HTTP Request

POST https://analytics.tiktok.com/api/v2/pixel

HTTP Response

200
104.244.42.133:443

https://t.co/i/adsct?bci=3&eci=1&event_id=f0777257-da60-4eab-9006-f1114d01b9ce&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27

tls, http2

msedge.exe

2.7kB
4.7kB
15
18

HTTP Request

GET https://t.co/i/adsct?bci=3&eci=2&event_id=79d4a961-7cf6-4325-9d09-957a3d5cc2ca&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz1eu&type=javascript&version=2.3.27

HTTP Response

200

HTTP Request

GET https://t.co/i/adsct?bci=3&eci=1&event_id=d8f8f76a-a220-4e58-96c1-7579e07aee53&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27

HTTP Response

200

HTTP Request

GET https://t.co/i/adsct?bci=3&eci=1&event_id=f0777257-da60-4eab-9006-f1114d01b9ce&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27

HTTP Response

200
104.244.42.3:443

https://analytics.twitter.com/i/adsct?bci=3&eci=1&event_id=f0777257-da60-4eab-9006-f1114d01b9ce&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27

tls, http2

msedge.exe

2.7kB
5.0kB
15
18

HTTP Request

GET https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=79d4a961-7cf6-4325-9d09-957a3d5cc2ca&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nz1eu&type=javascript&version=2.3.27

HTTP Response

200

HTTP Request

GET https://analytics.twitter.com/i/adsct?bci=3&eci=1&event_id=d8f8f76a-a220-4e58-96c1-7579e07aee53&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27

HTTP Response

200

HTTP Request

GET https://analytics.twitter.com/i/adsct?bci=3&eci=1&event_id=f0777257-da60-4eab-9006-f1114d01b9ce&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bd4f61c5-1740-4ad5-9f82-dc9e167396c8&tw_document_href=https%3A%2F%2Fwetransfer.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7l54&type=javascript&version=2.3.27

HTTP Response

200
157.240.247.35:443

www.facebook.com

tls

msedge.exe

11.5kB
6.2kB
44
45
142.251.39.98:443

googleads.g.doubleclick.net

tls, https

msedge.exe

2.1kB
8.3kB
13
15
157.240.247.35:443

www.facebook.com

tls

msedge.exe

943 B
3.0kB
8
7
104.26.11.25:443

https://cdn.hadronid.net/hadron.js?partner_id=367&sync=1&url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093

tls, http2

msedge.exe

2.0kB
17.4kB
19
26

HTTP Request

GET https://cdn.hadronid.net/hadron.js?partner_id=367&sync=1&url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093

HTTP Response

200
104.22.4.69:443

p.ad.gt

tls, https

msedge.exe

2.8kB
15.7kB
18
26
52.223.40.198:443

match.adsrvr.org

tls

msedge.exe

2.8kB
4.6kB
14
16
185.89.210.122:443

secure.adnxs.com

tls

msedge.exe

3.6kB
5.5kB
14
15
104.36.113.107:443

image2.pubmatic.com

tls

msedge.exe

1.8kB
5.4kB
12
16
52.10.251.190:443

ids.ad.gt

tls

msedge.exe

3.8kB
9.3kB
24
26
3.214.28.246:443

match.prod.bidr.io

tls

msedge.exe

2.5kB
6.7kB
13
11
185.86.137.131:443

https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001666157703-ASM480KZ-DT3K&sas_uid=[sas_uid]&gdpr=0&cklb=1

tls, http

msedge.exe

2.6kB
5.7kB
14
11

HTTP Request

GET https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001666157703-ASM480KZ-DT3K%26sas_uid%3D%5bsas_uid%5d&gdpr=0

HTTP Response

302

HTTP Request

GET https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001666157703-ASM480KZ-DT3K&sas_uid=[sas_uid]&gdpr=0&cklb=1

HTTP Response

200
69.166.1.10:443

sync.go.sonobi.com

tls

msedge.exe

1.9kB
6.9kB
12
11
151.101.1.44:443

https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3DAU1D-0100-001666157703-ASM480KZ-DT3K

tls, http2

msedge.exe

1.7kB
5.8kB
11
14

HTTP Request

GET https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3DAU1D-0100-001666157703-ASM480KZ-DT3K

HTTP Response

200
52.19.103.22:443

dpm.demdex.net

tls

msedge.exe

2.7kB
7.4kB
12
11
13.107.246.67:443

www.clarity.ms

tls

msedge.exe

2.7kB
34.8kB
30
46
52.214.70.172:443

snowplow.wetransfer.com

tls

msedge.exe

2.7kB
7.7kB
23
21
151.101.1.140:443

https://alb.reddit.com/rp.gif?ts=1666157703119&id=t2_fdqrj&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=050e5868-cb92-47e7-93dc-7bb9d57198b7&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=720&v=rdt_02c59ad6

tls, http2

msedge.exe

1.8kB
5.2kB
11
14

HTTP Request

GET https://alb.reddit.com/rp.gif?ts=1666157703119&id=t2_fdqrj&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=050e5868-cb92-47e7-93dc-7bb9d57198b7&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1280&sw=720&v=rdt_02c59ad6

HTTP Response

200
52.214.70.172:443

snowplow.wetransfer.com

tls

msedge.exe

34.1kB
12.4kB
58
53
178.250.0.157:443

https://gum.criteo.com/syncframe?topUrl=wetransfer.com&origin=onetag&gdpr=1&gdpr_consent=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA

tls, http2

msedge.exe

1.9kB
5.2kB
12
12

HTTP Request

GET https://gum.criteo.com/syncframe?topUrl=wetransfer.com&origin=onetag&gdpr=1&gdpr_consent=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA

HTTP Response

200
35.80.199.176:443

api.amplitude.com

tls

msedge.exe

31.4kB
10.0kB
52
45
151.101.2.132:443

https://api.lab.amplitude.com/sdk/vardata

tls, http2

msedge.exe

3.0kB
7.9kB
14
18

HTTP Request

OPTIONS https://api.lab.amplitude.com/sdk/vardata

HTTP Response

200

HTTP Request

GET https://api.lab.amplitude.com/sdk/vardata

HTTP Response

200
142.250.102.154:443

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11792855-4&cid=1062815885.1666157703&jid=1385931556&gjid=406242677&_gid=2017078956.1666157703&_u=YADAAUAAAAAAACAFKg~&z=421565351

tls, http2

msedge.exe

1.9kB
6.7kB
14
15

HTTP Request

POST https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-11792855-4&cid=1062815885.1666157703&jid=1385931556&gjid=406242677&_gid=2017078956.1666157703&_u=YADAAUAAAAAAACAFKg~&z=421565351
142.251.36.3:443

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11792855-4&cid=1062815885.1666157703&jid=1385931556&_u=YADAAUAAAAAAACAFKg~&z=923403884

tls, http2

msedge.exe

2.4kB
7.0kB
16
21

HTTP Request

GET https://www.google.nl/pagead/1p-user-list/778938880/?random=1666157702746&cv=9&fst=1666155600000&num=1&bg=ffffff&guid=ON&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgah0&sendb=1&frm=0&url=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093&tiba=WeTransfer%20-%20Send%20Large%20Files%20%26%20Share%20Photos%20Online%20-%20Up%20to%202GB%20Free&async=1&fmt=3&is_vtc=1&random=3879947225&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

HTTP Request

GET https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-11792855-4&cid=1062815885.1666157703&jid=1385931556&_u=YADAAUAAAAAAACAFKg~&z=923403884
142.251.36.3:443

www.google.nl

tls, https

msedge.exe

999 B
5.6kB
9
9
44.224.191.126:443

a.ad.gt

tls

msedge.exe

3.7kB
6.4kB
14
14
13.107.42.14:443

px.ads.linkedin.com

tls

msedge.exe

2.5kB
10.7kB
17
20
104.22.4.69:443

https://p.ad.gt/api/v1/con

tls, http2

msedge.exe

3.2kB
3.7kB
15
18

HTTP Request

OPTIONS https://p.ad.gt/api/v1/con

HTTP Response

200

HTTP Request

POST https://p.ad.gt/api/v1/con

HTTP Response

200
44.241.67.155:443

pixels.ad.gt

tls

msedge.exe

2.8kB
6.3kB
13
12
40.76.174.66:443

d.clarity.ms

tls

msedge.exe

9.0kB
8.4kB
36
29
142.250.179.130:443

https://adservice.google.nl/ddm/fls/i/dc_pre=CPGStpDJ6_oCFYBDHQkdM60Caw;src=12370788;type=pagev0;cat=wetra0;ord=4666934002495;gtm=2ygah0;auiddc=1715253222.1666157702;u1=%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;u4=undefined;u8=en-US;u9=undefined;u11=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;~oref=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093

tls, http2

msedge.exe

2.2kB
7.0kB
14
15

HTTP Request

GET https://adservice.google.nl/ddm/fls/i/dc_pre=CPGStpDJ6_oCFYBDHQkdM60Caw;src=12370788;type=pagev0;cat=wetra0;ord=4666934002495;gtm=2ygah0;auiddc=1715253222.1666157702;u1=%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;u4=undefined;u8=en-US;u9=undefined;u11=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093;~oref=https%3A%2F%2Fwetransfer.com%2Fdownloads%2Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%2F065093
104.26.6.155:443

https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com

tls, http2

msedge.exe

2.3kB
20.8kB
25
36

HTTP Request

GET https://cdn.brandmetrics.com/tag/a79d0565d5244a0f813e40f2c4832d09/wetransfer.js

HTTP Response

200

HTTP Request

GET https://cdn.brandmetrics.com/scripts/bundle/65568.js?sid=7f2d78d4-f913-42d1-8d60-7c59cb6b6daf&toploc=wetransfer.com

HTTP Response

200
13.227.219.49:443

https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lrw1j_2_16251438&_origin=https://wetransfer.com

tls, http2

msedge.exe

16.0kB
731.5kB
293
562

HTTP Request

GET https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lt01vg_1_16251438&_origin=https://wetransfer.com

HTTP Response

200

HTTP Request

GET https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/bundle.870273c9c7528c74ee4d.js

HTTP Response

200

HTTP Request

GET https://backgrounds.wetransfer.net/polyfills/creatives-cache-polyfill.js

HTTP Response

200

HTTP Request

GET https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/top-right.d22a71959ab417e17ce8.png

HTTP Request

GET https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/bottom-left.dd954f3c2df353c6b22e.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/bottom-right.8c7195d404b749b84899.png

HTTP Request

GET https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/mcguffin-thumbs.f78d46772ddd43b2dd77.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/GT-Super-WT-Regular.807dcb08d194101be093.woff2

HTTP Request

GET https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/ActiefGrotesque_W_Rg.63479c54248fa038db83.woff2

HTTP Request

GET https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/ActiefGrotesque_W_Md.23817d3ab6c377c0a652.woff2

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://backgrounds.wetransfer.net/creator/wetransfer/2203-WTO/static-6/1_QMdy6g/index.html?cacheId=lrw1j_2_16251438&_origin=https://wetransfer.com

HTTP Response

200
20.50.2.28:443

collector.brandmetrics.com

tls

msedge.exe

1.8kB
7.3kB
12
12
96.16.109.251:443

https://px.moatads.com/pixel.gif?e=21&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=20&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=23337&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=22979&cn=22771&gn=1&gk=22979&gl=22771&ik=22979&ic=22979&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=23121&cd=22913&ah=23121&am=22913&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2362&ay=2362&az=6140&ba=6140&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=83&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1678296070&cs=0

tls, http2

msedge.exe

72.3kB
128.9kB
145
158

HTTP Request

GET https://z.moatads.com/wetransferadzerk716769425458/moatad.js

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=17&i=WETRANSFER_ADZERK_DISPLAY1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&m=0&ar=e27dbc83ae5-clean&iw=e44cbc7&q=2&cb=0&ym=0&cu=1666157705795&ll=1&lm=1&ln=1&r=0&em=0&en=0&d=552079%3A7170338%3A16251438%3A127818137&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&bo=US&bd=199071&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&gw=wetransferadzerk716769425458&fd=1&it=500&ti=0&ih=2&pe=0%3A458%3A458%3A454%3A260&fs=200656&na=1133649203&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=0&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=244&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A458%3A458%3A454%3A260&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=213&cd=0&ah=213&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=DOMSEARCH&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=967964303&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=1&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=682&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=0&ad=106&cn=0&gk=106&gl=0&ik=106&ic=106&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=453&cd=213&ah=453&am=213&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=2112826378&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=1729&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=1156&cn=106&gn=1&gk=1156&gl=106&ik=1156&ic=1156&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1511&cd=453&ah=1511&am=453&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1896704529&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=1729&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=1156&cn=1156&gn=1&gk=1156&gl=1156&ik=1156&ic=1156&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1511&cd=1511&ah=1511&am=1511&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=874608788&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=1729&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=1156&cn=1156&gn=1&gk=1156&gl=1156&ik=1156&ic=1156&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1511&cd=1511&ah=1511&am=1511&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=103694036&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=5262&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=4671&cn=1156&gn=1&gk=4671&gl=1156&ik=4671&ic=4671&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5025&cd=1511&ah=5025&am=1511&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1215609395&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=5679&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=5106&cn=4671&gn=1&gk=5106&gl=4671&ik=5106&ic=5106&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5460&cd=5025&ah=5460&am=5025&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1034407743&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=0&m=7020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=6374&cn=5106&gn=1&gk=6374&gl=5106&ik=6374&ic=6374&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6932&cd=5460&ah=6932&am=5460&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&az=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=641a672a717a873&y=281a251a214a89&c=311a274a260a243&na=1939681432&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=8&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com%2F&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=10695&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=10122&cn=6374&gn=1&gk=10122&gl=6374&ik=10122&ic=10122&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10462&cd=6932&ah=10462&am=6932&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&ay=90&az=90&ba=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1335153979&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=9&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=15685&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=15112&cn=10122&gn=1&gk=15112&gl=10122&ik=15112&ic=15112&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15460&cd=10462&ah=15460&am=10462&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&ay=90&az=90&ba=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=566781503&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=17&i=WETRANSFER_ADZERK_DISPLAY1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&m=0&ar=e27dbc83ae5-clean&iw=e44cbc7&q=2&cb=0&ym=0&cu=1666157735301&ll=1&lm=1&ln=1&r=0&em=0&en=0&d=552079%3A7170338%3A16251438%3A127818137&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&bo=US&bd=199072&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&gw=wetransferadzerk716769425458&fd=1&it=500&ti=0&ih=2&pe=0%3A118%3A118%3A107%3A85&fs=200656&na=536643485&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=0&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=113&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A118%3A118%3A107%3A85&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=92&cd=0&ah=92&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=DOMSEARCH&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1530414374&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&bq=0&g=1&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=210&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=0&ad=50&cn=0&gk=50&gl=0&ik=50&ic=50&ez=1&cq=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=92&cd=92&ah=92&am=92&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=946237885&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=21&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-Zek63cnegzlATH1H%2FPnZSH7dCaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-E31B1BJzs6uFgA%3D%3D&sc=1&os=1-BA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=10&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157705795&de=482122259883&cu=1666157705795&m=29935&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A458%3A458%3A454%3A260&aa=1&ad=29282&cn=15112&gn=1&gk=29282&gl=15112&ik=29282&ic=29282&ez=1&co=1156&cp=1511&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=1&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=29840&cd=15460&ah=29840&am=15460&xd=00&rf=0&re=1&wb=2&ap=6512&ax=90&ay=90&az=90&ba=90&aw=69&bg=69&be=69&cl=18&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199071&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199071&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=2030987668&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=1240&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=1083&cn=50&gn=1&gk=1083&gl=50&ik=1083&ic=1083&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=92&ah=1022&am=92&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=505492567&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=1240&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=1083&cn=1083&gn=1&gk=1083&gl=1083&ik=1083&ic=1083&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=544669188&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=1240&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=1083&cn=1083&gn=1&gk=1083&gl=1083&ik=1083&ic=1083&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=555907004&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=5325&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=5168&cn=1083&gn=1&gk=5168&gl=1083&ik=5168&ic=5168&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5107&cd=1022&ah=5107&am=1022&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=684533995&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=5541&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=5384&cn=5168&gn=1&gk=5384&gl=5168&ik=5384&ic=5384&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5310&cd=5107&ah=5310&am=5107&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1385496475&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=0&m=7004&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=7&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=6818&cn=5384&gn=1&gk=6818&gl=5384&ik=6818&ic=6818&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6960&cd=5310&ah=6960&am=5310&xd=00&rf=0&re=1&wb=2&ap=6760&ax=43&az=43&aw=43&bg=43&be=43&cl=0&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=927a912a896&y=187a199a215&c=43a29a14&na=2101095313&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=1&m=8032&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=8&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=7845&cn=6818&gn=1&gk=7845&gl=6818&ik=7845&ic=7845&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=7987&cd=6960&ah=7987&am=6960&xd=00&rf=0&re=1&wb=2&ap=6760&ax=419&ay=43&az=1029&ba=43&aw=268&bg=268&be=653&bf=919&cl=8&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=882a881a882a887a911a920a933a927a911a884&y=230a238a250a259a278a283a290a301a329a370&c=1011a995a980a962a945a917a903a729a715a698&na=901540982&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=2&m=10039&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=9&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=9707&cn=7845&gn=1&gk=9707&gl=7845&ik=9707&ic=9707&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9849&cd=7987&ah=9849&am=7987&xd=00&rf=0&re=1&wb=2&ap=6760&ax=528&ay=419&az=2364&ba=1029&aw=268&bg=1880&be=1880&bf=919&bh=2256&cl=40&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=323a311a290a285a300a333&y=497a487a473a469a469a484&c=760a752a737a719a284a269&na=144853215&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fbackgrounds.wetransfer.net%2Fcreator%2Fwetransfer%2F2203-WTO%2Fstatic-6%2F1_QMdy6g%2Ftop-right.d22a71959ab417e17ce8.png&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=10&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com%2F&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=10271&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=10114&cn=9707&gn=1&gk=10114&gl=9707&ik=10114&ic=10114&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10053&cd=9849&ah=10053&am=9849&xd=00&rf=0&re=1&wb=2&ap=6760&ax=528&ay=528&az=2364&ba=2364&aw=268&bg=1880&be=1880&bf=919&bh=2256&cl=40&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1930775131&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=3&m=12018&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=11&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=11784&cn=10114&gn=1&gk=11784&gl=10114&ik=11784&ic=11784&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=11926&cd=10053&ah=11926&am=10053&xd=00&rf=0&re=1&wb=2&ap=6760&ax=931&ay=528&az=2767&ba=2364&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=57&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=0a13a19a26a38a54a77a109a112a116a119a122&y=428a428a428a428a432a438a454a467a470a470a470a470&c=606a593a577a560a545a527a495a443a431a403a389a373&na=1522441349&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=4&m=13020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=12&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=12804&cn=11784&gn=1&gk=12804&gl=11784&ik=12804&ic=12804&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=12946&cd=11926&ah=12946&am=11926&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1141&ay=931&az=2977&ba=2767&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=57&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=58a22a0a67a16a71a148a183&y=435a441a438a409a316a477a493a493&c=715a702a542a528a311a185a171a154&na=135958818&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=5&m=14021&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=13&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=13833&cn=12804&gn=1&gk=13833&gl=12804&ik=13833&ic=13833&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=13975&cd=12946&ah=13975&am=12946&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1450&ay=1141&az=3286&ba=2977&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=64a9a32a71a164a90a19a9a0a0a6&y=152a175a390a390a49a43a104a133a200a252a271&c=991a984a851a829a696a657a608a594a578a563a547&na=1195423863&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=6&m=15020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=14&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=14662&cn=13833&gn=1&gk=14662&gl=13833&ik=14662&ic=14662&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=14804&cd=13975&ah=14804&am=13975&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1773&ay=1450&az=3609&ba=3286&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=421a498a527a559a572a572a569a533a479a440a376a376a472a495a514a521a521a514a459a418&y=287a265a255a239a232a229a213a200a197a197a216a284a255a245a232a229a226a226a226a232&c=562a547a531a512a500a482a466a450a434a405a390a276a250a233a219a204a186a171a155a142&na=827803822&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=9&q=3&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=15&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=15244&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=15086&cn=14662&gn=1&gk=15086&gl=14662&ik=15086&ic=15086&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15015&cd=14804&ah=15015&am=14804&xd=00&rf=0&re=1&wb=2&ap=6760&ax=1938&ay=1773&az=3774&ba=3609&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=2057230524&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=7&m=16027&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=16&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=15710&cn=15086&gn=1&gk=15710&gl=15086&ik=15710&ic=15710&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15852&cd=15015&ah=15852&am=15015&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2019&ay=1938&az=4467&ba=3774&aw=277&bg=1880&be=1880&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=463a485a508a514a508a492a469a434a360a431a482a543a569a575&y=329a329a329a329a329a329a329a329a329a287a271a255a245a245&c=990a970a956a941a913a899a883a867a851a693a678a663a649a633&na=1291323404&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=8&m=18020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=17&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=17785&cn=15710&gn=1&gk=17785&gl=15710&ik=17785&ic=17785&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=17927&cd=15852&ah=17927&am=15852&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2117&ay=2019&az=5895&ba=4467&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=82&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=569a556a511a479a421&y=252a258a281a297a319&c=663a642a623a610a594&na=1093953481&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=9&m=22195&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=18&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=21940&cn=17785&gn=1&gk=21940&gl=17785&ik=21940&ic=21940&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=22082&cd=17927&ah=22082&am=17927&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2135&ay=2117&az=5913&ba=5895&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=83&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=234&y=518&c=905&na=1070573784&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=1&q=10&m=23020&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=19&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=22771&cn=21940&gn=1&gk=22771&gl=21940&ik=22771&ic=22771&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=22913&cd=22082&ah=22913&am=22082&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2362&ay=2135&az=6140&ba=5913&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=83&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&x=173a173a180a180a180a183a183a186a186&y=509a506a496a493a490a486a483a477a470&c=798a778a764a745a732a716a684a672a656&na=610013779&cs=0

HTTP Response

200

HTTP Request

GET https://px.moatads.com/pixel.gif?e=21&q=0&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=WETRANSFER_ADZERK_DISPLAY1&ol=1619891035&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tR%2390vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K(.%3Ce%24%26xtlEjr~RefxECSR23_hFAkD%3Dv%3Cy%5D~F%3BIz!bm!jKjn%3C%2C%7BnNb%25%24(%3DNqU%60W5u%7Bo(zs1CoK%2Bdr%5BG)%2C3ii)RGL3emgSuRVE&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3653915171%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-rCTHOWhfMBXplwesfXB5hoUR%2Fup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-jlLIXjYST%2BDrDg%3D%3D&sc=1&os=1-aQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCkqtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbGBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=10&qd=10&qf=1034&qe=523&qh=1050&qg=660&qm=0&qa=1280&qb=720&qi=1280&qj=680&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD%7BMx5%3C1%3B(8.%7CLK2_v%5Eq%2BGs1%7B%2CyB%3AU!%2FoD%7BMx5%3C1%3B(Oy%2CUy%3CD&ql=D%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlN%24eCKu%2BkkvoD%3FZ.%5BoJ5B2%26%3A%7DL7R37~WlNpTyKIw%40%40soz4%5EC%2CYRd%7Cw%24_%3Fj!L&qo=0&qr=0&vf=1&vg=100&bq=0&g=20&h=523&w=1034&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwetransfer.com%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fwetransfer.com&lp=https%3A%2F%2Fwetransfer.com&t=1666157735301&de=652451774427&cu=1666157735301&m=23337&ar=e27dbc83ae5-clean&iw=e44cbc7&cb=0&ym=0&ll=1&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=523&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A118%3A118%3A107%3A85&aa=1&ad=22979&cn=22771&gn=1&gk=22979&gl=22771&ik=22979&ic=22979&ez=1&co=1083&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=23121&cd=22913&ah=23121&am=22913&xd=00&rf=0&re=1&wb=2&ap=6760&ax=2362&ay=2362&az=6140&ba=6140&aw=277&bg=2112&be=2112&bf=919&bh=2256&cl=83&at=1&d=552079%3A7170338%3A16251438%3A127818137&bo=US&bd=199072&gw=wetransferadzerk716769425458&zMoatOrigSlicer1=US&zMoatOrigSlicer2=199072&hv=WETRANSFER_ADZERK_DISPLAY1-wallpaper&ab=3&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=200656&na=1678296070&cs=0

HTTP Response

200
20.234.93.27:443

c.clarity.ms

tls

msedge.exe

1.9kB
7.9kB
14
14
52.71.87.168:443

resources.xg4ken.com

tls

msedge.exe

1.7kB
10.2kB
13
15
204.79.197.200:443

www.bing.com

tls, https

2.7kB
8.5kB
19
18
204.79.197.239:443

edge.microsoft.com

tls

msedge.exe

3.1kB
87.6kB
41
74
84.53.185.32:443

https://assets.msn.com/weathermapdata/1/static/weatherEplant/bubble/32x32.png

tls, http2

msedge.exe

10.9kB
415.1kB
176
320

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/otSDKStub.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/otBannerSdk.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/otTCF.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/service/news/feed/pages/ntp?activityId=A4B6769F-C217-4B64-AA81-622728CDC462&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&audienceMode=adult&caller=bgtask&contentType=article,video,slideshow,webcontent&duotone=true&fdhead=gholdout,prg-wx-mapv1&infopaneCount=17&market=nl-nl&memory=4&newsSkip=0&newsTop=48&ocid=anaheim-ntp-feeds&prerender=1&timeOut=2000

HTTP Request

GET https://assets.msn.com/statics/icons/favicon_newtabpage.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/weathermapdata/1/static/svg/72/v2/card/CloudyV3.svg

HTTP Response

200

HTTP Request

GET https://assets.msn.com/weathermapdata/1/static/svg/72/v2/card/ClearNightV3.svg

HTTP Response

200

HTTP Request

GET https://assets.msn.com/weathermapdata/1/static/svg/72/v2/card/MostlySunnyDay.svg

HTTP Response

200

HTTP Request

GET https://assets.msn.com/weathermapdata/1/static/svg/72/v2/card/PartlyCloudyDayV3.svg

HTTP Response

200

HTTP Request

GET https://assets.msn.com/weathermapdata/1/static/background/v2.0/jpg/cloudy_2.jpg

HTTP Response

200

HTTP Request

GET https://assets.msn.com/weathermapdata/1/static/background/v2.0/jpg/sunny.jpg

HTTP Response

200

HTTP Request

GET https://assets.msn.com/weathermapdata/1/static/weatherEplant/animation/greeting_once_cv2.gif

HTTP Response

200

HTTP Request

GET https://assets.msn.com/weathermapdata/1/static/weatherEplant/bubble/32x32.png

HTTP Response

200
84.53.185.32:443

https://assets.msn.com/bundles/v1/edgeChromium/latest/xfeed.84234d1c09e85dc0db97.js

tls, http2

msedge.exe

147.7kB
6.1MB
2624
4649

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/vendors.a651ede35d61930b4252.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/microsoft.9547ad654f6676820cce.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/common.5c6ba596a471604c2321.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/experience.a4af0f3f9faf4c9cae35.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/consent/55a804ab-e5c6-4b97-9319-86263d365d28/55a804ab-e5c6-4b97-9319-86263d365d28.json

HTTP Response

200

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/consent/55a804ab-e5c6-4b97-9319-86263d365d28/3f919e77-021f-4b8a-a023-eb702b275e96/nl-nl.json

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/consent/55a804ab-e5c6-4b97-9319-86263d365d28/iab2Data.json

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/topicData.3601f983a491b0a0d1de.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/otFlat.json

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/v2/otPcCenter.json

HTTP Response

200

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/otCookieSettingsButton.json

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/staticsb/statics/latest/oneTrust/1.5/scripttemplates/6.25.0/assets/otCommonStyles.css

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/feed-navigation-header.c0fe05d66edd98832e38.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_finance-service-library_dist_redux_FinanceData_connector_js.29a45b9af292d2c27c4f.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_super-feed_dist_feed-manager_FeedManagerWithClientAd_js-node_modules_lodash-es_camelCase-c142b4.eea99423dcea3617423c.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_feed-layout_dist_layout-templates_template-maps_AnaheimLayoutTemplateMap_js.11d1aec880792966f8ce.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/pivot-content-wc.400f904d4896e0e40815.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedModule_js.d3a4e61618bf269c1eae.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_ads-constants_dist_AdTemplate_config_schema_js-libs_experiences-constants_dist_ZoomStyle-65215d.46a52dae5b2ee630e8ea.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/grid-view-feed.aba4da6582914b4429ae.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

HTTP Request

GET https://assets.msn.com/service/msn/topics?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&queryType=MyFeed&$top=1000&allTopics=true&responseSchema=cardview&location=52.3056|4.9421

HTTP Response

401

HTTP Response

200

HTTP Request

OPTIONS https://assets.msn.com/service/news/feed/pages/ntp?activityId=A4B6769F-C217-4B64-AA81-622728CDC462&apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&audienceMode=adult&caller=bgtask&contentType=article,video,slideshow,webcontent&duotone=true&fdhead=gholdout,prg-wx-mapv1&infopaneCount=17&market=nl-nl&memory=4&newsSkip=0&newsTop=48&ocid=anaheim-ntp-feeds&prerender=1&timeOut=2000

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/node_modules_sortablejs_modular_sortable_esm_js.883fee7723671fc5aa12.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/weather-data-connector.cd1a653de0797bd3da00.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_icons-wc_icons_AqiIcon_svg-libs_icons-wc_icons_BannerRainStart_svg-libs_icons-wc_icons_B-0f469e.78580366a9f229bfb314.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_index_js.fa93ead74fa0df4c0084.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_icons-wc_icons_CardActionFluentButton_svg-libs_icons-wc_icons_HideV2_svg-libs_icons-wc_i-46086e.082cddef7423ca63da35.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/shopping-card-wce.8a022da69a56d5687819.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

HTTP Response

401

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_components_weather-hide-dialog_index_js.5b7ba2c26bad62ecf8d9.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_components_weather-hide-remind_index_js.88b7d28d697039071577.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_weather-card-wc_dist_components_weather-report-issue_index_js.747deb3201dde54adda3.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/coachmark-wc.a29a16af92d15f2b4968.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/conditionalBannerWC.9d5ecc1c353ecfcd0abd.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/settings-dialog-edgenext-wc.7efb66ce86463bb5410d.js

HTTP Response

200

HTTP Response

401

HTTP Request

GET https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

HTTP Request

GET https://assets.msn.com/content/v1/cms/api/amp/Document/BBGgoUg

HTTP Response

200

HTTP Response

401

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/super-coach-mark-wc.8de273ea96f246406ff8.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/waffle-wc.ba0bc7e8d735f037f0d8.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/content/v1/cms/api/amp/Document/BBOTMVt

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/welcomeGreeting.8505a116f4bdb64523c6.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/articleFre.9c6b38fc418ba3ec849c.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/notification-bell-wc.c1c23e024cc4990e8074.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/feedback.718b143d7dd195e0e78c.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/content/v1/cms/api/amp/Document/BB1dwxz2

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/sign-in-control-wc.5d6a24cfa3a5d942c0a3.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/office-leftrail.7e2fb8b907a0c4ee27c0.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/breakingNewsWC.0592b6bc5b7136c7eccc.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/articleRelatedStories.62682c041e678b91a8b6.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/articleTopComment.0e5ffce51cde09df79dd.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/ms-rewards-wc.6f002634d9bab5423468.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/outlook-email-preview-wc.ede92f09038701c2a74f.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/feed-toggle-wc.72314c7e53c6581b6213.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/breakingnews/v1/cms/api/amp/article/AA430z6

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/layout-toggle.deddb838ef17b0c7d2d6.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/autos-carousel.b8aa9b3d98beec05d7c8.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/pill-wc.992b8b6b050ad85c22e8.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/card-actions-wc.6ee74bc3568f1ed2e1e8.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/autosMarketplaceCard.5de27813433717f66680.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/CoachmarkData.4b820d591661c69411df.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/RewardsData.f113cb990b879e374393.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/ocvFeedback.89a10712feb248d098d8.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/toast-wc.820ad4a1a9dab6c1a909.js

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/weather-data-lazy-services.360f24dabe754cf44131.js

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_finance-service-library_dist_index_js.5866d3e60e1569e2a4ed.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/back-to-top-button.ffd576e39db76f384151.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/sticky-peek.4c4df533575914af9f03.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/background-gallery.df2e0ccbb7da047b68e8.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/service/Finance/Exchanges?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-Peregrine&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&ids=r6dwnt&wrapodata=false

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/money-info-card-wc.8e45cde4c6f70835cc32.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/bingHealth.4bd0d7683f434aab0027.js

HTTP Request

GET https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

HTTP Response

200

HTTP Response

401

HTTP Request

GET https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/bingHealthCard.58f3355c9628f0393e95.js

HTTP Response

200

HTTP Response

401

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/bundler.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/casual-games-card.1a6783c8a697d350b1eb.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/casual-games-experience.d7b7bc8d3f1bd29f6577.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/category-data-connector.0ab64a9055bd2f4c19b3.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/clarity.0394c58f04e4aa405861.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

HTTP Response

401

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/cold-start-gif.05ea6cc30c2f0977775a.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/cold-start-wc.86b8563f1977fcdb6e4b.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/common-settings-edgenext.12c182fb6de97f4c203d.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/company-news-card.8a6e4dc33f3e3debfe65.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/content-group-card.e2522c74ad29071967c1.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/daily-brief-wc.80aabe26082b2a333c80.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/default-browser-reclaim-banner.f9f6932c87c7d309dd5f.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/DefaultBrowserReclaimData.8abfe95ed5d89b77eb4c.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/dev-tools.f74ce40844294f403d22.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/service/News/Users/Me/Actions?apikey=0QfOX3Vn51YCzitbLaRkTTBadtWpgTN8NZLW0C1SEM&activityId=A4B6769F-C217-4B64-AA81-622728CDC462&ocid=anaheim-ntp-feeds&market=nl-nl&fdhead=gholdout,prg-wx-mapv1&targetType=provider&actionType=Subscribe&$top=100

HTTP Response

401

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/digest-card.1711d413e9b6080b8602.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/edge-shopping.b651c559352230d9c256.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/EdgeNextPage.constants.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/EdgeNextSSRInteropContract.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/EdgeNextTelemetry.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/esports-card.a81b95825fc5ba6bce88.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/esports-streams-card.4d4fc788e9166843e521.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/ExperienceLoadedData.503d466bcf252ff0962b.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-coldstart_index_js.f7ce9aecd185bba95e4d.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-feedback_index_js.f0dbfbc2e88ab7e18b34.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-hidepopup_index_js.78f6a23fecd9007da334.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/experiences_sports-card-wc_dist_components_sports-hidereminder_index_js.2fddf8f6f7c8755ea82a.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/feedback-dialog.af4f225ad995a45ab3b0.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/FeedNavHeaderData.599a3827c3bf66e36e86.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/FontUtility.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/game-card.9e09d6dab71642fd4787.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-compete-card.84699e4932e25b662a71.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-match-card.a4401d46db63d2635ad1.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-media-carousel.032e111c0822a925280d.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-personalization-card.5324d2a652dcfa8f473f.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-recentlyplayed-card.dd84940f6a70d47339af.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-recommended-card.90886855f238981d9c76.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-reddit-card.accf97f0eb8c9e795cbe.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-rewards-card.f5608f31ab077a3b82ae.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-stream-card.dc386a7ca84c329504d3.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-tournament-card.5acafdb89f44ff05db4d.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-upcoming-card.757737acf1d188cd8a53.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/gaming-video-card.4afdb83f0ea8502c708a.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/general-elections.fa624b4ffcabe8e7aad1.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/grocery-coupon-sd-card.ade8877df81a553cb1c6.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/health-tip-wc.fb4fc0c4c1180544c832.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/healthFitnessCarousel.6720603d9f43541b6a27.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/holiday-effects.d49a242a20a5e24b0382.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/horizontal-nav.151da93f5720fd6c2633.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/horoscope-answer-card-wc.a83789354995ac943a1f.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/image-search-wc.70bb67979f3bddfa04b6.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/inline-head.6a6ff7926a1425eeea85.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/inline-head.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/inline-tuning-upsell.28914ad1e1f83f24d738.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/interests-wc.7ce4ac698286bac157df.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/language-mismatch-banner.6ab6edea60ecd9a9fb9e.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/LanguageMismatchData.1deacf2a60938e450289.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/layoutPreferenceData.31fc4154cdf13f310027.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_feed-layout-common_dist_FeedLayoutCardSize_js-libs_feed-layout_dist_index_js.5015f916ceef187ad4ff.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_super-feed_dist_index_js.21442c5c22f8f45015b9.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_traffic-chart-utils_dist_index_js.12bf0722ec19678a678b.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/libs_video-card-plugin-factory_dist_virtualadsplayer_plugin_js.386fbdeace8bc8e9ec4f.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/linear-view-feed.6a845b5c4b9eb288a26a.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/linked-in-card.9f427c45242aedb94987.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/locationMarker.e77fc7e71abb3a686f68.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/lottery-card.7ceb80f1794621e8bb44.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/marketplace-card-wc.48446e8074dde23b0f0a.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/mobile-app-upsell-floating-btn.413e115ad8d2473f5fd8.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/mobile-app-upsell.8c83effaaaf90b58b6f6.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/mockConfigs.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/mockHeader.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/money-info-shared-state.991d5bd1ac0e6daf4788.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/msccCookieBanner.33bd1baa253920774704.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-call-to-action.2a74d2bf16e40627a28a.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-decoration-combo.dde4b1c2e91d0ae13ee5.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-like-button.68a5d03024e2d997e0d8.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-sales-highlight-v1.fc83432c05225bef9020.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-sales-highlight-v3v4.f899fae2a4c0ee0a240e.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/native-ad-trending.0170e00a2d7de64c7c7e.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/nativeadsdecorations.a97b85a690ead9e855a6.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/nativeadstemplates.301f6fd9e32c6946e4d5.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/news-headline-below-searchbox.599fed15e11671d38e24.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/news-segment-carousel.e7b1615739e64749e372.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/newsbar-toggle.fe0019ee9422861ce6fa.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/node_modules_intersection-observer_intersection-observer_js.7ed8a4e215d160c64db4.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/node.index.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/ocv-feedback-data/index.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/ocv-feedback-data/OcvFeedbackData.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/office-coachmark.49e075c972b8a58454a9.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/office-feed.17ac0a59c7eb7a8f5362.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/on-this-day-card-small.5b52f49b4016d391b40d.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/on-this-day-card-wc.126b15edcdd24e5185e7.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/oneTrustCookieConsentData.9e76f91797f1e6b4ae9d.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/overlay-wc.7cca6e3f28f198f19d27.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/page-error-handling.db84b2a12deadb7bcb1b.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/page-error-handling.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/page.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/personalize-nav-button.d25ece26429e20bee910.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/pivots-nav-edgenext.8589bf13131ae9fc5475.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/polls-card-wc.aa32f933b296dbcecace.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/poweredby-legend-wc.26ef6c1ffbff4473faef.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/poweredByData.8d934c50f38e418267ab.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/premium-profile-promo-card.f9d39baff159c7a2c439.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/prism-sd-card.265cef4eff59378bfee0.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/profile-promo-card.92fe974a1af3653126d2.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/promoBannerWC.dfb54065b3f588a9fb57.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/publisher-carousel.1ea500b511b4fffba59b.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/qna-card.2b682c662093bdcb4605.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/quiz-card.71cf4f609e05076553ab.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/reaction-breakdown-dialog.c95ec5b3c2813eca2486.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/recipes-sd-card.b5b6b07448d62643c2f9.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/recommended-interests.2ad44a3763142a90dfd9.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/recommended-search-carousel-wc.54ddc218865cc02bdb02.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/recommended-searches-card.0450dae92ff70fdad7f7.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/recommendedSites-wc.e811d47a62accc6e9e30.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/rewards-card-wc.7596eccd2530255bd3ab.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/rewards-daily-set-card.06133958457f4fe750cf.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/RewardsCoachmarkData.811235af21c913c4adb3.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/sd-card-mask-wc.5d21caf63fb9cb8aa7ba.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/search-history-edgenext-wc.5ec9754a8026d09d4788.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/SearchHistoryEdgenextData.374a311a416d7d948536.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/select-carousel.a8af4a8f3c78195cde69.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/shared-links.8906b9de33efc8b35ac2.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/sharepoint-news-card.1d0ecc57811dc3e151bc.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/shopping-edge-insights-card.74340e84e9bfe0a2710b.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/shopping-smart-list.56a461aa3e68d4f728bc.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/shuffle-fre.617078965e558a1d2dac.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/side-bar.ac99d53a746a6efed66f.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/sign-in-banner-wc.89134d824c16beeaa0ea.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/sign-in-flyout-wc.86d8d2e257c765559901.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/SignInData.81c3c0c99a253c9ea77a.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/social-avatar.0df0fdd130694364eae8.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/social-bar-wc.8ebf9d66c25c13b738b4.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/social-data-connector.ef246fbabd550bf02893.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/social-report-menu.7569d6971e88b4accd7f.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/sports-card-wc.9579fa88576068e0b6c3.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/sports-olympic-card-wc.2138006942c08424e887.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/sports-worldcup-card-wc.9557273ad0b564a2f20a.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/spotlight-card-wc.f0beb5ef32036b54a36a.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/super-nav.c0f5a2ebe1a8d06b9af4.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/theme-picker-wc.a6d3097fcc0811844b6f.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/traffic-card-wc.436abb8cf7f612e272ff.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/travel-destination.574c6ad2f6c705e4be68.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/trendingNowWC.f60f3d1977d7eb782469.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/trendingTopics.872371c3941cc051b3ff.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/vertical-left-nav.252444d718e7b23144d5.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/videoCard.4f35000a7c49ad78c957.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/voice-search-wc.257f441e8954f837193c.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/VpReadyHelper.a75547cb104126095d6f.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_content-video-player_dist_index_js.9f879229ab2d57803c46.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_native-ad-video_dist_index_js.821d931ca647b2d887d9.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-cards_dist_cards_sub-components_card-action-tray_OptedOutReactionTemplate_js.524dd12dd27eec990560.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedInfopane24Module_js.a9813170b5a62d08304a.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedInfopaneModule_js.a5939e920cd8e83595b1.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedNoHoverModule_js.c1e29709ede16305480f.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedNoSeeMoreModule_js.f1e6445e44b28c8bca2e.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_CsFeedNoUnderlineModule_js.cb366ef222ed5ce5d9a7.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-components_super-container_dist_register_MsftFeedModule_js.c0bc725f51bf2f707132.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-worker.2a3970fffb468e468f0b.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/web-worker.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/xbox-feed-wc.3572571cbc645f2a823e.js

HTTP Response

200

HTTP Request

GET https://assets.msn.com/bundles/v1/edgeChromium/latest/xfeed.84234d1c09e85dc0db97.js

HTTP Response

200
84.53.185.32:443

assets.msn.com

tls, https

msedge.exe

1.2kB
7.2kB
13
14
2.16.106.82:443

img-s-msn-com.akamaized.net

tls

msedge.exe

26.4kB
908.3kB
481
671
20.234.93.27:443

c.msn.com

tls

msedge.exe

972 B
6.8kB
8
9
204.79.197.200:443

c.bing.com

tls

msedge.exe

1.1kB
8.0kB
9
12
52.222.139.77:443

sb.scorecardresearch.com

tls, https

msedge.exe

943 B
6.7kB
8
11
204.79.197.239:443

edge.microsoft.com

tls

msedge.exe

2.2kB
8.0kB
17
23
2.16.107.75:443

https://deff.nelreports.net/api/report?cat=msn

tls, http

msedge.exe

2.6kB
7.9kB
12
16

HTTP Request

OPTIONS https://deff.nelreports.net/api/report?cat=msn

HTTP Response

200

HTTP Request

POST https://deff.nelreports.net/api/report?cat=msn

HTTP Response

200
8.238.110.126:80

322 B
7
13.89.179.10:443

322 B
7
178.250.2.151:443

https://sslwidget.criteo.com/event?a=89395&v=5.12.1&p0=e%3Dvpg&adce=1&tld=wetransfer.com&dy=1&fu=https%253A%252F%252Fwetransfer.com%252Fdownloads%252Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%252F065093&dtycbr=31413&gra=1&grs=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA&grv=2

tls, http2

msedge.exe

1.9kB
4.8kB
12
11

HTTP Request

POST https://sslwidget.criteo.com/event?a=89395&v=5.12.1&p0=e%3Dvpg&adce=1&tld=wetransfer.com&dy=1&fu=https%253A%252F%252Fwetransfer.com%252Fdownloads%252Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%252F065093&dtycbr=31413&gra=1&grs=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA&grv=2

HTTP Response

302
74.119.119.150:443

https://widget.us.criteo.com/event?a=89395&v=5.12.1&p0=e%3Dvpg&adce=1&tld=wetransfer.com&dy=1&fu=https%253A%252F%252Fwetransfer.com%252Fdownloads%252Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%252F065093&dtycbr=31413&gra=1&grs=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA&grv=2

tls, http2

msedge.exe

2.0kB
4.6kB
14
13

HTTP Request

GET https://widget.us.criteo.com/event?a=89395&v=5.12.1&p0=e%3Dvpg&adce=1&tld=wetransfer.com&dy=1&fu=https%253A%252F%252Fwetransfer.com%252Fdownloads%252Fc24de51f882b1e76d03d5e5f15ce072c20221018174440%252F065093&dtycbr=31413&gra=1&grs=CPhGGwAPhGGwAPnACAENAxCAAEIAEEJAEAABGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAAAAAAA.JGbQFgABAAMABlAEQARQAnABlADcAH4ATABCACLAEcAKQAVkAuoBpgDiAH8AXmAwQBkkjKSM2AAA&grv=2

HTTP Response

200
8.238.110.126:80

322 B
7
8.238.110.126:80

322 B
7
8.238.110.126:80

322 B
7
52.222.139.114:443

https://download.wetransfer.com/eugv/c24de51f882b1e76d03d5e5f15ce072c20221018174440/6d086cf466bd21b17a50e62e83198b14eaa983e5/slam%20ransomware%20builder%20installer.exe?token=eyJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NjYxNTc3NTksImV4cCI6MTY2NjE1ODM1OSwidW5pcXVlIjoiYzI0ZGU1MWY4ODJiMWU3NmQwM2Q1ZTVmMTVjZTA3MmMyMDIyMTAxODE3NDQ0MCIsImZpbGVuYW1lIjoic2xhbSByYW5zb213YXJlIGJ1aWxkZXIgaW5zdGFsbGVyLmV4ZSIsIndheWJpbGxfdXJsIjoiaHR0cDovL3N0b3JtLWludGVybmFsLnNlcnZpY2UuZXUtd2VzdC0xLndldHJhbnNmZXIubmV0L2FwaS93YXliaWxscz9zaWduZWRfd2F5YmlsbF9pZD1leUpmY21GcGJITWlPbnNpYldWemMyRm5aU0k2SWtKQmFITkxkMms0VEVaUWJrRlJRVDBpTENKbGVIQWlPaUl5TURJeUxURXdMVEU1VkRBMU9qUTFPalU1TGpBd01Gb2lMQ0p3ZFhJaU9pSjNZWGxpYVd4c1gybGtJbjE5LS03YWM5OGIyYzM2OWEwNmVkYjExYmRhYzFmMGIzZDliNTc0ODViOWZhOWNjYmJlZTg0NTFhYTU2ZWM4ZDA2NDc2IiwiZmluZ2VycHJpbnQiOiI2ZDA4NmNmNDY2YmQyMWIxN2E1MGU2MmU4MzE5OGIxNGVhYTk4M2U1IiwiY2FsbGJhY2siOiJ7XCJmb3JtZGF0YVwiOntcImFjdGlvblwiOlwiaHR0cDovL2Zyb250ZW5kLnNlcnZpY2UuZXUtd2VzdC0xLndldHJhbnNmZXIubmV0L3dlYmhvb2tzL2JhY2tlbmRcIn0sXCJmb3JtXCI6e1widHJhbnNmZXJfaWRcIjpcImMyNGRlNTFmODgyYjFlNzZkMDNkNWU1ZjE1Y2UwNzJjMjAyMjEwMTgxNzQ0NDBcIixcImRvd25sb2FkX2lkXCI6MTY3OTI3NzIxOTZ9fSJ9.iI_dMnwQgr93MLHJxEzTN6PULgkjApRERjL3IbrX8gs&cf=y

tls, http

msedge.exe

1.5MB
28.2MB
20127
20198

HTTP Request

GET https://download.wetransfer.com/eugv/c24de51f882b1e76d03d5e5f15ce072c20221018174440/6d086cf466bd21b17a50e62e83198b14eaa983e5/slam%20ransomware%20builder%20installer.exe?token=eyJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NjYxNTc3NTksImV4cCI6MTY2NjE1ODM1OSwidW5pcXVlIjoiYzI0ZGU1MWY4ODJiMWU3NmQwM2Q1ZTVmMTVjZTA3MmMyMDIyMTAxODE3NDQ0MCIsImZpbGVuYW1lIjoic2xhbSByYW5zb213YXJlIGJ1aWxkZXIgaW5zdGFsbGVyLmV4ZSIsIndheWJpbGxfdXJsIjoiaHR0cDovL3N0b3JtLWludGVybmFsLnNlcnZpY2UuZXUtd2VzdC0xLndldHJhbnNmZXIubmV0L2FwaS93YXliaWxscz9zaWduZWRfd2F5YmlsbF9pZD1leUpmY21GcGJITWlPbnNpYldWemMyRm5aU0k2SWtKQmFITkxkMms0VEVaUWJrRlJRVDBpTENKbGVIQWlPaUl5TURJeUxURXdMVEU1VkRBMU9qUTFPalU1TGpBd01Gb2lMQ0p3ZFhJaU9pSjNZWGxpYVd4c1gybGtJbjE5LS03YWM5OGIyYzM2OWEwNmVkYjExYmRhYzFmMGIzZDliNTc0ODViOWZhOWNjYmJlZTg0NTFhYTU2ZWM4ZDA2NDc2IiwiZmluZ2VycHJpbnQiOiI2ZDA4NmNmNDY2YmQyMWIxN2E1MGU2MmU4MzE5OGIxNGVhYTk4M2U1IiwiY2FsbGJhY2siOiJ7XCJmb3JtZGF0YVwiOntcImFjdGlvblwiOlwiaHR0cDovL2Zyb250ZW5kLnNlcnZpY2UuZXUtd2VzdC0xLndldHJhbnNmZXIubmV0L3dlYmhvb2tzL2JhY2tlbmRcIn0sXCJmb3JtXCI6e1widHJhbnNmZXJfaWRcIjpcImMyNGRlNTFmODgyYjFlNzZkMDNkNWU1ZjE1Y2UwNzJjMjAyMjEwMTgxNzQ0NDBcIixcImRvd25sb2FkX2lkXCI6MTY3OTI3NzIxOTZ9fSJ9.iI_dMnwQgr93MLHJxEzTN6PULgkjApRERjL3IbrX8gs&cf=y

HTTP Response

200
52.222.139.114:443

download.wetransfer.com

tls

msedge.exe

897 B
6.5kB
7
9
20.86.249.62:443

https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

tls, http

msedge.exe

4.6kB
12.1kB
15
15

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/navigate/2

HTTP Response

200
204.79.197.239:443

edge.microsoft.com

tls

msedge.exe

6.1kB
10.9kB
16
22
20.86.249.62:443

https://nav.smartscreen.microsoft.com/api/browser/edge/download/2

tls, http

msedge.exe

4.5kB
11.9kB
16
14

HTTP Request

POST https://nav.smartscreen.microsoft.com/api/browser/edge/download/2

HTTP Response

200
209.197.3.8:80

http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/27c205c0-4d23-4061-a4dc-efff6a98e2e1?P1=1666216863&P2=404&P3=2&P4=YFPZQfR%2bl0bRS06CY4bEkPHhd2uWC8szhya8eW6pte%2bxPKn1pSM2UHL4otmi0mPgaW%2fA%2fsHYHLWsi2xwKFVjpw%3d%3d

http

1.1kB
2.1kB
6
6

HTTP Request

HEAD http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/27c205c0-4d23-4061-a4dc-efff6a98e2e1?P1=1666216863&P2=404&P3=2&P4=YFPZQfR%2bl0bRS06CY4bEkPHhd2uWC8szhya8eW6pte%2bxPKn1pSM2UHL4otmi0mPgaW%2fA%2fsHYHLWsi2xwKFVjpw%3d%3d

HTTP Response

200

HTTP Request

GET http://msedge.b.tlu.dl.delivery.mp.microsoft.com/filestreamingservice/files/27c205c0-4d23-4061-a4dc-efff6a98e2e1?P1=1666216863&P2=404&P3=2&P4=YFPZQfR%2bl0bRS06CY4bEkPHhd2uWC8szhya8eW6pte%2bxPKn1pSM2UHL4otmi0mPgaW%2fA%2fsHYHLWsi2xwKFVjpw%3d%3d

HTTP Response

206
52.46.151.131:443

s.amazon-adsystem.com

tls

3.7kB
8.1kB
11
13

8.8.8.8:53

nav.smartscreen.microsoft.com

dns

msedge.exe

75 B
198 B
1
1

DNS Request

nav.smartscreen.microsoft.com

DNS Response

20.86.249.62
8.8.8.8:53

smartscreen-prod.microsoft.com

dns

msedge.exe

76 B
201 B
1
1

DNS Request

smartscreen-prod.microsoft.com

DNS Response

20.82.250.189
8.8.8.8:53

we.tl

dns

msedge.exe

51 B
115 B
1
1

DNS Request

we.tl

DNS Response

13.227.219.61

13.227.219.6

13.227.219.91

13.227.219.126
8.8.8.8:53

wetransfer.com

dns

msedge.exe

60 B
156 B
1
1

DNS Request

wetransfer.com

DNS Response

54.76.5.250

52.19.192.62

52.215.133.188

52.30.76.28

34.246.36.98

52.211.90.36
8.8.8.8:53

prod-cdn.wetransfer.net

dns

msedge.exe

69 B
133 B
1
1

DNS Request

prod-cdn.wetransfer.net

DNS Response

52.222.139.73

52.222.139.28

52.222.139.48

52.222.139.123
8.8.8.8:53

wtplus.wetransfer.com

dns

msedge.exe

67 B
99 B
1
1

DNS Request

wtplus.wetransfer.com

DNS Response

34.240.180.53

34.246.8.173
8.8.8.8:53

backgrounds.wetransfer.net

dns

msedge.exe

72 B
136 B
1
1

DNS Request

backgrounds.wetransfer.net

DNS Response

13.227.219.79

13.227.219.41

13.227.219.80

13.227.219.49
8.8.8.8:53

nolan.wetransfer.net

dns

msedge.exe

66 B
130 B
1
1

DNS Request

nolan.wetransfer.net

DNS Response

13.227.219.37

13.227.219.68

13.227.219.71

13.227.219.19
8.8.8.8:53

e-10220.adzerk.net

dns

msedge.exe

64 B
267 B
1
1

DNS Request

e-10220.adzerk.net

DNS Response

174.129.146.50

54.237.203.202

52.20.162.165

34.198.171.58

3.219.151.166

54.82.184.245

34.199.140.62

34.237.251.116
8.8.8.8:53

assets.wetransfer.net

dns

msedge.exe

67 B
131 B
1
1

DNS Request

assets.wetransfer.net

DNS Response

13.227.219.51

13.227.219.38

13.227.219.17

13.227.219.7
8.8.8.8:53

wetransferbackgrounds-eu.s3.amazonaws.com

dns

msedge.exe

87 B
124 B
1
1

DNS Request

wetransferbackgrounds-eu.s3.amazonaws.com

DNS Response

52.218.104.73
8.8.8.8:53

tag.wetransfer.com

dns

msedge.exe

64 B
128 B
1
1

DNS Request

tag.wetransfer.com

DNS Response

216.239.34.21

216.239.32.21

216.239.38.21

216.239.36.21
8.8.8.8:53

cdnjs.cloudflare.com

dns

msedge.exe

66 B
98 B
1
1

DNS Request

cdnjs.cloudflare.com

DNS Response

104.17.25.14

104.17.24.14
8.8.8.8:53

apps.identrust.com

dns

msedge.exe

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

88.221.25.153

88.221.25.169
8.8.8.8:53

bat.bing.com

dns

msedge.exe

58 B
162 B
1
1

DNS Request

bat.bing.com

DNS Response

204.79.197.200

13.107.21.200
8.8.8.8:53

connect.facebook.net

dns

msedge.exe

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

157.240.247.8
8.8.8.8:53

public.profitwell.com

dns

msedge.exe

67 B
173 B
1
1

DNS Request

public.profitwell.com

DNS Response

52.222.139.90

52.222.139.75

52.222.139.11

52.222.139.63
8.8.8.8:53

12370788.fls.doubleclick.net

dns

msedge.exe

74 B
111 B
1
1

DNS Request

12370788.fls.doubleclick.net

DNS Response

142.250.179.134
8.8.8.8:53

dns.google

dns

msedge.exe

56 B
88 B
1
1

DNS Request

dns.google

DNS Response

8.8.8.8

8.8.4.4
8.8.8.8:443

dns.google

https

msedge.exe

25.6kB
51.5kB
192
219
142.250.179.134:443

12370788.fls.doubleclick.net

https

msedge.exe

4.0kB
7.8kB
8
10
224.0.0.251:5353

msedge.exe

574 B
9
8.8.8.8:443

dns.google

https

msedge.exe

3.2kB
6.7kB
8
8
142.250.179.134:443

12370788.fls.doubleclick.net

https

msedge.exe

4.8kB
7.7kB
23
28
8.8.8.8:53

nav.smartscreen.microsoft.com

dns

msedge.exe

75 B
198 B
1
1

DNS Request

nav.smartscreen.microsoft.com

DNS Response

20.86.249.62
8.8.8.8:53

msedge.b.tlu.dl.delivery.mp.microsoft.com

dns

87 B
181 B
1
1

DNS Request

msedge.b.tlu.dl.delivery.mp.microsoft.com

DNS Response

209.197.3.8
142.251.39.98:443

https

msedge.exe

5.2kB
8.9kB
16
22

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4904-132-0x0000024B56690000-0x0000024B566B2000-memory.dmp

Filesize
136KB

Download
memory/4904-134-0x00007FFDB69A0000-0x00007FFDB7461000-memory.dmp

Filesize
10.8MB

Download
memory/4904-133-0x00007FFDB69A0000-0x00007FFDB7461000-memory.dmp

Filesize
10.8MB

Download

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response