HTTP Headers Analysis for https://bat.bing-int.com

Detected Technologies from Headers

See all in URL Inspect 2

Akamai Active incidents

Kestrel

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=1209600; includeSubDomains; preload

Content-Security-Policy

Basic

block-all-mixed-content; connect-src; default-src; +5 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

sameorigin

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Vary

Performance

Origin

connection: close
vary: Origin

Caching Headers

Cache-Control

Caching

no-store,no-cache

Pragma

Caching

no-cache

cache-control: no-store,no-cache
pragma: no-cache

Content Headers

Content-Length

Content

52848

Content-Type

Content

text/html; charset=utf-8

content-length: 52848
content-type: text/html; charset=utf-8

Server Headers

Server

Kestrel

server: Kestrel

CORS Headers

Access-Control-Allow-Methods

Cors

HEAD,GET,OPTIONS

access-control-allow-methods: HEAD,GET,OPTIONS

Cookies Headers

Set-Cookie

Cookies

set-cookie: _C_ETH=1; domain=.msn.com; path=/; secure; httponly
_C_Auth=
Web-User=%7B%22userId%22%3A%22m-1BDB6A517B2A602B27AE7D637A9A61A6%22%2C%22cohorts%22%3A%5B%7B%22name%22%3A%22SuperCold%22%2C%22everSelected%22%3Afalse%2C%22optOut%22%3A%22%22%2C%22reason%22%3A%22MatchedBySignal%22%7D%5D%2C%22accountType%22%3A%22NA%22%2C%22identityType%22%3A%22Web%22%2C%22responseCreationDateTime%22%3A%222026-04-05T17%3A29%3A15.6161214Z%22%2C%22debugId%22%3A%22c0c0591a-011f-4179-938c-18190474b190%7C2026-04-05T17%3A29%3A15.6161239Z%7CAuth%7CEUS2-CF%7Caksgen03000008%22%7D; expires=Sun, 12 Apr 2026 17:29:15 GMT; domain=.msn.com; path=/; secure; samesite=none; httponly
sptmarket=en-us%7C%7Cus%7Cen-us%7Cen-us%7Cen%7C%7Creason%3DRevIP%3Aus%7Ccf%3D8%7CRefA%3D69d29beb01ce4aaaa66037fc06528965.RefC%3D2026-04-05T17%3A29%3A15Z; expires=Wed, 05 Apr 2028 17:29:15 GMT; path=/
USRLOC=; expires=Wed, 05 Apr 2028 17:29:15 GMT; domain=.msn.com; path=/; secure; samesite=none; httponly
MUID=1BDB6A517B2A602B27AE7D637A9A61A6; expires=Fri, 30 Apr 2027 17:29:15 GMT; domain=.msn.com; path=/; secure; samesite=none
MUIDB=1BDB6A517B2A602B27AE7D637A9A61A6; expires=Fri, 30 Apr 2027 17:29:15 GMT; path=/; httponly
_EDGE_S="F=1&SID=22E99434776B6D8E2FD4830676DB6C7B"; domain=.msn.com; path=/; httponly
_EDGE_V=1; expires=Fri, 30 Apr 2027 17:29:15 GMT; domain=.msn.com; path=/; httponly

Other Headers

Akamai-Cache-Status

Other

NotCacheable from child

Akamai-Grn

Other

0.cc0c0317.1775410155.1d551c5c

Akamai-Request-Bc

Other

[a=23.3.12.204,b=492117084,c=g,n=US_VA_STERLING,o=20940],[c=c,n=US_VA_ASHBURN,o=20940],[a=116,c=o]

Akamai-Request-Id

Other

1d551c5c

Akamai-Server-Ip

Other

23.3.12.204

Date

Other

Sun, 05 Apr 2026 17:29:15 GMT

Nel

Other

Report-To Group network-errors max-age: 1w

success: 0.1% failure: 100.0%

Nel-And-Csp-Report-To

Other

{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}

Server-Timing

Other

clientrtt; dur=61, clienttt; dur=53, origin; dur=17, cdntime; dur=36, wpo;dur=0,1s;dur=0

Timing-Allow-Origin

Other

*

X-Cdn-Ref

Other

1d551c5c | 69d29beb01ce4aaaa66037fc06528965|AFD:69d29beb01ce4aaaa66037fc06528965|2026-04-05T17:29:15.609Z | 2026-04-05T17:29:15

X-Ceto-Ref

Other

69d29beb01ce4aaaa66037fc06528965|AFD:69d29beb01ce4aaaa66037fc06528965|2026-04-05T17:29:15.609Z

X-Msedge-Ref

Other

1d551c5c | 69d29beb01ce4aaaa66037fc06528965|AFD:69d29beb01ce4aaaa66037fc06528965|2026-04-05T17:29:15.609Z | 2026-04-05T17:29:15

X-Pcs-Ref

Other

TraceId:69d29beb01ce4aaaa66037fc06528965|UtcTimestamp:20260405172915|Tenant:ClusterFleetProdEUS2|RoleInstance:pagecompositionservice-6579b78565-nt24h

X-Ua-Compatible

Other

IE=Edge;chrome=1

akamai-cache-status: NotCacheable from child
akamai-grn: 0.cc0c0317.1775410155.1d551c5c
akamai-request-bc: [a=23.3.12.204,b=492117084,c=g,n=US_VA_STERLING,o=20940],[c=c,n=US_VA_ASHBURN,o=20940],[a=116,c=o]
akamai-request-id: 1d551c5c
akamai-server-ip: 23.3.12.204
date: Sun, 05 Apr 2026 17:29:15 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
nel-and-csp-report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
server-timing: clientrtt; dur=61, clienttt; dur=53, origin; dur=17, cdntime; dur=36, wpo;dur=0,1s;dur=0
timing-allow-origin: *
x-cdn-ref: 1d551c5c | 69d29beb01ce4aaaa66037fc06528965|AFD:69d29beb01ce4aaaa66037fc06528965|2026-04-05T17:29:15.609Z | 2026-04-05T17:29:15
x-ceto-ref: 69d29beb01ce4aaaa66037fc06528965|AFD:69d29beb01ce4aaaa66037fc06528965|2026-04-05T17:29:15.609Z
x-msedge-ref: 1d551c5c | 69d29beb01ce4aaaa66037fc06528965|AFD:69d29beb01ce4aaaa66037fc06528965|2026-04-05T17:29:15.609Z | 2026-04-05T17:29:15
x-pcs-ref: TraceId:69d29beb01ce4aaaa66037fc06528965|UtcTimestamp:20260405172915|Tenant:ClusterFleetProdEUS2|RoleInstance:pagecompositionservice-6579b78565-nt24h
x-ua-compatible: IE=Edge;chrome=1

Recommendations

Enable compression (gzip/brotli) to improve performance