HTTP Headers Analysis for https://msn.cn

Detected Technologies from Headers

See all in URL Inspect 2

Akamai

Kestrel

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=1209600; includeSubDomains; preload

Content-Security-Policy

Basic

block-all-mixed-content; connect-src; default-src; +5 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

sameorigin

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

Performance Headers

Connection

Performance

close

Vary

Performance

Origin

connection: close
vary: Origin

Caching Headers

Cache-Control

Caching

no-store,no-cache

Pragma

Caching

no-cache

cache-control: no-store,no-cache
pragma: no-cache

Content Headers

Content-Length

Content

52699

Content-Type

Content

text/html; charset=utf-8

content-length: 52699
content-type: text/html; charset=utf-8

Server Headers

Server

Kestrel

server: Kestrel

CORS Headers

Access-Control-Allow-Methods

Cors

HEAD,GET,OPTIONS

access-control-allow-methods: HEAD,GET,OPTIONS

Cookies Headers

Set-Cookie

Cookies

set-cookie: _C_ETH=1; domain=.msn.com; path=/; secure; httponly
_C_Auth=
Web-User=%7B%22userId%22%3A%22m-2D2AC8F979166E6D0291DFBE78A76F10%22%2C%22cohorts%22%3A%5B%7B%22name%22%3A%22SuperCold%22%2C%22everSelected%22%3Afalse%2C%22reason%22%3A%22MatchedBySignal%22%7D%5D%2C%22accountType%22%3A%22NA%22%2C%22identityType%22%3A%22Web%22%2C%22settings%22%3Anull%2C%22responseCreationDateTime%22%3A%222026-04-26T14%3A13%3A20.1357922Z%22%2C%22debugId%22%3A%22183690f1-eb4e-4359-835b-e11f04344e93%7C2026-04-26T14%3A13%3A20.1357946Z%7CAuth%7CEUS2-CF%7Caksgen10000000%22%7D; expires=Sun, 03 May 2026 14:13:20 GMT; domain=.msn.com; path=/; secure; samesite=none; httponly
USRLOC=; expires=Wed, 26 Apr 2028 14:13:20 GMT; domain=.msn.com; path=/; secure; samesite=none; httponly
MUID=2D2AC8F979166E6D0291DFBE78A76F10; expires=Fri, 21 May 2027 14:13:20 GMT; domain=.msn.com; path=/; secure; samesite=none
MUIDB=2D2AC8F979166E6D0291DFBE78A76F10; expires=Fri, 21 May 2027 14:13:20 GMT; path=/; httponly
_EDGE_S="F=1&SID=2DC085F948126A0D1EFA92BE49A36BB7"; domain=.msn.com; path=/; httponly
_EDGE_V=1; expires=Fri, 21 May 2027 14:13:20 GMT; domain=.msn.com; path=/; httponly

Other Headers

Akamai-Cache-Status

Other

NotCacheable from child

Akamai-Grn

Other

0.ee18d017.1777212800.c13bc1b6

Akamai-Request-Bc

Other

[a=23.208.24.238,b=3241918902,c=g,n=US_IL_CHICAGO,o=20940],[c=c,n=US_VA_ASHBURN,o=20940],[a=17,c=o]

Akamai-Request-Id

Other

c13bc1b6

Akamai-Server-Ip

Other

23.208.24.238

Date

Other

Sun, 26 Apr 2026 14:13:20 GMT

Nel

Other

Report-To Group network-errors max-age: 1w

success: 0.1% failure: 100.0%

Nel-And-Csp-Report-To

Other

{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}

Server-Timing

Other

clientrtt; dur=77, clienttt; dur=112, origin; dur=23, cdntime; dur=89, wpo;dur=0,1s;dur=0

Timing-Allow-Origin

Other

*

X-Cdn-Ref

Other

c13bc1b6 | 69ee1d8032b34423a54970feb60f93c5|AFD:69ee1d8032b34423a54970feb60f93c5|2026-04-26T14:13:20.128Z | 2026-04-26T14:13:20

X-Ceto-Ref

Other

69ee1d8032b34423a54970feb60f93c5|AFD:69ee1d8032b34423a54970feb60f93c5|2026-04-26T14:13:20.128Z

X-Msedge-Ref

Other

c13bc1b6 | 69ee1d8032b34423a54970feb60f93c5|AFD:69ee1d8032b34423a54970feb60f93c5|2026-04-26T14:13:20.128Z | 2026-04-26T14:13:20

X-Pcs-Ref

Other

TraceId:69ee1d8032b34423a54970feb60f93c5|UtcTimestamp:20260426141320|Tenant:ClusterFleetProdEUS2|RoleInstance:pagecompositionservice-687c66c6bb-th7cb

X-Ua-Compatible

Other

IE=Edge;chrome=1

akamai-cache-status: NotCacheable from child
akamai-grn: 0.ee18d017.1777212800.c13bc1b6
akamai-request-bc: [a=23.208.24.238,b=3241918902,c=g,n=US_IL_CHICAGO,o=20940],[c=c,n=US_VA_ASHBURN,o=20940],[a=17,c=o]
akamai-request-id: c13bc1b6
akamai-server-ip: 23.208.24.238
date: Sun, 26 Apr 2026 14:13:20 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
nel-and-csp-report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://deff.nelreports.net/api/report?cat=msn"}]},{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://deff.nelreports.net/api/report"}]}
server-timing: clientrtt; dur=77, clienttt; dur=112, origin; dur=23, cdntime; dur=89, wpo;dur=0,1s;dur=0
timing-allow-origin: *
x-cdn-ref: c13bc1b6 | 69ee1d8032b34423a54970feb60f93c5|AFD:69ee1d8032b34423a54970feb60f93c5|2026-04-26T14:13:20.128Z | 2026-04-26T14:13:20
x-ceto-ref: 69ee1d8032b34423a54970feb60f93c5|AFD:69ee1d8032b34423a54970feb60f93c5|2026-04-26T14:13:20.128Z
x-msedge-ref: c13bc1b6 | 69ee1d8032b34423a54970feb60f93c5|AFD:69ee1d8032b34423a54970feb60f93c5|2026-04-26T14:13:20.128Z | 2026-04-26T14:13:20
x-pcs-ref: TraceId:69ee1d8032b34423a54970feb60f93c5|UtcTimestamp:20260426141320|Tenant:ClusterFleetProdEUS2|RoleInstance:pagecompositionservice-687c66c6bb-th7cb
x-ua-compatible: IE=Edge;chrome=1

Recommendations

Enable compression (gzip/brotli) to improve performance