urlscan.io logo urlscan.io
SecurityTrails logo

w1.buysub.com Open in urlscan Pro
198.176.166.187  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bestmysteries.com/
Effective URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&l...
Submission: On April 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 17 domains to perform 45 HTTP transactions. The main IP is 198.176.166.187, located in United States and belongs to CDS-GLOBAL-01, US. The main domain is w1.buysub.com. The Cisco Umbrella rank of the primary domain is 620763.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 10th 2023. Valid for: a year.
This is the only time w1.buysub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 40.71.11.178 8075 (MICROSOFT...)
1 7 198.176.166.187 397973 (CDS-GLOBA...)
3 104.18.10.207 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
13 26 2606:4700:440... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 3.163.101.24 16509 (AMAZON-02)
1 142.251.167.155 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 18.244.202.62 16509 (AMAZON-02)
2 172.253.115.156 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 63.148.46.76 53316 (ASN-CHEET...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 172.253.62.106 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
45 18
1    40.71.11.178 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bestmysteries.com
7    198.176.166.187 (United States)

ASN397973 (CDS-GLOBAL-01, US)
PTR: w1.buysub.com
w1.buysub.com
3    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
26    2606:4700:4400::6812:219a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn1.tmbi.com
images.tmbi.com
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    3.163.101.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-163-101-24.atl58.r.cloudfront.net
sb.scorecardresearch.com
1    142.251.167.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f155.1e100.net
www.googleadservices.com
2    2607:f8b0:4004:c19::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.244.202.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-202-62.atl58.r.cloudfront.net
js.acq.io
2    172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
googleads.g.doubleclick.net
3    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    63.148.46.76 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: sts.eccmp.com
sts.eccmp.com
1    2607:f8b0:4004:c07::64 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    172.253.62.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f106.1e100.net
www.google.com
1    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
26 tmbi.com
cdn1.tmbi.com — Cisco Umbrella Rank: 248644
images.tmbi.com — Cisco Umbrella Rank: 78098
2 MB
7 buysub.com
w1.buysub.com — Cisco Umbrella Rank: 620763
307 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 623
14 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1847
104 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 5
128 B
2 eccmp.com
sts.eccmp.com — Cisco Umbrella Rank: 32000
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 248
70 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 69
3 KB
2 gstatic.com
fonts.gstatic.com
90 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
159 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 264
6 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 116
ajax.googleapis.com — Cisco Umbrella Rank: 746
35 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
275 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 99
21 KB
1 acq.io
js.acq.io — Cisco Umbrella Rank: 237115
7 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 163
19 KB
1 bestmysteries.com
bestmysteries.com
233 B
45 17
Domain Requested by
13 images.tmbi.com w1.buysub.com
13 cdn1.tmbi.com 13 redirects w1.buysub.com
7 w1.buysub.com 1 redirects w1.buysub.com
3 bat.bing.com w1.buysub.com
bat.bing.com
3 maxcdn.bootstrapcdn.com w1.buysub.com
maxcdn.bootstrapcdn.com
2 www.google.com w1.buysub.com
2 sts.eccmp.com w1.buysub.com
sts.eccmp.com
2 connect.facebook.net w1.buysub.com
connect.facebook.net
2 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com w1.buysub.com
2 sb.scorecardresearch.com 1 redirects w1.buysub.com
1 www.facebook.com w1.buysub.com
1 www.google-analytics.com www.googletagmanager.com
1 js.acq.io w1.buysub.com
1 www.googleadservices.com w1.buysub.com
1 ajax.googleapis.com w1.buysub.com
1 fonts.googleapis.com w1.buysub.com
1 bestmysteries.com 1 redirects
45 19

This site contains links to these domains. Also see Links.

Domain
www.rd.com
www.trustedmediabrands.com
book-services.com
Subject Issuer Validity Valid
*.buysub.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-10 -
2024-08-09		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.acq.io
Amazon RSA 2048 M03		 2023-12-29 -
2025-01-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2024-04-10 -
2024-06-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-19 -
2024-04-18		 3 months crt.sh
*.eccmp.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-24 -
2024-06-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Frame ID: 999855314743ACA728419E18CFF8B96D
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Reader's Digest Mystery Book

Page URL History Show full URLs

  1. https://bestmysteries.com/ HTTP 301
    https://w1.buysub.com/servlet/ConvertibleGateway?cds_mag_code=RDB&cds_page_id=244981&cds_response_... HTTP 302
    https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RD... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

67 %
HTTPS

50 %
IPv6

17
Domains

19
Subdomains

18
IPs

2
Countries

2408 kB
Transfer

3255 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bestmysteries.com/ HTTP 301
    https://w1.buysub.com/servlet/ConvertibleGateway?cds_mag_code=RDB&cds_page_id=244981&cds_response_key=BMSY7D11Z1 HTTP 302
    https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://cdn1.tmbi.com/Digital/WebAssets/logo-headers/RD_Logo_H_White.png HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/logo-headers/rd_logo_h_white.png
Request Chain 6
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/icon1v3.png HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon1v3.png
Request Chain 7
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/icon2v3.png HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon2v3.png
Request Chain 8
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/icon3v3.png HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon3v3.png
Request Chain 9
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/divider-bgv2.png HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/divider-bgv2.png
Request Chain 10
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/book-covers.gif HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/book-covers.gif
Request Chain 13
  • https://cdn1.tmbi.com/Digital/WebAssets/form-assets/visa.svg HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/visa.svg
Request Chain 14
  • https://cdn1.tmbi.com/Digital/WebAssets/form-assets/mastercard.svg HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/mastercard.svg
Request Chain 15
  • https://cdn1.tmbi.com/Digital/WebAssets/form-assets/amex.svg HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/amex.svg
Request Chain 16
  • https://cdn1.tmbi.com/Digital/WebAssets/form-assets/discover.svg HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/discover.svg
Request Chain 18
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/js/typed.js?v2 HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/js/typed.js?v2
Request Chain 20
  • https://sb.scorecardresearch.com/c2/16404798/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/16404798/cs.js
Request Chain 23
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/hero-bg.jpg HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/hero-bg.jpg
Request Chain 24
  • https://cdn1.tmbi.com/Digital/WebAssets/form-assets/security-code-v2.png HTTP 301
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/security-code-v2.png

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request BMOAT-INT-2203-LP_Updated.jsp
w1.buysub.com/pubs/RD/RDB/
Redirect Chain
  • https://bestmysteries.com/
  • https://w1.buysub.com/servlet/ConvertibleGateway?cds_mag_code=RDB&cds_page_id=244981&cds_response_key=BMSY7D11Z1
  • https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
33 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),
Reverse DNS
w1.buysub.com
Software
/
Resource Hash
092bc60739100d4b2a78c26c1dee3cd3ddba2ad42c5bfd78ae5ae4e8f262ab89
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none' ;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode = block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
en-US
Content-Security-Policy
frame-ancestors 'none' ;
Content-Type
text/html;charset=ISO-8859-1
Date
Thu, 11 Apr 2024 01:48:33 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=10, max=68
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
DENY
X-XSS-Protection
1; mode = block
X-content-Type-Options
nosniff

Redirect headers

Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Language
en-US
Content-Length
0
Content-Security-Policy
frame-ancestors 'none' ;
Date
Thu, 11 Apr 2024 01:48:32 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=10, max=69
Location
https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
X-content-Type-Options
nosniff
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
Origin
https://w1.buysub.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
940
age
304132
cdn-cachedat
10/31/2023 19:15:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
0f427c38d7e1bb5215804ba084d63c12
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
872750a7bcb67116-YYZ
cdn-requestpullsuccess
True
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 01:48:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
3644073
cdn-cachedat
10/31/2023 18:48:06
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
9e61a4e37a75208649ae6b63a0cb4f72
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
872750a7bf3036bb-YYZ
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f34fb057bb101500e05a36bd0acbd27316c1fd2621b44a2e1a1b30e743eea6ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 11 Apr 2024 01:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 00:56:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Apr 2024 01:48:33 GMT
validateForm.js
w1.buysub.com/pubs/RD/RDB/images/2015/183490/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.buysub.com/pubs/RD/RDB/images/2015/183490/validateForm.js
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),
Reverse DNS
w1.buysub.com
Software
/
Resource Hash
e22553faf8b175e48d1a901c34a870739f373f6ea45aa5b99cc8a7478e301ebd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Date
Thu, 11 Apr 2024 01:48:33 GMT
X-content-Type-Options
nosniff
Last-Modified
Sun, 22 Mar 2015 18:33:31 GMT
Age
0
X-Frame-Options
SAMEORIGIN
Content-Language
en-US
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=87
Content-Length
14625
X-XSS-Protection
1; mode=block
jquery-latest.js
w1.buysub.com/pubs/RD/RDB/images/2015/183490/ 		271 KB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.buysub.com/pubs/RD/RDB/images/2015/183490/jquery-latest.js
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),
Reverse DNS
w1.buysub.com
Software
/
Resource Hash
d8e27d0ea03d78aebdf228d4dc8013fc0c4ba8f5893718b7790e59f203711767
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Date
Thu, 11 Apr 2024 01:48:33 GMT
X-content-Type-Options
nosniff
Last-Modified
Sun, 22 Mar 2015 18:33:31 GMT
Age
0
X-Frame-Options
SAMEORIGIN
Content-Language
en-US
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=83
Content-Length
277976
X-XSS-Protection
1; mode=block
rd_logo_h_white.png
images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/logo-headers/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/WebAssets/logo-headers/RD_Logo_H_White.png
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/logo-headers/rd_logo_h_white.png
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/logo-headers/rd_logo_h_white.png
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea8001433aaec17beb85b0886e6560eff75d0bcd0a25542a47cc31541536c60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=10761
x-vc-enabled
true
x-vc-ttl
5256000
content-disposition
inline; filename="rd_logo_h_white.webp"
content-length
7124
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Apr 2024 13:00:22 GMT
server
cloudflare
vary
Accept
content-type
image/webp
x-cloud-trace-context
26b422ad850e45b7dde5da9c13f0fc03
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
872750a8383a4bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/logo-headers/rd_logo_h_white.png
date
Thu, 11 Apr 2024 01:48:33 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750a7d8254bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:33 GMT
icon1v3.png
images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/icon1v3.png
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon1v3.png
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon1v3.png
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4911dfcad2e7da419d77db192ad560fee5a2264e6de59a9046910c7115af8e0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=22924
x-vc-enabled
true
x-vc-ttl
5256000
content-disposition
inline; filename="icon1v3.webp"
content-length
20082
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Apr 2024 19:54:24 GMT
server
cloudflare
vary
Accept
content-type
image/webp
x-cloud-trace-context
8065eee41024d589b448018a01f3f92f
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
872750a838394bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon1v3.png
date
Thu, 11 Apr 2024 01:48:33 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750a7d8244bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:33 GMT
icon2v3.png
images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/icon2v3.png
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon2v3.png
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon2v3.png
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61164e9bd79bfcbf892c4ba156fa9858ab3c0da4584e0d5ff9de708af5879cf6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=23262
x-vc-enabled
true
x-vc-ttl
5256000
content-disposition
inline; filename="icon2v3.webp"
content-length
20668
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Apr 2024 19:54:24 GMT
server
cloudflare
vary
Accept
content-type
image/webp
x-cloud-trace-context
113535f18a3bc176b38f81dc976697c2
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
872750a8f87c4bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon2v3.png
date
Thu, 11 Apr 2024 01:48:34 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750a8b86a4bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:34 GMT
icon3v3.png
images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/icon3v3.png
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon3v3.png
20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon3v3.png
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f74eb84c0ae672551ab49165e63bc10aa64b30234d3eac07a731483d7cc0ed6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=23382
x-vc-enabled
true
x-vc-ttl
5256000
content-disposition
inline; filename="icon3v3.webp"
content-length
20698
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Apr 2024 18:44:05 GMT
server
cloudflare
vary
Accept
content-type
image/webp
x-cloud-trace-context
dcfd7b1b1aab0fe583c4e2d0194579b6
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
872750a8f87e4bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/icon3v3.png
date
Thu, 11 Apr 2024 01:48:34 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750a8b86c4bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:34 GMT
divider-bgv2.png
images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/divider-bgv2.png
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/divider-bgv2.png
116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/divider-bgv2.png
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe25604f6e7869eadd4d90a186d19a59bb038f6ca6dddbc102402a4c72db714d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=133663
x-vc-enabled
true
x-vc-ttl
5256000
content-disposition
inline; filename="divider-bgv2.webp"
content-length
118418
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Apr 2024 18:44:06 GMT
server
cloudflare
vary
Accept
content-type
image/webp
x-cloud-trace-context
3e5c3ef95dc00987a5b22f3cae0d6b3b
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
872750a9c9674bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/divider-bgv2.png
date
Thu, 11 Apr 2024 01:48:34 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750a979264bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:34 GMT
book-covers.gif
images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/book-covers.gif
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/book-covers.gif
424 KB
424 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/book-covers.gif
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0831f8191affc5615a906284f6f606307a4ce76dd8442b83706ccea725b1f552

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
cf-cache-status
HIT
cf-polished
origFmt=gif, origSize=638740
x-vc-enabled
true
x-vc-ttl
5256000
content-disposition
inline; filename="book-covers.webp"
content-length
433730
cf-bgj
imgq:85,h2pri
last-modified
Wed, 30 Jun 2021 21:38:02 GMT
server
cloudflare
etag
"60dce43a-9bf14"
vary
Accept
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
872750abca1d4bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/book-covers.gif
date
Thu, 11 Apr 2024 01:48:34 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750ab69fd4bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:34 GMT
landing.css
w1.buysub.com/pubs/RD/RDB/images/2014/templates/ 		1002 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://w1.buysub.com/pubs/RD/RDB/images/2014/templates/landing.css
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),
Reverse DNS
w1.buysub.com
Software
/
Resource Hash
8c19b67b3e5bc126a0789ee6d36978783183766325a21fa22a1ae055c6e6d885
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Date
Thu, 11 Apr 2024 01:48:34 GMT
X-content-Type-Options
nosniff
Last-Modified
Tue, 09 Sep 2014 12:41:41 GMT
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Language
en-US
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=95
Content-Length
1002
X-XSS-Protection
1; mode=block
landing-2.js
w1.buysub.com/pubs/RD/RDB/images/2014/templates/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w1.buysub.com/pubs/RD/RDB/images/2014/templates/landing-2.js
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),
Reverse DNS
w1.buysub.com
Software
/
Resource Hash
e470c0237e8f58ec800a6ac891bbe37a66b9979f894caf1a9526ec7691cb82fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Date
Thu, 11 Apr 2024 01:48:34 GMT
X-content-Type-Options
nosniff
Last-Modified
Tue, 09 Sep 2014 12:41:41 GMT
Age
0
X-Frame-Options
SAMEORIGIN
Content-Language
en-US
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
3147
X-XSS-Protection
1; mode=block
visa.svg
images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/WebAssets/form-assets/visa.svg
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/visa.svg
2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/visa.svg
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce11dfd8058f3b15799c87709a3dea0c9ed5e61f69dbcfedb453c91bc1cdf662

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 21:50:51 GMT
server
cloudflare
age
51584
etag
W/"60dce73b-606"
x-vc-enabled
true
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=315360000
x-vc-ttl
5256000
cf-ray
872750abca1e4bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/visa.svg
date
Thu, 11 Apr 2024 01:48:34 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750ab69fe4bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:34 GMT
mastercard.svg
images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/WebAssets/form-assets/mastercard.svg
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/mastercard.svg
10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/mastercard.svg
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b3575882921b9234e47fb4d04e99cb05c4aab67a4f4f32cf06241d78b756dc4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 21:50:52 GMT
server
cloudflare
age
51584
etag
W/"60dce73c-26eb"
x-vc-enabled
true
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=315360000
x-vc-ttl
5256000
cf-ray
872750abca234bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/mastercard.svg
date
Thu, 11 Apr 2024 01:48:34 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750ab69ff4bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:34 GMT
amex.svg
images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/WebAssets/form-assets/amex.svg
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/amex.svg
5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/amex.svg
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a783d6122d80aa409cc048535113cb4d7e7d7533d4b093f8d932e5d1cc7b76

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 21:50:52 GMT
server
cloudflare
age
51584
etag
W/"60dce73c-13a9"
x-vc-enabled
true
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=315360000
x-vc-ttl
5256000
cf-ray
872750abca204bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/amex.svg
date
Thu, 11 Apr 2024 01:48:34 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750ab6a004bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:34 GMT
discover.svg
images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/WebAssets/form-assets/discover.svg
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/discover.svg
2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/discover.svg
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c51c2b93b35766af6d426d2045cd059880f5655821845a7a839be43a0eb7ce6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 21:50:52 GMT
server
cloudflare
age
51584
etag
W/"60dce73c-8fa"
x-vc-enabled
true
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=315360000
x-vc-ttl
5256000
cf-ray
872750abca1f4bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/discover.svg
date
Thu, 11 Apr 2024 01:48:34 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750ab7a014bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:34 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 05:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
590203
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Apr 2025 05:51:51 GMT
typed.js
images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/js/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/js/typed.js?v2
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/js/typed.js?v2
4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/js/typed.js?v2
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce0af4b48f08648dfdbfdfb1316217679138a84d0c13e3f9f518ad543138cfd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 21:38:01 GMT
cf-bgj
minify
server
cloudflare
etag
W/"60dce439-e3a"
x-vc-enabled
true
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=315360000
x-vc-ttl
5256000
cf-ray
872750aae9cf4bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/js/typed.js?v2
date
Thu, 11 Apr 2024 01:48:34 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750aab9bc4bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:34 GMT
analytics.js
cdn1.tmbi.com/js/ 		0
0
cs.js
sb.scorecardresearch.com/internal-c2/16404798/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/16404798/cs.js
  • https://sb.scorecardresearch.com/internal-c2/16404798/cs.js
15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/16404798/cs.js
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
3.163.101.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-163-101-24.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3488e64ce2ef1b34a20fb0dada520a32a172db9328c9732065316656a4badb8d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 10 Apr 2024 12:02:03 GMT
content-encoding
gzip
via
1.1 c6f6c57f586160c066aec43e178337fe.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:35 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P8
age
49592
etag
W/"98915e4f63a37ee50e41bac80ee9105d"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
2eHaVERihVboEG_JSTMQxkQBKq6V9kHrMt566IrFVqgT5VCO-2cB6w==

Redirect headers

date
Thu, 11 Apr 2024 01:48:34 GMT
via
1.1 c6f6c57f586160c066aec43e178337fe.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ATL58-P8
x-cache
Miss from cloudfront
location
/internal-c2/16404798/cs.js
content-length
0
x-amz-cf-id
FoDSbyqDp92WR54Y-Ag8HS-4KYh_hwLk7-NnaMtNXS4s_lOFOklXmA==
conversion.js
www.googleadservices.com/pagead/ 		53 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.167.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f155.1e100.net
Software
cafe /
Resource Hash
8b3a9c29f8e17d2dca9e9e2768eb32a07037fb62e5499938091d95f00a5fd5e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19937
x-xss-protection
0
server
cafe
etag
5965681564062283534
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 11 Apr 2024 01:48:34 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11250256888
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1c4f66620f68a8a95ba3abe7908667133f4bb436e910459827c91377ede81b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86422
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Apr 2024 01:48:34 GMT
hero-bg.jpg
images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/2017/BMOAT-INT-1710-LP/hero-bg.jpg
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/hero-bg.jpg
940 KB
941 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/hero-bg.jpg
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa3261f8d67d966c8d74622c775a358348a093cdfdd577e519895ecdbcc6962

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=1184257
x-vc-enabled
true
x-vc-ttl
5256000
content-disposition
inline; filename="hero-bg.webp"
content-length
962228
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Apr 2024 18:44:06 GMT
server
cloudflare
vary
Accept
content-type
image/webp
x-cloud-trace-context
343eeb4bd5f4f5bf64f9939bc6c3e2ea
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
872750abca214bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/2017/bmoat-int-1710-lp/hero-bg.jpg
date
Thu, 11 Apr 2024 01:48:34 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750ab7a024bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:34 GMT
security-code-v2.png
images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/
Redirect Chain
  • https://cdn1.tmbi.com/Digital/WebAssets/form-assets/security-code-v2.png
  • https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/security-code-v2.png
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/security-code-v2.png
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Server
2606:4700:4400::6812:219a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
346f6cf0dd4bb47f117c558875c4f3016c4a5504038518042a81aa8682fb9555

Request headers

accept-language
en-US,en;q=0.9
Referer
https://w1.buysub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=9853
x-vc-enabled
true
x-vc-ttl
5256000
content-disposition
inline; filename="security-code-v2.webp"
content-length
7106
cf-bgj
imgq:85,h2pri
last-modified
Wed, 10 Apr 2024 22:32:20 GMT
server
cloudflare
vary
Accept
content-type
image/webp
x-cloud-trace-context
c7d67676c8642d7542f7c63505dfecc0
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
872750abca224bbb-BUF
expires
Sun, 09 Apr 2034 01:48:34 GMT

Redirect headers

location
https://images.tmbi.com/wp-content/uploads/wwwroot/digital/webassets/form-assets/security-code-v2.png
date
Thu, 11 Apr 2024 01:48:34 GMT
cache-control
max-age=3600
server
cloudflare
cf-ray
872750ab7a034bbb-BUF
vary
Accept-Encoding
expires
Thu, 11 Apr 2024 02:48:34 GMT
ga6faw1J5X9T9RW6j9bNfFIMZhhWnFTyNZIQD1-_P3_ctw.woff2
fonts.gstatic.com/s/notoserif/v23/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v23/ga6faw1J5X9T9RW6j9bNfFIMZhhWnFTyNZIQD1-_P3_ctw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
beeb07fb8c29efbc5a8a805f860a8550e56d5eab9e6883f58db91581be08214b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://w1.buysub.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 07:43:50 GMT
x-content-type-options
nosniff
age
65084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48428
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 00:57:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Apr 2025 07:43:50 GMT
ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Serif:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://w1.buysub.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 06:28:22 GMT
x-content-type-options
nosniff
age
156012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43212
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 00:59:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Apr 2025 06:28:22 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://w1.buysub.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 01:48:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1029
age
526821
cdn-cachedat
10/31/2023 19:21:45
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c5ddfb50a77843caddc2b1461efc00bd
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
872750ab7acf7116-YYZ
cdn-requestpullsuccess
True
ATRK_2DF0B21A_min.js
js.acq.io/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.acq.io/ATRK_2DF0B21A_min.js
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.202.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-202-62.atl58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52ff3933ee68fa840a657f335f173539d5b8ed92bd1db2d9d9919e931dd8340c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 10 Apr 2024 21:10:41 GMT
content-encoding
gzip
via
1.1 fec9907eafdab85a382cff2ca4b8a836.cloudfront.net (CloudFront)
last-modified
Thu, 28 Jan 2021 18:59:33 GMT
server
AmazonS3
x-amz-cf-pop
ATL58-P4
age
16674
etag
W/"bcfefda39bbff5fc3c396a7d195aef63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
x-amz-cf-id
Mhwa7FI2WgSMTf1_9J2ey8LgO3O1YIrWaPEU04hzOOJWYZAuwWtxuA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1016027490/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1016027490/?random=1712800115288&cv=9&fst=1712800115288&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247838&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fw1.buysub.com%2Fpubs%2FRD%2FRDB%2FBMOAT-INT-2203-LP_Updated.jsp%3Fcds_page_id%3D244981%26cds_mag_code%3DRDB%26id%3D1712800112831%26lsid%3D41012048328041084%26vid%3D1%26cds_response_key%3DBMSY7D11Z1&tiba=Reader%27s%20Digest%20Mystery%20Book&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
2ba4ba7236643c6ed208e1f156433ddce1ff5236a367b5b2140dc4ab0ba1cda1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 11 Apr 2024 01:48:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1436
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
335750c5de24e485b630b91393e74f41356a4f036496995742eebabc97a47165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 11 Apr 2024 01:48:34 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 59DDF48697C04E7191783B36ED7E3316 Ref B: NYCEDGE1715 Ref C: 2024-04-11T01:48:35Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 11 Apr 2024 01:48:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=12, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
wTZC6kJAU2yIaSjdss9eAhPBXZeu/oqiBr+ccAPNSF9DzB5nKsSj63BLMg7qEtsz2bnJZsJUefQEg5w5/KSwjQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KNHD368
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
66085cbc70433578c13cc7b2007c1207704eb29b2365c3a12412f342d5656636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 11 Apr 2024 01:48:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75954
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Apr 2024 01:48:35 GMT
conversen-SDK.js
sts.eccmp.com/sts/scripts/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
sts.eccmp.com
Software
/
Resource Hash
b0a58fb8c12ffbb8b641ae4316da491e42969f9fe904a0dc35f1203cbb76a444

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 01:48:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Mar 2024 19:05:24 GMT
Server
Age
2755
ETag
"032e9928b71da1:0"
X-Powered-By
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
7009
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11250256888/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11250256888/?random=1712800115325&cv=11&fst=1712800115325&bg=ffffff&guid=ON&async=1&gtm=45be4480v9178285843za200&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fw1.buysub.com%2Fpubs%2FRD%2FRDB%2FBMOAT-INT-2203-LP_Updated.jsp%3Fcds_page_id%3D244981%26cds_mag_code%3DRDB%26id%3D1712800112831%26lsid%3D41012048328041084%26vid%3D1%26cds_response_key%3DBMSY7D11Z1&hn=www.googleadservices.com&frm=0&tiba=Reader%27s%20Digest%20Mystery%20Book&npa=0&pscdl=noapi&auid=399415464.1712800115&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11250256888
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f156.1e100.net
Software
cafe /
Resource Hash
0e05087b08ac0c4befd37f741dc9ac6a19fb796a34f05a158f2a98641c6d4667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 11 Apr 2024 01:48:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1402
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNHD368
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 11 Apr 2024 00:48:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3608
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 11 Apr 2024 02:48:27 GMT
5221199.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5221199.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 11 Apr 2024 01:48:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2A862235B0AD41C7951CEF4885532EBF Ref B: NYCEDGE1715 Ref C: 2024-04-11T01:48:35Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5221199&Ver=2&mid=93203294-a520-4afe-94ea-ffe5bc5d41d9&sid=9c0412e0f7a511ee81c3413f7e521605&vid=9c047730f7a511eea1c369f96cd7a166&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=800&sh=600&sc=24&tl=Reader%27s%20Digest%20Mystery%20Book&p=https%3A%2F%2Fw1.buysub.com%2Fpubs%2FRD%2FRDB%2FBMOAT-INT-2203-LP_Updated.jsp%3Fcds_page_id%3D244981%26cds_mag_code%3DRDB%26id%3D1712800112831%26lsid%3D41012048328041084%26vid%3D1%26cds_response_key%3DBMSY7D11Z1&r=&lt=3151&evt=pageLoad&sv=1&rn=362237
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 11 Apr 2024 01:48:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E5EB77CE49224945B7EF1BB790E802F7 Ref B: NYCEDGE1715 Ref C: 2024-04-11T01:48:35Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
795
sts.eccmp.com/wts/WebEvent/GetCookieExpiry/ 		35 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sts.eccmp.com/wts/WebEvent/GetCookieExpiry/795
Requested by
Host: sts.eccmp.com
URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
sts.eccmp.com
Software
/
Resource Hash
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 11 Apr 2024 01:48:34 GMT
X-AspNetMvc-Version
3.0
Server
X-Powered-By
Vary
Accept-Encoding
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
35
/
www.google.com/pagead/1p-user-list/1016027490/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1016027490/?random=1712800115288&cv=9&fst=1712797200000&num=1&guid=ON&eid=375603260%2C466465926%2C512247838&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=5&u_nmime=2&sendb=1&frm=0&url=https%3A%2F%2Fw1.buysub.com%2Fpubs%2FRD%2FRDB%2FBMOAT-INT-2203-LP_Updated.jsp%3Fcds_page_id%3D244981%26cds_mag_code%3DRDB%26id%3D1712800112831%26lsid%3D41012048328041084%26vid%3D1%26cds_response_key%3DBMSY7D11Z1&tiba=Reader%27s%20Digest%20Mystery%20Book&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqX3H0j8E09rpv9TMt9oRq7YAmhs6fCg&random=1292755229&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 11 Apr 2024 01:48:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
275149521201947
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/275149521201947?v=2.9.153&r=stable&domain=w1.buysub.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e8a55a539b1dd244758c3face59a2d8fe278d03f80dd794b8e59b44f47ec02a8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 11 Apr 2024 01:48:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=35, rtx=0, c=62, mss=1294, tbw=63057, tp=-1, tpl=-1, uplat=51, ullat=0
pragma
public
x-fb-debug
WlRkJoza1Ag/q8HyWuP1YrmGgCHMqB4K1bWROfNTXKohtXrQtB/IVkLgzmU40N+JRJmx3tuF9nu2nyltszy+4g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11250256888/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11250256888/?random=1712800115325&cv=11&fst=1712797200000&bg=ffffff&guid=ON&async=1&gtm=45be4480v9178285843za200&gcd=13l3l3l3l1&dma=0&u_w=800&u_h=600&url=https%3A%2F%2Fw1.buysub.com%2Fpubs%2FRD%2FRDB%2FBMOAT-INT-2203-LP_Updated.jsp%3Fcds_page_id%3D244981%26cds_mag_code%3DRDB%26id%3D1712800112831%26lsid%3D41012048328041084%26vid%3D1%26cds_response_key%3DBMSY7D11Z1&frm=0&tiba=Reader%27s%20Digest%20Mystery%20Book&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqAjXpEE2-bI8XZgXbkcwbRo6-HvLTBA&random=2188127441&rmt_tld=0&ipr=y
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 11 Apr 2024 01:48:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
275 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=275149521201947&ev=PageView&dl=https%3A%2F%2Fw1.buysub.com%2Fpubs%2FRD%2FRDB%2FBMOAT-INT-2203-LP_Updated.jsp%3Fcds_page_id%3D244981%26cds_mag_code%3DRDB%26id%3D1712800112831%26lsid%3D41012048328041084%26vid%3D1%26cds_response_key%3DBMSY7D11Z1&rl=&if=false&ts=1712800115619&sw=800&sh=600&v=2.9.153&r=stable&ec=0&o=4126&fbp=fb.1.1712800115618.1176455064&ler=empty&cdl=API_unavailable&it=1712800115514&coo=false&rqm=GET
Requested by
Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1294, tbw=2765, tp=-1, tpl=-1, uplat=1, ullat=-1
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 11 Apr 2024 01:48:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
w1.buysub.com/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://w1.buysub.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),
Reverse DNS
w1.buysub.com
Software
/
Resource Hash
a1209e45fb6963acddb6af59cc324a5b6bc6e9b5469d0039cd58a410b1ba84f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Date
Thu, 11 Apr 2024 01:48:35 GMT
X-content-Type-Options
nosniff
Last-Modified
Thu, 28 Mar 2024 00:33:12 GMT
Age
8
X-Frame-Options
SAMEORIGIN
Content-Language
en-US
Content-Type
image/x-icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=10, max=100
Content-Length
1150
X-XSS-Protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn1.tmbi.com
URL
https://cdn1.tmbi.com/js/analytics.js

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| errorList function| ErrorClass object| FieldListManager object| defaultFormFieldValidation object| validationFields function| ValidateForm function| displayAlertMessage function| clearErrors function| disableButtons function| isValidChar function| Trim function| $ function| jQuery function| getUrlParameters string| parameter object| parr object| dataLayer function| udm_ function| ns_order object| ns_ string| ATRK_CLIENT_ID string| ATRK_PROTOCOL function| ATRK function| HttpClient object| ATRKtracker string| callbackUrl object| google_conversion_id object| google_custom_params object| google_remarketing_only object| google_tag_data function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| uetq function| fbq function| _fbq function| gtag function| cnvAsyncInit object| google_tag_manager object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| UET function| UET_init function| UET_push object| ueto_56d30bf100 object| Cnv object| stack object| data object| gaplugins object| gaGlobal object| gaData

15 Cookies

Domain/Path Name / Value
w1.buysub.com/ Name: JSESSIONID
Value: 0000jqznqx9-tGuiKuSXzJXJLXo:1dgnqdik0
.w1.buysub.com/ Name: TS011e85fb
Value: 01e3817c780085ba04ce4aa0a992768bc75100be279661e518ab23969133b3311b763050f3daadd6e3274c385556102d0005d4a09f
.buysub.com/ Name: ATRK_a
Value: ed7edfaa08544facac9d615cd9219ba1.1
.buysub.com/ Name: ATRK_t
Value: 1
.buysub.com/ Name: ATRK_y
Value: 1
.buysub.com/ Name: _gcl_au
Value: 1.1.399415464.1712800115
.buysub.com/ Name: _uetsid
Value: 9c0412e0f7a511ee81c3413f7e521605
.buysub.com/ Name: _uetvid
Value: 9c047730f7a511eea1c369f96cd7a166
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bing.com/ Name: MUID
Value: 22A3DF23BCA4659622BFCB7DBD2B64D7
.bat.bing.com/ Name: MR
Value: 0
.buysub.com/ Name: _ga
Value: GA1.2.109045221.1712800116
.buysub.com/ Name: _gid
Value: GA1.2.1083984185.1712800116
.buysub.com/ Name: _fbp
Value: fb.1.1712800115618.1176455064
.buysub.com/ Name: xyz_cr_795_et_100
Value: =&cr=795&wegc=&et=100&ap=

7 Console Messages

Source Level URL
Text
javascript warning URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1(Line 409)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.acq.io/ATRK_2DF0B21A_min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1(Line 409)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.acq.io/ATRK_2DF0B21A_min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://w1.buysub.com/pubs/RD/RDB/BMOAT-INT-2203-LP_Updated.jsp?cds_page_id=244981&cds_mag_code=RDB&id=1712800112831&lsid=41012048328041084&vid=1&cds_response_key=BMSY7D11Z1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/275149521201947?v=2.9.153&r=stable&domain=w1.buysub.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none' ;
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode = block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bat.bing.com
bestmysteries.com
cdn1.tmbi.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.tmbi.com
js.acq.io
maxcdn.bootstrapcdn.com
sb.scorecardresearch.com
sts.eccmp.com
w1.buysub.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
cdn1.tmbi.com
104.18.10.207
142.251.167.155
172.253.115.156
172.253.62.106
18.244.202.62
198.176.166.187
2606:4700:4400::6812:219a
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c07::64
2607:f8b0:4004:c19::5f
2607:f8b0:4004:c19::61
2620:1ec:c11::237
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.163.101.24
40.71.11.178
63.148.46.76
0831f8191affc5615a906284f6f606307a4ce76dd8442b83706ccea725b1f552
092bc60739100d4b2a78c26c1dee3cd3ddba2ad42c5bfd78ae5ae4e8f262ab89
0e05087b08ac0c4befd37f741dc9ac6a19fb796a34f05a158f2a98641c6d4667
1c4f66620f68a8a95ba3abe7908667133f4bb436e910459827c91377ede81b73
1ce0af4b48f08648dfdbfdfb1316217679138a84d0c13e3f9f518ad543138cfd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ba4ba7236643c6ed208e1f156433ddce1ff5236a367b5b2140dc4ab0ba1cda1
2f74eb84c0ae672551ab49165e63bc10aa64b30234d3eac07a731483d7cc0ed6
2fa3261f8d67d966c8d74622c775a358348a093cdfdd577e519895ecdbcc6962
335750c5de24e485b630b91393e74f41356a4f036496995742eebabc97a47165
346f6cf0dd4bb47f117c558875c4f3016c4a5504038518042a81aa8682fb9555
3488e64ce2ef1b34a20fb0dada520a32a172db9328c9732065316656a4badb8d
4911dfcad2e7da419d77db192ad560fee5a2264e6de59a9046910c7115af8e0f
52ff3933ee68fa840a657f335f173539d5b8ed92bd1db2d9d9919e931dd8340c
61164e9bd79bfcbf892c4ba156fa9858ab3c0da4584e0d5ff9de708af5879cf6
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae
66085cbc70433578c13cc7b2007c1207704eb29b2365c3a12412f342d5656636
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b3575882921b9234e47fb4d04e99cb05c4aab67a4f4f32cf06241d78b756dc4
7c51c2b93b35766af6d426d2045cd059880f5655821845a7a839be43a0eb7ce6
8b3a9c29f8e17d2dca9e9e2768eb32a07037fb62e5499938091d95f00a5fd5e8
8c19b67b3e5bc126a0789ee6d36978783183766325a21fa22a1ae055c6e6d885
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
9ea8001433aaec17beb85b0886e6560eff75d0bcd0a25542a47cc31541536c60
a1209e45fb6963acddb6af59cc324a5b6bc6e9b5469d0039cd58a410b1ba84f0
b0a58fb8c12ffbb8b641ae4316da491e42969f9fe904a0dc35f1203cbb76a444
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
beeb07fb8c29efbc5a8a805f860a8550e56d5eab9e6883f58db91581be08214b
c8a783d6122d80aa409cc048535113cb4d7e7d7533d4b093f8d932e5d1cc7b76
ce11dfd8058f3b15799c87709a3dea0c9ed5e61f69dbcfedb453c91bc1cdf662
d8e27d0ea03d78aebdf228d4dc8013fc0c4ba8f5893718b7790e59f203711767
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e22553faf8b175e48d1a901c34a870739f373f6ea45aa5b99cc8a7478e301ebd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e470c0237e8f58ec800a6ac891bbe37a66b9979f894caf1a9526ec7691cb82fd
e8a55a539b1dd244758c3face59a2d8fe278d03f80dd794b8e59b44f47ec02a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34fb057bb101500e05a36bd0acbd27316c1fd2621b44a2e1a1b30e743eea6ca
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fe25604f6e7869eadd4d90a186d19a59bb038f6ca6dddbc102402a4c72db714d