Submitted URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&u...
Effective URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&u...
Submission: On December 12 via manual from IL — Scanned from DE

Summary

This website contacted 39 IPs in 5 countries across 33 domains to perform 90 HTTP transactions. The main IP is 107.154.76.234, located in District Heights, United States and belongs to INCAPSULA, US. The main domain is checkout.times-standard.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 23rd 2022. Valid for: 10 months.
This is the only time checkout.times-standard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 107.154.76.234 19551 (INCAPSULA)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 13.32.105.49 16509 (AMAZON-02)
3 108.138.7.44 16509 (AMAZON-02)
4 2606:2800:233... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 18.66.100.58 16509 (AMAZON-02)
4 2a03:2880:f01... 32934 (FACEBOOK)
7 108.138.17.41 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.89.3 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
1 3 13.32.99.90 16509 (AMAZON-02)
1 2a04:4e42:200... 54113 (FASTLY)
1 52.17.99.225 16509 (AMAZON-02)
1 143.204.215.111 16509 (AMAZON-02)
2 52.4.214.42 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.217.241.65 14618 (AMAZON-AES)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 3.218.4.10 14618 (AMAZON-AES)
2 2606:2800:133... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 5 54.235.69.50 14618 (AMAZON-AES)
1 95.101.111.158 20940 (AKAMAI-ASN1)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 3.33.220.150 16509 (AMAZON-02)
3 3 35.157.140.187 16509 (AMAZON-02)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
2 2 54.75.234.63 16509 (AMAZON-02)
1 2 104.76.200.221 16625 (AKAMAI-AS)
2 2 54.194.225.3 16509 (AMAZON-02)
1 2620:1ec:22::14 8068 (MICROSOFT...)
1 2a04:4e42:600... 54113 (FASTLY)
90 39
Apex Domain
Subdomains
Transfer
17 times-standard.com
checkout.times-standard.com
z216.times-standard.com
sli.times-standard.com
560 KB
10 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 2575
rp.liadm.com — Cisco Umbrella Rank: 1509
rp4.liadm.com — Cisco Umbrella Rank: 6905
i.liadm.com — Cisco Umbrella Rank: 552
i6.liadm.com — Cisco Umbrella Rank: 1900
19 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 28
region1.google-analytics.com — Cisco Umbrella Rank: 3983
21 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
379 KB
5 auth0.com
cdn.auth0.com — Cisco Umbrella Rank: 8679
mng-prod.auth0.com — Cisco Umbrella Rank: 244520
273 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
23 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
279 KB
4 azureedge.net
loader-cdn.azureedge.net — Cisco Umbrella Rank: 26130
g2insights-cdn.azureedge.net — Cisco Umbrella Rank: 41390
fp-cdn.azureedge.net — Cisco Umbrella Rank: 41880
244 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
776 B
3 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 10084
www.i.matheranalytics.com — Cisco Umbrella Rank: 9704
43 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
239 KB
3 mng-digisubs-prod.com
ui-static-assets-prod.mng-digisubs-prod.com — Cisco Umbrella Rank: 347086
34 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 2023
932 B
2 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1251
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 206
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
203 B
2 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2233
45 KB
2 blueconic.net
medianewsgroup.blueconic.net — Cisco Umbrella Rank: 81471
2 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1411
122 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2734
p1.parsely.com — Cisco Umbrella Rank: 2066
21 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 396
19 KB
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 693
381 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 372
808 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 323
265 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 447
675 B
1 google.de
www.google.de — Cisco Umbrella Rank: 7952
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 81
450 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1606
595 B
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1405
571 B
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1579
36 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 915
10 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
90 33
Domain Requested by
9 checkout.times-standard.com checkout.times-standard.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
7 z216.times-standard.com www.googletagmanager.com
z216.times-standard.com
5 i.liadm.com 2 redirects b-code.liadm.com
i.liadm.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com checkout.times-standard.com
www.gstatic.com
www.google.com
4 connect.facebook.net checkout.times-standard.com
connect.facebook.net
4 cdn.auth0.com checkout.times-standard.com
cdn.auth0.com
3 x.bidswitch.net 3 redirects
3 sb.scorecardresearch.com 1 redirects checkout.times-standard.com
3 www.googletagmanager.com checkout.times-standard.com
www.googletagmanager.com
g2insights-cdn.azureedge.net
3 ui-static-assets-prod.mng-digisubs-prod.com checkout.times-standard.com
2 io.narrative.io 2 redirects
2 x.dlx.addthis.com 1 redirects i.liadm.com
2 dpm.demdex.net 2 redirects
2 fonts.gstatic.com www.google.com
2 www.facebook.com checkout.times-standard.com
2 az416426.vo.msecnd.net loader-cdn.azureedge.net
www.googletagmanager.com
2 region1.google-analytics.com www.googletagmanager.com
2 medianewsgroup.blueconic.net z216.times-standard.com
2 js.matheranalytics.com 1 redirects checkout.times-standard.com
2 cdn.confiant-integrations.net www.googletagmanager.com
cdn.confiant-integrations.net
2 b-code.liadm.com www.googletagmanager.com
b-code.liadm.com
2 loader-cdn.azureedge.net checkout.times-standard.com
2 cdn.jsdelivr.net checkout.times-standard.com
1 trc.taboola.com i.liadm.com
1 px.ads.linkedin.com i.liadm.com
1 i6.liadm.com i.liadm.com
1 match.adsrvr.org i.liadm.com
1 sync.mathtag.com 1 redirects
1 sli.times-standard.com
1 www.google.de checkout.times-standard.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fp-cdn.azureedge.net checkout.times-standard.com
1 g2insights-cdn.azureedge.net checkout.times-standard.com
1 rp4.liadm.com checkout.times-standard.com
1 rp.liadm.com 1 redirects
1 www.i.matheranalytics.com checkout.times-standard.com
1 mng-prod.auth0.com cdn.auth0.com
1 geo.privacymanager.io ats.rlcdn.com
1 p1.parsely.com checkout.times-standard.com
1 polyfill.io checkout.times-standard.com
1 ats.rlcdn.com checkout.times-standard.com
1 cdn.parsely.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 fonts.googleapis.com checkout.times-standard.com
90 46

This site contains links to these domains. Also see Links.

Domain
www.times-standard.com
Subject Issuer Validity Valid
*.mercurynews.com
Go Daddy Secure Certificate Authority - G2
2022-08-23 -
2023-06-30
10 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.auth0.com
Amazon
2022-03-26 -
2023-04-24
a year crt.sh
ui-static-assets-prod.mng-digisubs-prod.com
Amazon
2022-12-11 -
2024-01-10
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2022-10-25 -
2023-10-25
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
*.parsely.com
Amazon
2022-06-05 -
2023-07-04
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-09-20 -
2022-12-19
3 months crt.sh
m349.eptrail.com
Amazon
2022-06-16 -
2023-07-15
a year crt.sh
*.liadm.com
Amazon
2022-01-31 -
2023-03-01
a year crt.sh
*.confiant-integrations.net
E1
2022-11-24 -
2023-02-22
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-10 -
2024-01-11
a year crt.sh
*.privacymanager.io
Amazon
2022-08-26 -
2023-09-24
a year crt.sh
*.blueconic.net
Amazon
2022-07-08 -
2023-08-06
a year crt.sh
www.google.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
www.i.matheranalytics.com
Amazon
2022-01-13 -
2023-02-11
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
www.google.de
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
sli.chicoer.com
R3
2022-10-12 -
2023-01-10
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-28 -
2022-12-29
a year crt.sh

This page contains 4 frames:

Primary Page: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Frame ID: 716A4F524DBB27B5F1B6E22612502426
Requests: 74 HTTP requests in this frame

Frame: https://mng-prod.auth0.com/authorize?client_id=kvI7O7QjfyQF92AdOl0an0LLznFau00s&response_type=token&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fcheckout.times-standard.com&state=Tg5QZyOCUeyR2zVhOYPgk3JgcS4h2ypD&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMS4zIn0%3D
Frame ID: 71E54779BF734E65A525946F7537A1E8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrddAZAAAAAH7t8jrSLIDCVQin5njJmkZ_a8Ih&co=aHR0cHM6Ly9jaGVja291dC50aW1lcy1zdGFuZGFyZC5jb206NDQz&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=bottomright&cb=hd7vttmpy2xh
Frame ID: 092B49DBEE6E828B8A1A6ABF5AD44FDE
Requests: 7 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-05gq?s=&cim=&ps=true&ls=true&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 578B6F70080918984F03FFBA05AE2599
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Subscription Panel

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • /lock/([\d.]+)/lock(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

90
Requests

91 %
HTTPS

52 %
IPv6

33
Domains

46
Subdomains

39
IPs

5
Countries

2372 kB
Transfer

8831 kB
Size

49
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://js.matheranalytics.com/s/ma23578/239876509/wp/ml.js?cb=1612 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma23578/wp/21/ml.br.js
Request Chain 45
  • https://rp.liadm.com/j?dtstmp=1670836128615&aid=a-05gq&se=e30&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&tna=v2.5.1&pu=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&wpn=lc-bundle&c=PHRpdGxlPlN1YnNjcmlwdGlvbiBQYW5lbDwvdGl0bGU-PGgxPlNpZ24gVXAgLyBTaWduIEluPC9oMT48aDE-U2lnbiBJbjwvaDE-PGgxPlNpZ24gSW48L2gxPjxoMT5BY2NvdW50IERlYWN0aXZhdGVkPC9oMT48aDE-RW1haWwgVmVyaWZpY2F0aW9uIFJlcXVpcmVkPC9oMT48aDE-QWxtb3N0IERvbmU8L2gxPjxoMT5BbG1vc3QgRG9uZTwvaDE-PGgxPlRoYW5rIFlvdSBmb3IgUmVnaXN0ZXJpbmc8L2gxPjxoMT5DcmVhdGUgTmV3IFBhc3N3b3JkPC9oMT48aDE-Q3JlYXRlIE5ldyBQYXNzd29yZDwvaDE-PGgxPkNyZWF0ZSBOZXcgUGFzc3dvcmQ8L2gxPjxoMT5TaWduIEluIHRvIENvbXBsZXRlIEFjY291bnQgTWVyZ2U8L2gxPjxoMT5SZXNlbmQgVmVyaWZpY2F0aW9uIEVtYWlsPC9oMT48aDE-VmVyaWZpY2F0aW9uIEVtYWlsIFNlbnQ8L2gxPjxoMT5FbWFpbCBWZXJpZmllZDwvaDE-PGgxPlBhc3N3b3JkIENoYW5nZWQ8L2gxPjxoMT5DcmVhdGUgTmV3IFBhc3N3b3JkPC9oMT48aDE-Q3JlYXRlIE5ldyBQYXNzd29yZDwvaDE- HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1670836128615&aid=a-05gq&se=e30&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&tna=v2.5.1&pu=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&wpn=lc-bundle&c=PHRpdGxlPlN1YnNjcmlwdGlvbiBQYW5lbDwvdGl0bGU-PGgxPlNpZ24gVXAgLyBTaWduIEluPC9oMT48aDE-U2lnbiBJbjwvaDE-PGgxPlNpZ24gSW48L2gxPjxoMT5BY2NvdW50IERlYWN0aXZhdGVkPC9oMT48aDE-RW1haWwgVmVyaWZpY2F0aW9uIFJlcXVpcmVkPC9oMT48aDE-QWxtb3N0IERvbmU8L2gxPjxoMT5BbG1vc3QgRG9uZTwvaDE-PGgxPlRoYW5rIFlvdSBmb3IgUmVnaXN0ZXJpbmc8L2gxPjxoMT5DcmVhdGUgTmV3IFBhc3N3b3JkPC9oMT48aDE-Q3JlYXRlIE5ldyBQYXNzd29yZDwvaDE-PGgxPkNyZWF0ZSBOZXcgUGFzc3dvcmQ8L2gxPjxoMT5TaWduIEluIHRvIENvbXBsZXRlIEFjY291bnQgTWVyZ2U8L2gxPjxoMT5SZXNlbmQgVmVyaWZpY2F0aW9uIEVtYWlsPC9oMT48aDE-VmVyaWZpY2F0aW9uIEVtYWlsIFNlbnQ8L2gxPjxoMT5FbWFpbCBWZXJpZmllZDwvaDE-PGgxPlBhc3N3b3JkIENoYW5nZWQ8L2gxPjxoMT5DcmVhdGUgTmV3IFBhc3N3b3JkPC9oMT48aDE-Q3JlYXRlIE5ldyBQYXNzd29yZDwvaDE-&i6=MmEwMTo0YTA6MmI6OjEw&n3pc=true
Request Chain 68
  • https://sb.scorecardresearch.com/c2/6035443/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 80
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-05gq%2F0%2F7869f602fc5e4776be0810b7b684c2ad%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&f1a79597-c867-4d19-ae92-f90e6e242718 HTTP 302
  • https://i.liadm.com/s/e/a-05gq/0/7869f602fc5e4776be0810b7b684c2ad?mpid=7156&muid=0aa56396-efa1-4800-b924-ceba0cf4045b
Request Chain 82
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=f1a79597-c867-4d19-ae92-f90e6e242718&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=f1a79597-c867-4d19-ae92-f90e6e242718&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D HTTP 302
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=dee499f3-f073-4395-b4fd-0700f24ddc79 HTTP 303
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=f1a79597-c867-4d19-ae92-f90e6e242718 HTTP 302
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=dee499f3-f073-4395-b4fd-0700f24ddc79 HTTP 303
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=dee499f3-f073-4395-b4fd-0700f24ddc79
Request Chain 83
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=f1a79597-c867-4d19-ae92-f90e6e242718&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-05gq%2F0%2F7869f602fc5e4776be0810b7b684c2ad%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=f1a79597-c867-4d19-ae92-f90e6e242718&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-05gq%2F0%2F7869f602fc5e4776be0810b7b684c2ad%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
  • https://i.liadm.com/s/e/a-05gq/0/7869f602fc5e4776be0810b7b684c2ad?mpid=82775&muid=67743348991945776560629605858265103711
Request Chain 84
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f1a79597-c867-4d19-ae92-f90e6e242718 HTTP 302
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f1a79597-c867-4d19-ae92-f90e6e242718&rd=Y
Request Chain 85
  • https://io.narrative.io/?companyId=82&id=li_id:f1a79597-c867-4d19-ae92-f90e6e242718&id=md5_email:&id=sha1_email:&id=sha256_email:&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D1670836129 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=9787eae0-79fc-11ed-a183-06192a72c749&companyId=82&id=li_id:f1a79597-c867-4d19-ae92-f90e6e242718&id=md5_email:&id=sha1_email:&id=sha256_email:&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puuid%3D%24%7Bnarrative.id.value%7D%26rand%3D1670836129 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=16223&puuid=9787eae0-79fc-11ed-a183-06192a72c749&rand=1670836129

90 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request nolandings2
checkout.times-standard.com/
530 KB
61 KB
Document
General
Full URL
https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2187fffe3c2bd2e6dbb65dfa2c4007bd7b134ba4efe001a9d8b80f4e6499311b
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.subconadmin.com https://*.subconadmin.com *.mg2cms.com https://*.mg2cms.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
frame-ancestors *.subconadmin.com https://*.subconadmin.com *.mg2cms.com https://*.mg2cms.com
content-type
text/html; charset=utf-8
date
Mon, 12 Dec 2022 09:08:47 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-cdn
Imperva
x-host-name
AWSPRDWEB13
x-iinfo
1014-588473238-588473267 NNNN CT(96 190 0) RT(1670836126225 89) q(0 0 3 2) r(4 5) U5
x-powered-by
ASP.NET
x-sp-host-name
AWSPRDWEB13
flatpickr.min.css
cdn.jsdelivr.net/npm/flatpickr/dist/
16 KB
4 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/flatpickr/dist/flatpickr.min.css
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
816
x-jsd-version
4.6.13
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230109-FRA, cache-yyz4526-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"3f26-J8BN8VjBcy9mnostEH/TFP6t00A"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITBwz2VcDqaKLt2ao%2FaVbjB4kSu9RFPZvHD6k5gdAo%2FhRx29%2BCJZ8rHZB%2FxDdjo9XoJSoBZawnwk%2FPJhw3OdMPXoAxgmN90YXNkrslwfrZgHfvE5P6h4bWbwLutERzUfTRZsbH0QgJhGVBJo%2F7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
778551463ef6690f-FRA
flatpickr
cdn.jsdelivr.net/npm/
49 KB
15 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/flatpickr
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2789
x-jsd-version
4.6.13
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19155-FRA, cache-yyz4536-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"c5f7-fVv7+SYe2JucqEJIf3pkZJZHRLk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oH9%2F7wWWh3N2wTUgBGJ2Ff0pi6Q2vm5x64P4p44dcKQGF5jPqym3HMtaN8%2F%2BjCBO9LjNVPPtyUG8HqCzLgIRH8c30UZ%2F00d9znhyM8R6RlSDTTYPfkPwBuSMEzXBvF%2FJr57vg9e3x4yoVaLp%2FCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
778551463ef8690f-FRA
bootstrap.css
checkout.times-standard.com/styles/
118 KB
20 KB
Stylesheet
General
Full URL
https://checkout.times-standard.com/styles/bootstrap.css
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
09cff25adf02e25fcdaac9140d0cfcf36060315f16e71031056b5570c6551a03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:47 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 12:00:34 GMT
server
Microsoft-IIS/10.0
x-cdn
Imperva
x-sp-host-name
AWSPRDWEB13
etag
W/"1d6c9-18383f857b7"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-iinfo
14-588473238-588473433 NNNN CT(103 94 0) RT(1670836126225 657) q(0 0 2 -1) r(3 4) U5
cache-control
public, max-age=2592000
x-host-name
AWSPRDWEB13
accept-ranges
bytes
alertify.min.css
checkout.times-standard.com/styles/
20 KB
4 KB
Stylesheet
General
Full URL
https://checkout.times-standard.com/styles/alertify.min.css
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b16536ac8f4dc22595142244daba17fd653cbeb18ab213d5e73a07df55f78264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:47 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 12:00:34 GMT
server
Microsoft-IIS/10.0
x-cdn
Imperva
x-sp-host-name
AWSPRDWEB13
etag
W/"509f-18383f85788"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-iinfo
14-588473238-588473437 NNNN CT(96 93 0) RT(1670836126225 664) q(0 0 2 -1) r(3 3) U5
cache-control
public, max-age=2592000
x-host-name
AWSPRDWEB13
accept-ranges
bytes
style_seamless.css
checkout.times-standard.com/styles/
147 KB
23 KB
Stylesheet
General
Full URL
https://checkout.times-standard.com/styles/style_seamless.css?dateStamp=1663159546000
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
87538b4bed933f5366437d7f623ef7ebb1e1458fdd8cc25352c99951e480b43d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:47 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 12:00:34 GMT
server
Microsoft-IIS/10.0
x-cdn
Imperva
x-sp-host-name
AWSPRDWEB13
etag
W/"24c91-18383f8598c"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
x-iinfo
14-588473238-588473440 NNNN CT(95 93 0) RT(1670836126225 671) q(0 0 2 -1) r(3 4) U5
cache-control
public, max-age=2592000
x-host-name
AWSPRDWEB13
accept-ranges
bytes
css2
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700;900&family=PT+Sans:wght@400;700&family=PT+Serif:wght@400;700&display=swap
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56bcb9155d456cfe21d3231d5c2f9f17283978d8be3e9df3ff1b660782f52bae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Dec 2022 09:08:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Dec 2022 09:08:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Dec 2022 09:08:47 GMT
auth0.min.js
cdn.auth0.com/js/auth0/9.11/
138 KB
37 KB
Script
General
Full URL
https://cdn.auth0.com/js/auth0/9.11/auth0.min.js
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.105.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-105-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ae5aed8aab32ad79a23003eee65fec603ddbeed83b296ba4735ff840e12b005

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
aSext1FIqk1MhYvH8ktwHiqmr.lxzw4N
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
date
Mon, 12 Dec 2022 08:51:09 GMT
last-modified
Mon, 05 Aug 2019 03:28:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
1059
etag
W/"8aaeb19bcc97ce84037e05d32a8214b1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=10800,public
x-amz-replication-status
COMPLETED
x-amz-cf-id
tbq1_wK4nEn_WNku1gV2Bs84eAoElkapJ08Iie674iI2A740spXQjQ==
lock.min.js
cdn.auth0.com/js/lock/11.25/
816 KB
230 KB
Script
General
Full URL
https://cdn.auth0.com/js/lock/11.25/lock.min.js
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.105.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-105-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c66c855006ab2ae4f702be94152ccc855d729ee985a3676d7e046763430e431

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
b6t533h85wWWf7_z_bLRmFxvZTyg8KX4
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
date
Mon, 12 Dec 2022 08:37:23 GMT
last-modified
Tue, 14 Jul 2020 10:52:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
2169
etag
W/"787121ba6999ff8d3156411e5d29542c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=10800,public
x-amz-replication-status
COMPLETED
x-amz-cf-id
2bgO_pxmLcB7KC62tqeR9fEdP42nAgnWzBUmAASgUibfNtM01hKWvQ==
auth0Manager.js
ui-static-assets-prod.mng-digisubs-prod.com/js/
19 KB
19 KB
Script
General
Full URL
https://ui-static-assets-prod.mng-digisubs-prod.com/js/auth0Manager.js
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79f95850ee3772b67d52ec317d635d639e53586fb33ef91514c6c6d093b06dfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Ynm3hyrl_EB5YgXS0RTBNMwvhFCU7j8O
date
Mon, 12 Dec 2022 09:08:47 GMT
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Nov 2022 17:50:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
2290
etag
"b6f65de6c430d3bcef85168124ee08fa"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
19294
x-amz-cf-id
7wt5D9KmyAd-FO9lkR5wRWHE8Pe8EZdJd8VombsKe1Moz1wjihe5KA==
auth0.css
ui-static-assets-prod.mng-digisubs-prod.com/css/
551 B
919 B
Stylesheet
General
Full URL
https://ui-static-assets-prod.mng-digisubs-prod.com/css/auth0.css
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c19aeab881aea1a7033b72c171ca69d8d42a913c3dc6ebf45f1bda6b29368eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
2brXlIn3tlH0PrSPDvdP2jXf1lobAjJU
date
Mon, 12 Dec 2022 03:00:10 GMT
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
last-modified
Tue, 21 Sep 2021 16:11:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
22118
etag
"c3ae54044dd63f1d12d13b4265e49086"
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
551
x-amz-cf-id
5GC5SEsMQ_ExsVEtJ_hDeT3RG7POSOvIzhmWkViIoXSAiwOLwbO0PQ==
build.js
checkout.times-standard.com/build/
905 KB
212 KB
Script
General
Full URL
https://checkout.times-standard.com/build/build.js?dateStamp=1663159546000
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b09fde7deec44f1506668938733914165faf1ee1731c2c7d86f1d255af321289

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:47 GMT
content-encoding
gzip
last-modified
Wed, 28 Sep 2022 12:00:32 GMT
server
Microsoft-IIS/10.0
x-cdn
Imperva
x-sp-host-name
AWSPRDWEB13
etag
W/"e231a-18383f85287"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-iinfo
14-588473238-588473267 PNNN RT(1670836126225 713) q(0 0 0 -1) r(1 1) U5
cache-control
public, max-age=2592000
x-host-name
AWSPRDWEB13
accept-ranges
bytes
loader.min.js
loader-cdn.azureedge.net/prod/mng/
16 KB
6 KB
Script
General
Full URL
https://loader-cdn.azureedge.net/prod/mng/loader.min.js
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D09) /
Resource Hash
c6f71f7c14de7eacac1793a5bc104bcd5ba99a1b9ac4f7dbda99fc08c14e79c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Dec 2022 09:08:47 GMT
content-encoding
gzip
content-md5
ddLsvmIkmhpv+wIOn3yDJw==
age
26243
x-cache
HIT
content-length
5475
x-ms-lease-status
unlocked
last-modified
Fri, 10 Apr 2020 15:36:16 GMT
server
ECAcc (frc/4D09)
etag
0x8D7DD64E893E0B2
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a8f3f9ef-901e-00a5-52cc-0da1c4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
_Incapsula_Resource
checkout.times-standard.com/
144 KB
21 KB
Script
General
Full URL
https://checkout.times-standard.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=155293596
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
abe9ba592cd97e3c51b80224a8f2e7c9856f1b230d5ed991363bad4fb2131439

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
20949
content-type
application/javascript
gtm.js
www.googletagmanager.com/
401 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eea95dca96d7fcc0437ff906477c23f478bd096431c548ffbf23e0515ec0182d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99015
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Dec 2022 09:08:48 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Dec 2022 07:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6248
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 12 Dec 2022 09:24:40 GMT
quant.js
secure.quantserve.com/
25 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
gzip
etag
"KvGSi9leJgKNKEGESzHjYw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 19 Dec 2022 09:08:48 GMT
p.js
cdn.parsely.com/keys/times-standard.com/
56 KB
21 KB
Script
General
Full URL
https://cdn.parsely.com/keys/times-standard.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-100-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
36413a633884c3e5aec1a5567453b21ca8721f35c6dc11bbb49f670da2d7d317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
public
date
Mon, 12 Dec 2022 06:00:32 GMT
content-encoding
gzip
via
1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified
Fri, 31 Dec 2021 19:19:21 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
11296
etag
W/"61cf57b9-df47"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
evNc7u05gkGV4EC9vLGwPENr-E02AUj-sF72gu4bjukin6q2oqTATw==
expires
Tue, 13 Dec 2022 06:00:32 GMT
fbevents.js
connect.facebook.net/en_US/
103 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Dec 2022 09:08:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27317
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
IvEW1ptPzKk0Cng/RiRdjDJJlQs7aMDBpY8uxAE5kiMx30bsmqUxtKyBM6hdXv7FbhzYRH0++INqtFVWbKOiog==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
script.js
z216.times-standard.com/
154 KB
45 KB
Script
General
Full URL
https://z216.times-standard.com/script.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
83f47a6eb79a32be385cc041f156b55c7b27684c5378175cd48f77e69d792c28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
age
106
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
45852
x-xss-protection
1; mode=block
last-modified
Mon, 12 Dec 2022 09:06:50 GMT
server
-
etag
5ba251c2de082b139129419021642945
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=600
x-robots-tag
noindex, nofollow
x-amz-cf-id
2UmmRe5kcJnkLWR6i7TA6wGv-qXn_oZlyBszyXqNdJNSCjug3Dcn2g==
expires
Mon, 12 Dec 2022 09:17:02 GMT
a-05gq.min.js
b-code.liadm.com/
30 KB
11 KB
Script
General
Full URL
https://b-code.liadm.com/a-05gq.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0b2b8579ecbc2c77ef6221208e243537f61fd6b4c5f8ac6def77440551d9ca60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 06:00:35 GMT
content-encoding
gzip
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
11293
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
"public, max-age=86400"
x-amz-cf-id
VWkzmFfQE9dmATK34w_4gA4QMgRJj9HyDrP8O5r168S9mDAy2gT_KA==
config.js
cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/
259 KB
54 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/config.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6122cf9440016e1c82fe44da77e31d8d3438b9a84cf7810d88938b497f1444e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Dec 2022 04:57:46 GMT
server
cloudflare
x-amz-request-id
64JEWRF5D7XXS21G
age
332
etag
W/"8e9ba063fea26d8bc8fc4ea511f3e403"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7785514a3f879a0b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
iNPRzKUiajStWZ+DmYx5jkSsPSejAaxpOCH1S5N0tS+kdcOtxphguUYlqguXWPHDrS1537Pd6pY=
ats.js
ats.rlcdn.com/
109 KB
36 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-3.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 03:26:31 GMT
x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
20538
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
etag
W/"148e21f812b555a13b2a9c6b616141f4"
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
pCawSY5zudwWxwH8HDo2oOGoDSlBXksNi0DylAAPmWeMQj1j6OWfTQ==
ml.br.js
js.matheranalytics.com/static/ltm/ma23578/wp/21/
Redirect Chain
  • https://js.matheranalytics.com/s/ma23578/239876509/wp/ml.js?cb=1612
  • https://js.matheranalytics.com/static/ltm/ma23578/wp/21/ml.br.js
148 KB
43 KB
Script
General
Full URL
https://js.matheranalytics.com/static/ltm/ma23578/wp/21/ml.br.js
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H3
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
2ba76ac3b4572521491bb591f63a3e1ae467fe1719760c9e90b9351de1dba5fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 01:37:41 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 18 Oct 2022 15:41:23 GMT
server
nginx
age
27067
etag
"d7b3136d9368b251bcd08d3be1706cd0"
vary
Accept-Encoding
x-cache
HIT Tue, 18 Oct 2022 15:49:11 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43990

Redirect headers

date
Mon, 12 Dec 2022 09:08:48 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma23578/wp/21/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
8-gc-euw1-10929
js
www.googletagmanager.com/gtag/
216 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JNP6TRHKRV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fb239fe37b695d099e0bc17ccc8e079934004875f86fe2be6b14a9b1bc52adc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76882
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Dec 2022 09:08:48 GMT
b
sb.scorecardresearch.com/
0
193 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1670836128309&ns_c=UTF-8&c8=Subscription%20Panel&c7=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&c9=
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:48 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
_z1MGz-vxOy8q0byey4zRqX4vn0IJ-xSyT3dKRG7IBNxKUzfgvZXig==
x-cache
Miss from cloudfront
polyfill.min.js
polyfill.io/v3/
101 B
571 B
Script
General
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/build/build.js?dateStamp=1663159546000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 12 Dec 2022 09:08:48 GMT
age
979237
detected-user-agent
Chrome/108.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Wed, 30 Nov 2022 17:02:06 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
normalized-user-agent
chrome/108.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
884 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:03:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
318
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 12 Dec 2022 10:03:30 GMT
_Incapsula_Resource
checkout.times-standard.com/
1 B
35 B
Image
General
Full URL
https://checkout.times-standard.com/_Incapsula_Resource?SWKMTFSR=1&e=0.971477275874999
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
/
p1.parsely.com/plogger/
43 B
257 B
Image
General
Full URL
https://p1.parsely.com/plogger/?rand=1670836128429&plid=58004692&idsite=times-standard.com&url=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&sref=&sts=1670836128425&slts=0&title=Subscription+Panel&date=Mon+Dec+12+2022+09%3A08%3A48+GMT%2B0000+(GMT)&action=pageview&pvid=77122938&u=pid%3Dc14cb6f656fab61e9a8d7ec334cd60f1
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 09:08:48 GMT
Cache-Control
no-cache
Last-Modified
Monday, 12-Dec-2022 09:08:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
geo.privacymanager.io/
30 B
595 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-111.fra53.r.cloudfront.net
Software
/
Resource Hash
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 00:47:24 GMT
via
1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront), 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA53-C1
age
30084
x-amzn-requestid
1a38fe0f-9e8f-4b3e-a4f1-80f9f532d6b4
x-amzn-trace-id
Root=1-63967a1c-7aa439317f4a1c4d62a0f62e;Sampled=0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
dAgEbHSwDoEFYqg=
content-length
30
x-amz-cf-id
hl_emrM0_GnqdMdNJeWyZlxM9oxu5HMMRNjEyLygTKmo6oW7pvrMvg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
547488689233483
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/547488689233483?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b5d6f82ad3aa8ae774925d9ff42dcff0872a40f9f04f9d860fb901ff4d614b0c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Dec 2022 09:08:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Z3z80xeByvCRhrw+rnR7prD9ps+I/RA/1/MI8kFQ5guQErUx36imtGLVDOmXKemll9dOyo3hSzU1btkcECG4dw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cs
medianewsgroup.blueconic.net/DG/DEFAULT/
16 B
702 B
Script
General
Full URL
https://medianewsgroup.blueconic.net/DG/DEFAULT/cs?&callback=bc_json868
Requested by
Host: z216.times-standard.com
URL: https://z216.times-standard.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-214-42.compute-1.amazonaws.com
Software
- /
Resource Hash
c5129d2806d078e48f491b47016b9518a12f2504e2d89603ef4422584d23482b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
36
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync-container.js
b-code.liadm.com/
6 KB
3 KB
Script
General
Full URL
https://b-code.liadm.com/sync-container.js
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-05gq.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:2a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
content-encoding
gzip
via
1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
date
Mon, 05 Dec 2022 09:48:48 GMT
last-modified
Tue, 10 May 2022 11:48:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
1466239
x-amz-server-side-encryption
AES256
etag
W/"ae5e94de938b0387eda6df8f20da811a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=2592000
x-amz-cf-id
uGg0PJ7glVg2T5l5tQO2ARn2W6hSfFDj2CjGzPaJqI3l58WYEEJmTA==
collect
region1.google-analytics.com/g/
0
355 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JNP6TRHKRV&gtm=2oebu0&_p=1330164261&cid=1669316596.1670836128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670836128&sct=1&seg=0&dl=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&dt=Subscription%20Panel&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JNP6TRHKRV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 09:08:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkout.times-standard.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202211281516/
214 KB
67 KB
Script
General
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202211281516/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/3IyQ81Wnn-d6bieQLuWeDuN4PWM/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
155ae9a5b5aad976bcea98140251cf38c9b0fabbd6d14e1e0330e6bc7db652a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 22:12:12 GMT
server
cloudflare
x-amz-request-id
6K7BQ9AWP66T8673
age
1090676
etag
W/"a17d71fba756fc07505a17ec398feab1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7785514b297e91ea-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
zJ4qC8L5L4xdyJtMvRj9FzOIveTX9JW4dgzj4YGCoyu0Lmy25D6nzcwlvlvqYbQGJAUZy1hfUuA=
loader-config.json
loader-cdn.azureedge.net/prod/mng/
6 KB
2 KB
XHR
General
Full URL
https://loader-cdn.azureedge.net/prod/mng/loader-config.json?_=1670836128334
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/build/build.js?dateStamp=1663159546000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
0d6f4cdf43fdb9aebe1a80bc4139cf042677c25f7298666358b4c1c255c71259

Request headers

Accept
*/*
Referer
https://checkout.times-standard.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
gzip
content-md5
/TFku2GU6w+/HkrbxstcBA==
age
318545
x-cache
HIT
content-length
1949
x-ms-lease-status
unlocked
last-modified
Thu, 06 Oct 2022 14:31:09 GMT
server
ECAcc (frc/4CC2)
etag
0x8DAA7A7696965FD
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0c0f9246-301e-0005-1d23-0b2565000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1330164261&t=pageview&_s=1&dl=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&dr=&dp=%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&ul=en-us&de=UTF-8&dt=Subscription%20Panel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEAjBAAAACgFK~&jid=590704180&gjid=636065741&cid=1669316596.1670836128&tid=UA-61435456-17&_gid=1060536358.1670836128&_r=1&gtm=2wgbu0TLFP4R&cd1=&cd2=times-standard.com&cd3=times-standard.com&cd4=&cd5=&cd6=&cd7=&cd9=&cd10=&cd11=&cd12=&cd13=&cd14=subscription&cd15=subscription&cd16=&cd17=&cd18=&cd19=&cd20=times-standard.com&cd21=&cd22=&cd23=&cd24=other&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=&cd33=&cd34=true&cd35=&cd42=mg2&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.98%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd53=1669316596.1670836128&z=1873195561
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://checkout.times-standard.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 09:08:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkout.times-standard.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.js
www.google.com/recaptcha/
908 B
986 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaInit&size=invisible&render=explicit
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/build/build.js?dateStamp=1663159546000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55dc504b416ccfe3e0651847a7604efe81c4a62fd00bccc8decae5c756be9eca
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
573
x-xss-protection
1; mode=block
expires
Mon, 12 Dec 2022 09:08:48 GMT
authorize
mng-prod.auth0.com/ Frame 71E5
1 KB
1 KB
Document
General
Full URL
https://mng-prod.auth0.com/authorize?client_id=kvI7O7QjfyQF92AdOl0an0LLznFau00s&response_type=token&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fcheckout.times-standard.com&state=Tg5QZyOCUeyR2zVhOYPgk3JgcS4h2ypD&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMS4zIn0%3D
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/auth0/9.11/auth0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:b9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3b64fdd5e3e078208065746c8c69f14f40bdb904006a6cd5d30395a956d7cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://checkout.times-standard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7785514bef6abbe6-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 12 Dec 2022 09:08:48 GMT
ot-baggage-auth0-request-id
7785514bef6abbe6
ot-tracer-sampled
true
ot-tracer-spanid
4bd8acf72c8f655f
ot-tracer-traceid
07665418360f49aa
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
traceparent
00-000000000000000007665418360f49aa-4bd8acf72c8f655f-01
tracestate
auth0-request-id=7785514bef6abbe6,auth0=true
vary
Accept-Encoding
x-auth0-requestid
e58f2e14f51bebb8bce7
x-content-type-options
nosniff
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-ratelimit-reset
1670836129
US
checkout.times-standard.com/address/getStates/
2 KB
1 KB
XHR
General
Full URL
https://checkout.times-standard.com/address/getStates/US
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/build/build.js?dateStamp=1663159546000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca1f76f3e333116f0ed5ae78dbce5c9c407d50d21530beb81e9cc0db1fa4cfac

Request headers

Accept
*/*
X-TrackingCode
{"utm_campaign":"DAQ23","utm_content":"HWOCT22EM1","g2i_source":"Email","g2i_medium":"link","g2i_campaign":"MG2"}
Referer
https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-version
3.16.0
date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
gzip
x-sp-host-name
AWSPRDWEB13
server
Microsoft-IIS/10.0
x-cdn
Imperva
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-iinfo
14-588473238-588473267 PNNN RT(1670836126225 1518) q(0 0 0 -1) r(1 1) U5
cache-control
public, max-age=2592000
x-host-name
AWSPRDWEB13
/
checkout.times-standard.com/offer/getOffers/
197 B
792 B
XHR
General
Full URL
https://checkout.times-standard.com/offer/getOffers/
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/build/build.js?dateStamp=1663159546000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7c9b372368252f043de386112de451f480711eacade3412a0cebecd8fb0718ad

Request headers

Accept
*/*
X-TrackingCode
{"utm_campaign":"DAQ23","utm_content":"HWOCT22EM1","g2i_source":"Email","g2i_medium":"link","g2i_campaign":"MG2"}
Referer
https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-version
3.16.0
date
Mon, 12 Dec 2022 09:08:48 GMT
x-sp-host-name
AWSPRDWEB13
server
Microsoft-IIS/10.0
x-cdn
Imperva
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-iinfo
14-588473238-588473440 PNNN RT(1670836126225 1524) q(0 0 0 -1) r(4 4) U5
x-host-name
AWSPRDWEB13
content-length
197
TSTD_Logo.png
ui-static-assets-prod.mng-digisubs-prod.com/img/site-logos/
14 KB
14 KB
Image
General
Full URL
https://ui-static-assets-prod.mng-digisubs-prod.com/img/site-logos/TSTD_Logo.png
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-44.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
745bde356b612b68150773606ace945e6b8a3134798005239fc645f7c092751d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
ULfsOZdIXJd7p9ozWVYXeCw7dn3H5gbd
date
Mon, 12 Dec 2022 09:08:50 GMT
via
1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 22:18:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
etag
"eb717968acc2b69898b0fba6cc82d0bf"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
14050
x-amz-cf-id
LdbnSti9KY_6kZgbTcDbxaVauGtgxeFxDlzXsazPr7y_o9cVqWa2EA==
i
www.i.matheranalytics.com/
43 B
245 B
Image
General
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Subscription%20Panel&ptype=other&sec=subscription&tv=js-3.0.158&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=21&tvcfg=wp&tid=053ec328-7fca-4a7d-a867-3c6d5151d316&pid=b2b240c3-00f2-4287-966b-043ce0ca892e&dtm=1670836128599&qnm=_matherq&visible=1&tabid=faa102c0-7144-4de5-9971-b6cbdcb75faf&url=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&vp=1600x1200&ds=1600x1200&tofa=1670836129&vid=1&lvidt=1670836129&duid=76ba3b39-7a78-4092-a406-bdc0ae4b1431&fp=2294459535&cid=ma23578&mrk=239876509&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3MDgzNjEyNzAxMSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyMy4xbWIiLCJoZWFwVCI6IjI5LjRtYiIsImZzdFBhaW50IjoiMTE1OCIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiI1NCIsImNvbm5TIjoiNTQiLCJjb25uRSI6IjE0MCIsInNzbFMiOiI2MSIsInJlcXVTIjoiMTQxIiwicmVzcFMiOiI2NjAiLCJyZXNwRSI6Ijc2NiIsImRvbUxvYWQiOiI2NzAiLCJkb21JbnRlciI6IjE0MDMiLCJkb21Mb2FkUyI6IjE0MDMiLCJkb21Mb2FkRSI6IjE0MDQifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIxNjY5MzE2NTk2IiwicmVmVGltZSI6IjE2NzA4MzYxMjg1OTgifV0sImNhbXBhaWducyI6W3sicGFnZUlkIjoiYjJiMjQwYzMtMDBmMi00Mjg3LTk2NmItMDQzY2UwY2E4OTJlIiwibmFtZSI6InV0bV9jYW1wYWlnbiIsInZhbHVlIjoiREFRMjMiLCJyZWZUaW1lIjoiMTY3MDgzNjEyOSIsImNyZWF0ZVRpbWUiOiIxNjcwODM2MTI5In0seyJwYWdlSWQiOiJiMmIyNDBjMy0wMGYyLTQyODctOTY2Yi0wNDNjZTBjYTg5MmUiLCJuYW1lIjoidXRtX2NvbnRlbnQiLCJ2YWx1ZSI6IkhXT0NUMjJFTTEiLCJyZWZUaW1lIjoiMTY3MDgzNjEyOSIsImNyZWF0ZVRpbWUiOiIxNjcwODM2MTI5In0seyJwYWdlSWQiOiJiMmIyNDBjMy0wMGYyLTQyODctOTY2Yi0wNDNjZTBjYTg5MmUiLCJuYW1lIjoidXRtX21lZGl1bSIsInZhbHVlIjoiZW1haWwiLCJyZWZUaW1lIjoiMTY3MDgzNjEyOSIsImNyZWF0ZVRpbWUiOiIxNjcwODM2MTI5In0seyJwYWdlSWQiOiJiMmIyNDBjMy0wMGYyLTQyODctOTY2Yi0wNDNjZTBjYTg5MmUiLCJuYW1lIjoidXRtX3NvdXJjZSIsInZhbHVlIjoibGlzdHJhayIsInJlZlRpbWUiOiIxNjcwODM2MTI5IiwiY3JlYXRlVGltZSI6IjE2NzA4MzYxMjkifSx7InBhZ2VJZCI6ImIyYjI0MGMzLTAwZjItNDI4Ny05NjZiLTA0M2NlMGNhODkyZSIsIm5hbWUiOiJ1dG1fdGVybSIsInZhbHVlIjoiJDEzK2ZvcisxK3llYXIrZm9yK2Z1bGwrZGlnaXRhbCthY2Nlc3MiLCJyZWZUaW1lIjoiMTY3MDgzNjEyOSIsImNyZWF0ZVRpbWUiOiIxNjcwODM2MTI5In1dLCJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJzdWJzY3JpcHRpb24iXV19LCJhdWRpZW5jZSI6W3sicHJvdmlkZXIiOiJ1c2VyREIiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlfSU5TVEFOVEJfMjAyMDAyMDMiXSwicGFnZUlkIjoiYjJiMjQwYzMtMDBmMi00Mjg3LTk2NmItMDQzY2UwY2E4OTJlIn0seyJwcm92aWRlciI6ImlTZWdzIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5X0lOU1RBTlRCXzIwMjAwMjAzIl0sInBhZ2VJZCI6ImIyYjI0MGMzLTAwZjItNDI4Ny05NjZiLTA0M2NlMGNhODkyZSJ9XX0
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-241-65.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Mon, 12 Dec 2022 09:08:49 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
en.js
cdn.auth0.com/js/lock/11.25.1/
6 KB
3 KB
Script
General
Full URL
https://cdn.auth0.com/js/lock/11.25.1/en.js
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.25/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.105.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-105-49.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70212eacf2b641df77cb7f0b97262908d1f8abde30a8b77b1a7cd8ef7031ab7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
qIAQzzJ.pD93KVstNbm_W.GXOnij8Nlm
content-encoding
gzip
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
date
Mon, 12 Dec 2022 05:02:49 GMT
last-modified
Tue, 14 Jul 2020 10:52:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
15736
etag
W/"572cf148365b46b1764bce1465485227"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2628000,public
x-amz-replication-status
COMPLETED
x-amz-cf-id
odbIOlfleUfToFxWxwWoZmXK2Dehdc2MiI9ovTesUpx5C8m99pTD6w==
kvI7O7QjfyQF92AdOl0an0LLznFau00s.js
cdn.auth0.com/client/
683 B
1 KB
Script
General
Full URL
https://cdn.auth0.com/client/kvI7O7QjfyQF92AdOl0an0LLznFau00s.js?t1670836128612
Requested by
Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.25/lock.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.105.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-105-49.fra60.r.cloudfront.net
Software
cloudflare /
Resource Hash
f472bfb2f42dcea57418c88bc810388e019cadf8b2c9045403b26c5ffb7ac573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
tracestate
auth0-request-id=772d8f727d89bb7d
x-auth0-requestid
dc17467e791a2bdb1607
date
Mon, 12 Dec 2022 09:08:48 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-cache
RefreshHit from cloudfront
cf-bgj
minify
server
cloudflare
ot-tracer-sampled
true
traceparent
00-73aaee994dcc0f9f-0000000000000000309d5a4f0f32c4c7-01
etag
W/"2ab-CAuztqBlhQZdIYfCm3bZ2a5QS0s"
ot-tracer-traceid
309d5a4f0f32c4c7
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
ot-baggage-auth0-request-id
772d8f727d89bb7d
cf-ray
77801eb9c9049019-FRA
x-amz-cf-id
nryih09i6dKiwnTdsO7MzFMsdKskhGSggPn6qJCA_sa608oWL_S60Q==
ot-tracer-spanid
73aaee994dcc0f9f
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1670836128615&aid=a-05gq&se=e30&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&tna=v2.5.1&pu=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG...
  • https://rp4.liadm.com/j?dtstmp=1670836128615&aid=a-05gq&se=e30&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&tna=v2.5.1&pu=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DM...
51 B
591 B
XHR
General
Full URL
https://rp4.liadm.com/j?dtstmp=1670836128615&aid=a-05gq&se=e30&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&tna=v2.5.1&pu=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&wpn=lc-bundle&c=PHRpdGxlPlN1YnNjcmlwdGlvbiBQYW5lbDwvdGl0bGU-PGgxPlNpZ24gVXAgLyBTaWduIEluPC9oMT48aDE-U2lnbiBJbjwvaDE-PGgxPlNpZ24gSW48L2gxPjxoMT5BY2NvdW50IERlYWN0aXZhdGVkPC9oMT48aDE-RW1haWwgVmVyaWZpY2F0aW9uIFJlcXVpcmVkPC9oMT48aDE-QWxtb3N0IERvbmU8L2gxPjxoMT5BbG1vc3QgRG9uZTwvaDE-PGgxPlRoYW5rIFlvdSBmb3IgUmVnaXN0ZXJpbmc8L2gxPjxoMT5DcmVhdGUgTmV3IFBhc3N3b3JkPC9oMT48aDE-Q3JlYXRlIE5ldyBQYXNzd29yZDwvaDE-PGgxPkNyZWF0ZSBOZXcgUGFzc3dvcmQ8L2gxPjxoMT5TaWduIEluIHRvIENvbXBsZXRlIEFjY291bnQgTWVyZ2U8L2gxPjxoMT5SZXNlbmQgVmVyaWZpY2F0aW9uIEVtYWlsPC9oMT48aDE-VmVyaWZpY2F0aW9uIEVtYWlsIFNlbnQ8L2gxPjxoMT5FbWFpbCBWZXJpZmllZDwvaDE-PGgxPlBhc3N3b3JkIENoYW5nZWQ8L2gxPjxoMT5DcmVhdGUgTmV3IFBhc3N3b3JkPC9oMT48aDE-Q3JlYXRlIE5ldyBQYXNzd29yZDwvaDE-&i6=MmEwMTo0YTA6MmI6OjEw&n3pc=true
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Server
3.218.4.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-4-10.compute-1.amazonaws.com
Software
/
Resource Hash
78eb416a3693c2992d54aed8c3c49acb4839892302bdfe5cbb48a4369339471a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:49 GMT
x-pixel-event-id
9ab12745-b7af-4686-841f-948568bfbc4d
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
vary
Origin
content-type
application/json
request-time
0
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
f09b4526cf56411e
content-length
51
x-xss-protection
1; mode=block

Redirect headers

date
Mon, 12 Dec 2022 09:08:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
x-frame-options
DENY
vary
Origin
location
https://rp4.liadm.com/j?dtstmp=1670836128615&aid=a-05gq&se=e30&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&tna=v2.5.1&pu=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&wpn=lc-bundle&c=PHRpdGxlPlN1YnNjcmlwdGlvbiBQYW5lbDwvdGl0bGU-PGgxPlNpZ24gVXAgLyBTaWduIEluPC9oMT48aDE-U2lnbiBJbjwvaDE-PGgxPlNpZ24gSW48L2gxPjxoMT5BY2NvdW50IERlYWN0aXZhdGVkPC9oMT48aDE-RW1haWwgVmVyaWZpY2F0aW9uIFJlcXVpcmVkPC9oMT48aDE-QWxtb3N0IERvbmU8L2gxPjxoMT5BbG1vc3QgRG9uZTwvaDE-PGgxPlRoYW5rIFlvdSBmb3IgUmVnaXN0ZXJpbmc8L2gxPjxoMT5DcmVhdGUgTmV3IFBhc3N3b3JkPC9oMT48aDE-Q3JlYXRlIE5ldyBQYXNzd29yZDwvaDE-PGgxPkNyZWF0ZSBOZXcgUGFzc3dvcmQ8L2gxPjxoMT5TaWduIEluIHRvIENvbXBsZXRlIEFjY291bnQgTWVyZ2U8L2gxPjxoMT5SZXNlbmQgVmVyaWZpY2F0aW9uIEVtYWlsPC9oMT48aDE-VmVyaWZpY2F0aW9uIEVtYWlsIFNlbnQ8L2gxPjxoMT5FbWFpbCBWZXJpZmllZDwvaDE-PGgxPlBhc3N3b3JkIENoYW5nZWQ8L2gxPjxoMT5DcmVhdGUgTmV3IFBhc3N3b3JkPC9oMT48aDE-Q3JlYXRlIE5ldyBQYXNzd29yZDwvaDE-&i6=MmEwMTo0YTA6MmI6OjEw&n3pc=true
access-control-allow-origin
https://checkout.times-standard.com
request-time
0
access-control-allow-credentials
true
trace-id
dd7133e87c555e4f
content-length
0
x-xss-protection
1; mode=block
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/mng/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1536
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a4fd81e2-401e-00f6-7705-0ec7d2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Mon, 12 Dec 2022 09:38:48 GMT
g2insights.min.js
g2insights-cdn.azureedge.net/prod/mng/
1 MB
217 KB
Script
General
Full URL
https://g2insights-cdn.azureedge.net/prod/mng/g2insights.min.js?
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/build/build.js?dateStamp=1663159546000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD5) /
Resource Hash
ee99cd2123f1dc69cd202c1828e4984b07933ee18837dbd0c61e5a2f3117a1aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
gzip
content-md5
C0tMeP7VrQ4l4CjPnVILvg==
age
32190
x-cache
HIT
content-length
221901
x-ms-lease-status
unlocked
last-modified
Tue, 29 Dec 2020 13:56:12 GMT
server
ECAcc (frc/4CD5)
etag
0x8D8AC0180885166
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8f258759-f01e-00a3-24be-0d927b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
fp.min.js
fp-cdn.azureedge.net/prod/mng/
59 KB
19 KB
Script
General
Full URL
https://fp-cdn.azureedge.net/prod/mng/fp.min.js?
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/build/build.js?dateStamp=1663159546000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF9) /
Resource Hash
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
gzip
content-md5
I+TRQO5bVyRNfhz04pv14Q==
age
32190
x-cache
HIT
content-length
19745
x-ms-lease-status
unlocked
last-modified
Thu, 24 Dec 2020 08:54:46 GMT
server
ECAcc (frc/4CF9)
etag
0x8D8A7E99034DC62
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6aa5e71a-a01e-0007-40be-0d9bdd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
collect
stats.g.doubleclick.net/j/
4 B
450 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-61435456-17&cid=1669316596.1670836128&jid=590704180&gjid=636065741&_gid=1060536358.1670836128&_u=aGBACEAiBAAAACgFK~&z=780480592
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://checkout.times-standard.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 12 Dec 2022 09:08:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkout.times-standard.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=547488689233483&ev=PageView&dl=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&rl=&if=false&ts=1670836128654&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670836128653.826655536&it=1670836128449&coo=false&rqm=GET
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 12 Dec 2022 09:08:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/
403 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaInit&size=invisible&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://checkout.times-standard.com/
Origin
https://checkout.times-standard.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 08:47:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164801
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 08:47:25 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-61435456-17&cid=1669316596.1670836128&jid=590704180&_u=aGBACEAiBAAAACgFK~&z=256193032
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 09:08:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-61435456-17&cid=1669316596.1670836128&jid=590704180&_u=aGBACEAiBAAAACgFK~&z=256193032
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 09:08:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 092B
42 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrddAZAAAAAH7t8jrSLIDCVQin5njJmkZ_a8Ih&co=aHR0cHM6Ly9jaGVja291dC50aW1lcy1zdGFuZGFyZC5jb206NDQz&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=bottomright&cb=hd7vttmpy2xh
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f52d48827d9878c28727e46bb57301787d454fe211fc76876e751b70ce32b374
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PD9vdyLyzV3ZiR_blzrK1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkout.times-standard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22376
content-security-policy
script-src 'report-sample' 'nonce-PD9vdyLyzV3ZiR_blzrK1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 12 Dec 2022 09:08:48 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
867
z216.times-standard.com/DG/DEFAULT/rest/rpc/
101 KB
15 KB
XHR
General
Full URL
https://z216.times-standard.com/DG/DEFAULT/rest/rpc/867?referer=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&bcsessionid=&bctempid=&overruleReferrer=&time=2022-12-12T09%3A08%3A48%2B00%3A00&ts=1670836128750
Requested by
Host: z216.times-standard.com
URL: https://z216.times-standard.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
ac8bf349506385dcaf484022e82be6371c3708b8a01f41000876476674646e76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkout.times-standard.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 09:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
14434
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://checkout.times-standard.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
NQkZOKXgvo1tKCqsgNJGUWu2vdZbVuyApJiiZkEcnNp5VCyhNvi1Eg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
gtm.js
www.googletagmanager.com/
211 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL
Requested by
Host: g2insights-cdn.azureedge.net
URL: https://g2insights-cdn.azureedge.net/prod/mng/g2insights.min.js?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1642a6d6cc97bf5bfe91800158a878baca8bab245235414617091cc1a450afdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68067
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Dec 2022 09:08:48 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 092B
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrddAZAAAAAH7t8jrSLIDCVQin5njJmkZ_a8Ih&co=aHR0cHM6Ly9jaGVja291dC50aW1lcy1zdGFuZGFyZC5jb206NDQz&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=bottomright&cb=hd7vttmpy2xh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 08:47:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1288
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 08:47:20 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 092B
403 KB
161 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrddAZAAAAAH7t8jrSLIDCVQin5njJmkZ_a8Ih&co=aHR0cHM6Ly9jaGVja291dC50aW1lcy1zdGFuZGFyZC5jb206NDQz&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=bottomright&cb=hd7vttmpy2xh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 08:47:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164801
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 01:21:32 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 08:47:25 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 092B
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Tue, 06 Dec 2022 18:59:47 GMT
x-content-type-options
nosniff
age
482942
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 13 Dec 2022 18:59:47 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 092B
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrddAZAAAAAH7t8jrSLIDCVQin5njJmkZ_a8Ih&co=aHR0cHM6Ly9jaGVja291dC50aW1lcy1zdGFuZGFyZC5jb206NDQz&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=bottomright&cb=hd7vttmpy2xh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 11:55:05 GMT
x-content-type-options
nosniff
age
249224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Dec 2023 11:55:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 092B
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrddAZAAAAAH7t8jrSLIDCVQin5njJmkZ_a8Ih&co=aHR0cHM6Ly9jaGVja291dC50aW1lcy1zdGFuZGFyZC5jb206NDQz&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=bottomright&cb=hd7vttmpy2xh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 05 Dec 2022 22:21:19 GMT
x-content-type-options
nosniff
age
557250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Dec 2023 22:21:19 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 12 Dec 2022 09:08:49 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1537
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a4fd81e2-401e-00f6-7705-0ec7d2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Mon, 12 Dec 2022 09:38:49 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 092B
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrddAZAAAAAH7t8jrSLIDCVQin5njJmkZ_a8Ih&co=aHR0cHM6Ly9jaGVja291dC50aW1lcy1zdGFuZGFyZC5jb206NDQz&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=bottomright&cb=hd7vttmpy2xh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d4dc0c66eadd4b3167ccb395964b88ea5717313ab053efc1618af0064cb7f3fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrddAZAAAAAH7t8jrSLIDCVQin5njJmkZ_a8Ih&co=aHR0cHM6Ly9jaGVja291dC50aW1lcy1zdGFuZGFyZC5jb206NDQz&hl=de&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&badge=bottomright&cb=hd7vttmpy2xh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 12 Dec 2022 09:08:49 GMT
/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=547488689233483&ev=Microdata&dl=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&rl=&if=false&ts=1670836129157&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Subscription%20Panel%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1670836128653.826655536&it=1670836128449&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: checkout.times-standard.com
URL: https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 12 Dec 2022 09:08:49 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
3d5b77a298a70f30a70b13e1fe8d7b82
z216.times-standard.com/plugin/plugin/
219 KB
54 KB
Script
General
Full URL
https://z216.times-standard.com/plugin/plugin/3d5b77a298a70f30a70b13e1fe8d7b82
Requested by
Host: z216.times-standard.com
URL: https://z216.times-standard.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
ed6978c9e69eebe9726a3f4f90fad28e177a30fd56e6fec89c75a5e906daf6cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
age
2051875
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
54207
x-xss-protection
1; mode=block
last-modified
Thu, 17 Nov 2022 15:10:54 GMT
server
-
etag
3d5b77a298a70f30a70b13e1fe8d7b82
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
mKT8QbeFfKSiQKNCkejhsD0u8sh0fuPiVLxq40a9Ndvyrm9yuTUbiw==
expires
Sat, 18 Nov 2023 15:10:54 GMT
3481c93c3e240ef26896065569dec34a
z216.times-standard.com/plugin/library/
321 KB
99 KB
Script
General
Full URL
https://z216.times-standard.com/plugin/library/3481c93c3e240ef26896065569dec34a
Requested by
Host: z216.times-standard.com
URL: https://z216.times-standard.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
0609d127885700576d3e495193f8be3c7ec31a98fa1bc5d6f65a2134e5ea4313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:10:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
age
2051873
x-cache
Hit from cloudfront
p3p
policyref="", CP="DSP"
content-length
101209
x-xss-protection
1; mode=block
last-modified
Thu, 17 Nov 2022 15:10:55 GMT
server
-
etag
3481c93c3e240ef26896065569dec34a
content-type
text/javascript; charset=utf-8
cache-control
public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag
noindex, nofollow
x-amz-cf-id
D7CSe6nyjfh4-xceQoH9tfAbTc4eD1wxW_CFimdKZGjy2PejvUxf0g==
expires
Sat, 18 Nov 2023 15:10:55 GMT
LB-Zone-1
z216.times-standard.com/DG/DEFAULT/rest/rpc/867/
3 KB
2 KB
XHR
General
Full URL
https://z216.times-standard.com/DG/DEFAULT/rest/rpc/867/LB-Zone-1?referer=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&bcsessionid=&bctempid=724fe7d1-b241-494a-8eac-e31811936371&overruleReferrer=&time=2022-12-12T09%3A08%3A49%2B00%3A00&ts=1670836129283
Requested by
Host: z216.times-standard.com
URL: https://z216.times-standard.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
d10fd777a5cc232f00251db78eb432d62ea103d91b120eff3db75ce1f6318565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkout.times-standard.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 09:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
1194
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://checkout.times-standard.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
uM1wNJB79cByd9P17pKfuKsZyEaCu5F6KyvqLo9cbSuhqBv6Y_lyHA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035443/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
358 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-90.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:07:41 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
69
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
hmpxwgyo-M6DkOk3o453_mMuFZ_6Up1kTN2mxGEfd5QiRUuj58k2CQ==

Redirect headers

location
/internal-c2/default/cs.js
date
Mon, 12 Dec 2022 09:08:49 GMT
via
1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
cfMCXTszj_N0AXc5uzSMPYaI9V2FP-60p40iUjlMRMdbiLwmUIFDGA==
x-cache
Miss from cloudfront
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1330164261&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&dr=&dp=%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&ul=en-us&de=UTF-8&dt=Subscription%20Panel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=%2Fnolandings2&_u=aGDACEAjBAAAACgFK~&jid=&gjid=&cid=1669316596.1670836128&tid=UA-61435456-17&_gid=1060536358.1670836128&gtm=2wgbu0TLFP4R&cd1=&cd2=times-standard.com&cd3=times-standard.com&cd4=&cd5=&cd6=&cd7=&cd9=&cd10=&cd11=&cd12=&cd13=&cd14=subscription&cd15=subscription&cd16=&cd17=&cd18=&cd19=&cd20=times-standard.com&cd21=&cd22=&cd23=&cd24=other&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=&cd33=&cd34=true&cd35=&cd42=mg2&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.98%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd53=1669316596.1670836128&z=59734819
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23178
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1330164261&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&dr=&dp=%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&ul=en-us&de=UTF-8&dt=Subscription%20Panel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=50%25&el=%2Fnolandings2&_u=aGDACEAjBAAAACgFK~&jid=&gjid=&cid=1669316596.1670836128&tid=UA-61435456-17&_gid=1060536358.1670836128&gtm=2wgbu0TLFP4R&cd1=&cd2=times-standard.com&cd3=times-standard.com&cd4=&cd5=&cd6=&cd7=&cd9=&cd10=&cd11=&cd12=&cd13=&cd14=subscription&cd15=subscription&cd16=&cd17=&cd18=&cd19=&cd20=times-standard.com&cd21=&cd22=&cd23=&cd24=other&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=&cd33=&cd34=true&cd35=&cd42=mg2&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.98%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd53=1669316596.1670836128&z=633049939
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23178
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1330164261&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&dr=&dp=%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&ul=en-us&de=UTF-8&dt=Subscription%20Panel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=75%25&el=%2Fnolandings2&_u=aGDACEAjBAAAACgFK~&jid=&gjid=&cid=1669316596.1670836128&tid=UA-61435456-17&_gid=1060536358.1670836128&gtm=2wgbu0TLFP4R&cd1=&cd2=times-standard.com&cd3=times-standard.com&cd4=&cd5=&cd6=&cd7=&cd9=&cd10=&cd11=&cd12=&cd13=&cd14=subscription&cd15=subscription&cd16=&cd17=&cd18=&cd19=&cd20=times-standard.com&cd21=&cd22=&cd23=&cd24=other&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=&cd33=&cd34=true&cd35=&cd42=mg2&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.98%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd53=1669316596.1670836128&z=1685615303
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23178
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1330164261&t=event&ni=1&_s=1&dl=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&dr=&dp=%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&ul=en-us&de=UTF-8&dt=Subscription%20Panel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=100%25&el=%2Fnolandings2&_u=aGDACEAjBAAAACgFK~&jid=&gjid=&cid=1669316596.1670836128&tid=UA-61435456-17&_gid=1060536358.1670836128&gtm=2wgbu0TLFP4R&cd1=&cd2=times-standard.com&cd3=times-standard.com&cd4=&cd5=&cd6=&cd7=&cd9=&cd10=&cd11=&cd12=&cd13=&cd14=subscription&cd15=subscription&cd16=&cd17=&cd18=&cd19=&cd20=times-standard.com&cd21=&cd22=&cd23=&cd24=other&cd25=&cd26=&cd27=&cd28=&cd29=&cd30=&cd32=&cd33=&cd34=true&cd35=&cd42=mg2&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.98%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd53=1669316596.1670836128&z=134831277
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
23178
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
a-05gq
i.liadm.com/s/c/ Frame 578B
1 KB
1 KB
Document
General
Full URL
https://i.liadm.com/s/c/a-05gq?s=&cim=&ps=true&ls=true&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.235.69.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-69-50.compute-1.amazonaws.com
Software
/
Resource Hash
2b190951381e4b4a828256e7ad0ace4283b531ddb8886edf059ad43f50e7a73a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://checkout.times-standard.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
732
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Dec 2022 09:08:49 GMT
ETag
1.61803398874
Request-Time
7
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
baker
sli.times-standard.com/
19 B
371 B
Image
General
Full URL
https://sli.times-standard.com/baker?dtstmp=1670836129346
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-158.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Expires
Mon, 12 Dec 2022 09:08:49 GMT
Pragma
no-cache
Date
Mon, 12 Dec 2022 09:08:49 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
331892897543876
connect.facebook.net/signals/config/
289 KB
83 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/331892897543876?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc02f15e19c77d1da2079910f40f5732edbe068bcee8b867f7a2b9de52d5d070
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Dec 2022 09:08:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
R4tcWoQ78XCevSbJ8LkZikiDMcYy2nDH1HKdGp6p4TIhDAIM3uXLdg8/v1SQctLu2KzImRNo3Qd41OUNUzPGFg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Ping
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://checkout.times-standard.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 09:08:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://checkout.times-standard.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
867
z216.times-standard.com/DG/DEFAULT/rest/rpc/
383 B
1 KB
XHR
General
Full URL
https://z216.times-standard.com/DG/DEFAULT/rest/rpc/867?referer=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&bcsessionid=724fe7d1-b241-494a-8eac-e31811936371&bctempid=&overruleReferrer=&time=2022-12-12T09%3A08%3A49%2B00%3A00&ts=1670836129764
Requested by
Host: z216.times-standard.com
URL: https://z216.times-standard.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
01bd3848e9b18a2fafbda6e097d5a024332b83bd76f3610017fc640908771500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkout.times-standard.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 09:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
179
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://checkout.times-standard.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
N61WJQQawKxAuZVpIUT58auS-NHvcOOtLBDwVT1zEZ-u1b5xg6VjJw==
expires
Thu, 01 Jan 1970 00:00:00 GMT
867
z216.times-standard.com/DG/DEFAULT/rest/rpc/
192 B
1 KB
XHR
General
Full URL
https://z216.times-standard.com/DG/DEFAULT/rest/rpc/867?referer=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D%23Listrak%2FEmail%23%26utm_medium%3Demail%26utm_source%3Dlistrak%26utm_term%3D%2413%2Bfor%2B1%2Byear%2Bfor%2Bfull%2Bdigital%2Baccess&bcsessionid=724fe7d1-b241-494a-8eac-e31811936371&bctempid=&overruleReferrer=&time=2022-12-12T09%3A08%3A49%2B00%3A00&ts=1670836129765
Requested by
Host: z216.times-standard.com
URL: https://z216.times-standard.com/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-41.fra56.r.cloudfront.net
Software
- /
Resource Hash
8d178d6bff5879ce8ff79ebc348abe60f5c63f3f0d91e25dee702258186e6e2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://checkout.times-standard.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 12 Dec 2022 09:08:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA56-P7
x-cache
Miss from cloudfront
p3p
policyref="", CP="DSP"
content-length
169
x-xss-protection
1; mode=block
pragma
no-cache
server
-
content-type
application/json; charset=utf-8
access-control-allow-origin
https://checkout.times-standard.com
cache-control
no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
x-amz-cf-id
loecKP3_TD1zpBKdBoYFJcr-jOjIOaEOoN2wTQ4QmtSsvT71JgyoWg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
medianewsgroup.blueconic.net/DG/DEFAULT/
66 B
861 B
Script
General
Full URL
https://medianewsgroup.blueconic.net/DG/DEFAULT/cs?bcsessionid=724fe7d1-b241-494a-8eac-e31811936371&&callback=bc_json869
Requested by
Host: z216.times-standard.com
URL: https://z216.times-standard.com/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-214-42.compute-1.amazonaws.com
Software
- /
Resource Hash
d45d40cc676cc3054088f35bd8b85359694f89cc7999df1de0b52913235426fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 09:08:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
-
x-permitted-cross-domain-policies
master-only
content-type
text/javascript; charset=utf-8
p3p
policyref="", CP="DSP"
cache-control
no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag
noindex, nofollow
content-length
86
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
7869f602fc5e4776be0810b7b684c2ad
i.liadm.com/s/e/a-05gq/0/ Frame 578B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-05gq%2F0%2F7869f602fc5e4776be0810b7b684c2ad%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&f1a79597-c867-4d19-ae92-f90...
  • https://i.liadm.com/s/e/a-05gq/0/7869f602fc5e4776be0810b7b684c2ad?mpid=7156&muid=0aa56396-efa1-4800-b924-ceba0cf4045b
43 B
274 B
Image
General
Full URL
https://i.liadm.com/s/e/a-05gq/0/7869f602fc5e4776be0810b7b684c2ad?mpid=7156&muid=0aa56396-efa1-4800-b924-ceba0cf4045b
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05gq?s=&cim=&ps=true&ls=true&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
54.235.69.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-69-50.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 09:08:50 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Date
Mon, 12 Dec 2022 09:08:49 GMT
Server
MT3 180 1fd3e2d master cdg-pixel-x34 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://i.liadm.com/s/e/a-05gq/0/7869f602fc5e4776be0810b7b684c2ad?mpid=7156&muid=0aa56396-efa1-4800-b924-ceba0cf4045b
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Dec 2022 09:08:48 GMT
generic
match.adsrvr.org/track/cmf/ Frame 578B
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05gq?s=&cim=&ps=true&ls=true&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 12 Dec 2022 09:08:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
52164
i6.liadm.com/s/ Frame 578B
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=f1a79597-c867-4d19-ae92-f90e6e242718&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=f1a79597-c867-4d19-ae92-f90e6e242718&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D
  • https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=dee499f3-f073-4395-b4fd-0700f24ddc79
  • https://x.bidswitch.net/sync?ssp=liveintent&user_id=f1a79597-c867-4d19-ae92-f90e6e242718
  • https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=dee499f3-f073-4395-b4fd-0700f24ddc79
  • https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=dee499f3-f073-4395-b4fd-0700f24ddc79
43 B
436 B
Image
General
Full URL
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=dee499f3-f073-4395-b4fd-0700f24ddc79
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05gq?s=&cim=&ps=true&ls=true&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 09:08:50 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=dee499f3-f073-4395-b4fd-0700f24ddc79
Date
Mon, 12 Dec 2022 09:08:50 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
7869f602fc5e4776be0810b7b684c2ad
i.liadm.com/s/e/a-05gq/0/ Frame 578B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=127444&dpuuid=f1a79597-c867-4d19-ae92-f90e6e242718&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-05gq%2F0%2F7869f602fc5e4776be0810b7b684c2ad%3Fmpid%3D82775%26muid%3D%2...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=f1a79597-c867-4d19-ae92-f90e6e242718&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-05gq%2F0%2F7869f602fc5e4776be0810b7b684c2ad%3Fmp...
  • https://i.liadm.com/s/e/a-05gq/0/7869f602fc5e4776be0810b7b684c2ad?mpid=82775&muid=67743348991945776560629605858265103711
43 B
274 B
Image
General
Full URL
https://i.liadm.com/s/e/a-05gq/0/7869f602fc5e4776be0810b7b684c2ad?mpid=82775&muid=67743348991945776560629605858265103711
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05gq?s=&cim=&ps=true&ls=true&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
HTTP/1.1
Server
54.235.69.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-235-69-50.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Mon, 12 Dec 2022 09:08:50 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

DCS
dcs-prod-irl1-2-v045-01a6f2a00.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
SC171rUgRA0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://i.liadm.com/s/e/a-05gq/0/7869f602fc5e4776be0810b7b684c2ad?mpid=82775&muid=67743348991945776560629605858265103711
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
live_intent_sync
x.dlx.addthis.com/e/ Frame 578B
Redirect Chain
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f1a79597-c867-4d19-ae92-f90e6e242718
  • https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f1a79597-c867-4d19-ae92-f90e6e242718&rd=Y
43 B
603 B
Image
General
Full URL
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f1a79597-c867-4d19-ae92-f90e6e242718&rd=Y
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05gq?s=&cim=&ps=true&ls=true&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
104.76.200.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-221.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires
Mon, 12 Dec 2022 09:08:50 GMT
pragma
no-cache
date
Mon, 12 Dec 2022 09:08:50 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
43
content-type
image/gif

Redirect headers

location
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=f1a79597-c867-4d19-ae92-f90e6e242718&rd=Y
pragma
no-cache
date
Mon, 12 Dec 2022 09:08:50 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Mon, 12 Dec 2022 09:08:50 GMT
db_sync
px.ads.linkedin.com/ Frame 578B
Redirect Chain
  • https://io.narrative.io/?companyId=82&id=li_id:f1a79597-c867-4d19-ae92-f90e6e242718&id=md5_email:&id=sha1_email:&id=sha256_email:&red=https%3A%2F%2Fpx.ads.linkedin.com%2Fdb_sync%3Fpid%3D16223%26puu...
  • https://io.narrative.io/?io.narrative.guid.v2=9787eae0-79fc-11ed-a183-06192a72c749&companyId=82&id=li_id:f1a79597-c867-4d19-ae92-f90e6e242718&id=md5_email:&id=sha1_email:&id=sha256_email:&red=https...
  • https://px.ads.linkedin.com/db_sync?pid=16223&puuid=9787eae0-79fc-11ed-a183-06192a72c749&rand=1670836129
43 B
808 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=16223&puuid=9787eae0-79fc-11ed-a183-06192a72c749&rand=1670836129
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05gq?s=&cim=&ps=true&ls=true&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Server
2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 09:08:50 GMT
content-encoding
gzip
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B536C56E829C4FD5BF9F96E4310E4FAB Ref B: VIEEDGE2212 Ref C: 2022-12-12T09:08:50Z
linkedin-action
1
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
content-type
image/gif
x-li-proto
http/2
content-length
65
x-li-uuid
AAXvndoEOWUEv57keL/iOw==

Redirect headers

Location
https://px.ads.linkedin.com/db_sync?pid=16223&puuid=9787eae0-79fc-11ed-a183-06192a72c749&rand=1670836129
Date
Mon, 12 Dec 2022 09:08:49 GMT
Cache-Control
no-cache
Server
nginx/1.22.0
Connection
keep-alive
Content-Length
0
/
trc.taboola.com/sg/liveintent/1/cm/ Frame 578B
43 B
381 B
Image
General
Full URL
https://trc.taboola.com/sg/liveintent/1/cm/
Requested by
Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-05gq?s=&cim=&ps=true&ls=true&duid=fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://i.liadm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 12 Dec 2022 09:08:49 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230026-FRA
server
nginx
x-timer
S1670836130.887875,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
1060502780777063
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1060502780777063?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c6d0306eebd470be66a4a4ba2112beca2648b347f4551587ab3816cbfbb87a40
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 12 Dec 2022 09:08:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
faC9JLDkqB8OGc/isjnaOkYTxOymIrveApa4kqOrBdaK/KgmOXR978u8Lhi3IlcaMYHLyPGWXaL/BuV9rRxTJQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JNP6TRHKRV&gtm=2oebu0&_p=1330164261&cid=1669316596.1670836128&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1670836128&sct=1&seg=0&dl=https%3A%2F%2Fcheckout.times-standard.com%2Fnolandings2%3Fg2i_campaign%3DMG2%26g2i_medium%3Dlink%26g2i_source%3DEmail%26ofrgp_id%3D1411%26utm_campaign%3DDAQ23%26utm_content%3DHWOCT22EM1%26utm_email%3D&dt=Subscription%20Panel&en=scroll&epn.percent_scrolled=90&_et=24
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JNP6TRHKRV&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkout.times-standard.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Dec 2022 09:08:53 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkout.times-standard.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange function| flatpickr object| viewParameters object| config function| analyticsEvent function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| dataLayer object| auth0 object| Auth0 function| Auth0Lock function| Auth0LockPasswordless object| Auth0SettingsManager object| google_tag_manager object| google_tag_data boolean| include string| GoogleAnalyticsObject function| ga number| comscoreID object| _qevents function| fbq function| _fbq object| atsScript object| $jscomp function| $ function| jQuery object| alertify object| ko function| Constants function| PageMetaDataHandler function| Utils function| ComponentsNames object| ComponentStates function| ComponentTemplateNames function| FilterTypes function| PaymentOptionsCodes function| OfferService function| GigyaUserProvider function| MG2UserProvider function| LandingAlignedImage function| LandingFullscreen function| LandingHorizontal function| LandingTabbed function| LandingTiles function| LandingZipFirst function| OfferSelectorApplePay function| OfferSelectorCheckBox function| OfferSelectorCSR function| OfferSelectorDropDown function| OfferSelectorHorizontal function| OfferSelectorSmallTiles function| OfferSelectorTiles function| Page function| PromotionDigital function| PromotionLinkOnly function| PromotionUpsell function| PromotionZipCode function| Step object| cartAbandonment object| tracker object| _mg2q function| PluginInitOverride object| MG2Loader string| loaderVersion string| loaderBuild string| configSiteCode object| plugins object| deferredResources object| gaplugins object| gaGlobal object| gaData function| quantserve function| __qc object| ezt object| _qoptions function| _typeof object| PARSELY object| ats object| blueConicPreListeners function| BCClass object| blueConicClient object| LI object| __li__evt_bus object| liQ object| liQ_instances function| onYouTubeIframeAPIReady object| confiant object| _mather object| userProvider function| resetCaptcha function| recaptchaInit function| edgileProcessResponse object| viewModel object| _matherq object| tid object| LoaderConfig object| appInsights function| _typeof2 function| __liSync object| googletag object| pbjs object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| AI object| Microsoft function| __extends function| _endsWith string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| recaptcha object| closure_lm_464765 object| bc_json868 object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights object| MG2DL object| snippet object| init object| g2iAppInsights function| InteractionTypeImpl object| _bcp object| Mustache function| BlueConicMetaDataService function| RuleService function| BlueConicEngagement object| bc object| justDetectAdblock function| jwt_decode object| bcConnectionUtil function| md5 function| BlueConicDataLayerUtil object| JSONPath object| bc_json869

49 Cookies

Domain/Path Name / Value
z216.times-standard.com/DG/DEFAULT Name: BCSessionID
Value: 724fe7d1-b241-494a-8eac-e31811936371
medianewsgroup.blueconic.net/DG/DEFAULT Name: BCSessionID
Value: 724fe7d1-b241-494a-8eac-e31811936371
i.liadm.com/s Name: _li_ss
Value: MgUIBhD4EzIFCAoQ-BMyBQgLEPgTMgUIfhD4EzIGCIsBEPgTMgUIeRD4EzIFCAwQ-BMyCQj_____BxD4Ew
checkout.times-standard.com/ Name: connect.sid
Value: s%3ASzX8IDeRSlgoiRiTDjkgtDVFcTPoBsHX.Kw2IJROuqwZUoefSbtEASpoUPSmFlAQmPqvrRtBReek
.times-standard.com/ Name: visid_incap_2811187
Value: pn14QI8nTNW7rbsYE3/mL57vlmMAAAAAQUIPAAAAAAADVtFUOwrTz9Spr5HCCC6m
.times-standard.com/ Name: nlbi_2811187
Value: TVuBcQ8HJx5oYeOSBe4R/gAAAAA/wqIj831uRQAkiv0lv8lI
.times-standard.com/ Name: incap_ses_8077_2811187
Value: U4yGZt35PTgvZgkSSkUXcJ7vlmMAAAAARkrxT/0AI2iy2pwJsSztFQ==
.times-standard.com/ Name: _gid
Value: GA1.2.1060536358.1670836128
.times-standard.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://checkout.times-standard.com/nolandings2?g2i_campaign=MG2&g2i_medium=link&g2i_source=Email&ofrgp_id=1411&utm_campaign=DAQ23&utm_content=HWOCT22EM1&utm_email=#Listrak/Email#&utm_medium=email&utm_source=listrak&utm_term=$13+for+1+year+for+full+digital+access%22%2C%22sref%22:%22%22%2C%22sts%22:1670836128425%2C%22slts%22:0}
.times-standard.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=c14cb6f656fab61e9a8d7ec334cd60f1%22%2C%22session_count%22:1%2C%22last_session_ts%22:1670836128425}
.times-standard.com/ Name: bc_tstgrp
Value: 5
.times-standard.com/ Name: _li_dcdm_c
Value: .times-standard.com
.times-standard.com/ Name: _lc2_fpi
Value: fea05f71dbb6--01gm2sg2pj3a9kftphjgd1jh42
.times-standard.com/ Name: _ga_JNP6TRHKRV
Value: GS1.1.1670836128.1.0.1670836128.0.0.0
.times-standard.com/ Name: _gat_UA-61435456-17
Value: 1
.times-standard.com/ Name: _ml_id
Value: 76ba3b39-7a78-4092-a406-bdc0ae4b1431.1670836129.1.1670836129.1670836129
.times-standard.com/ Name: _ml_ses
Value: *
.times-standard.com/ Name: _matheriSegs
Value: MATHER_U9_INSTANTB_20200203
.times-standard.com/ Name: _matherSegments
Value: MATHER_U9_INSTANTB_20200203
checkout.times-standard.com/ Name: _lr_geo_location
Value: DE
.times-standard.com/ Name: _fbp
Value: fb.1.1670836128653.826655536
checkout.times-standard.com/ Name: ai_user
Value: BEm5P|2022-12-12T09:08:48.668Z
.liadm.com/ Name: lidid
Value: f1a79597-c867-4d19-ae92-f90e6e242718
mng-prod.auth0.com/ Name: did
Value: s%3Av0%3A96d9f7a0-79fc-11ed-a643-b59fbb099f4c.VsgTxzd4QBKeBdueQyjGxuXwcuZB%2BHZRVktQr1vhzdE
.times-standard.com/ Name: anonDeviceId
Value: 1dc125792905c4fd8fcad7b6d5436fb7
checkout.times-standard.com/ Name: AWSALB
Value: 9PtdfH4mT416FKVkf0iilLD/9+tYDJWqD5D1G+MfoDbOXjfVBy2ltz2rb2ISnL0lfZNOIjlm2EOHM+G8vGT2Gm7tig0hUAA9kkNgrUVH2lu3nU7Xe/FTbyLW20Ws
checkout.times-standard.com/ Name: AWSALBCORS
Value: 9PtdfH4mT416FKVkf0iilLD/9+tYDJWqD5D1G+MfoDbOXjfVBy2ltz2rb2ISnL0lfZNOIjlm2EOHM+G8vGT2Gm7tig0hUAA9kkNgrUVH2lu3nU7Xe/FTbyLW20Ws
.times-standard.com/ Name: _ga
Value: GA1.2.1669316596.1670836128
checkout.times-standard.com/ Name: _liChk
Value: 0.523351714805159
checkout.times-standard.com/ Name: BCSessionID
Value: 724fe7d1-b241-494a-8eac-e31811936371
medianewsgroup.blueconic.net/ Name: AWSALBCORS
Value: JxM9D+QukFkuhcF8ViZ4yXraqBUEooVqTwL+w2KHErlmB6xQnFP8EIvtcIFngwa9IN6eANrCuE/vdeNwd9sm9QXIll8o6W9XCHXmiEbSqYuLZOhVm7g8bB7zVghL
.bidswitch.net/ Name: tuuid
Value: dee499f3-f073-4395-b4fd-0700f24ddc79
.bidswitch.net/ Name: c
Value: 1670836129
.bidswitch.net/ Name: tuuid_lu
Value: 1670836129
.mathtag.com/ Name: uuid
Value: 0aa56396-efa1-4800-b924-ceba0cf4045b
io.narrative.io/ Name: io.narrative.guid.v2
Value: 9787eae0-79fc-11ed-a183-06192a72c749
.demdex.net/ Name: demdex
Value: 67743348991945776560629605858265103711
.dpm.demdex.net/ Name: dpm
Value: 67743348991945776560629605858265103711
.addthis.com/ Name: na_id
Value: 2022121209085000070367570164
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 6396efa225953761
.addthis.com/ Name: ouid
Value: 6396efa200010c661085ff419a50ba03880df2f8118ee70d8cdf
z216.times-standard.com/ Name: AWSALB
Value: 93Z9X2PUww7zarVuwKmAygZQ13aOy6pSHyNG91AEQggHoRWpKHVoX8J0RSZeclWeQ/YzDGfOgJXp8D61Y1DzxO7wP5Q4+oOHyHbos9I9BP0gtYPo2F8ycZnX04NR
z216.times-standard.com/ Name: AWSALBCORS
Value: 93Z9X2PUww7zarVuwKmAygZQ13aOy6pSHyNG91AEQggHoRWpKHVoX8J0RSZeclWeQ/YzDGfOgJXp8D61Y1DzxO7wP5Q4+oOHyHbos9I9BP0gtYPo2F8ycZnX04NR
.dlx.addthis.com/ Name: na_sc_x
Value: 1
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&ec7686e2-4cdb-4a77-8207-66809ce59b7e"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzA4MzYxMzA7MjswMjGbvI5O1e/khvViTyTrVCayXVxqBedLvEMgy/3rcs+xTg==
.linkedin.com/ Name: lidc
Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2395:u=1:x=1:i=1670836130:t=1670922530:v=2:sig=AQE0CZvvjIc0uSaq_6dynUP8NO-XlA2A"

1 Console Messages

Source Level URL
Text
network error URL: https://checkout.times-standard.com/offer/getOffers/
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.subconadmin.com https://*.subconadmin.com *.mg2cms.com https://*.mg2cms.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ats.rlcdn.com
az416426.vo.msecnd.net
b-code.liadm.com
cdn.auth0.com
cdn.confiant-integrations.net
cdn.jsdelivr.net
cdn.parsely.com
checkout.times-standard.com
connect.facebook.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
geo.privacymanager.io
i.liadm.com
i6.liadm.com
io.narrative.io
js.matheranalytics.com
loader-cdn.azureedge.net
match.adsrvr.org
medianewsgroup.blueconic.net
mng-prod.auth0.com
p1.parsely.com
polyfill.io
px.ads.linkedin.com
region1.google-analytics.com
rp.liadm.com
rp4.liadm.com
sb.scorecardresearch.com
secure.quantserve.com
sli.times-standard.com
stats.g.doubleclick.net
sync.mathtag.com
trc.taboola.com
ui-static-assets-prod.mng-digisubs-prod.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.i.matheranalytics.com
x.bidswitch.net
x.dlx.addthis.com
z216.times-standard.com
104.76.200.221
107.154.76.234
107.178.250.234
108.138.17.41
108.138.7.44
13.32.105.49
13.32.99.90
143.204.215.111
143.204.89.3
18.66.100.58
185.29.134.248
2001:4860:4802:34::36
2600:1f18:730:b150:8ee:4b1d:d9e7:1410
2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c
2600:9000:223c:2a00:8:8845:1500:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:5914
2606:4700::6810:b9f8
2606:4700::6812:106b
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:22::14
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c09::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::282
2a04:4e42:600::300
3.217.241.65
3.218.4.10
3.33.220.150
35.157.140.187
52.17.99.225
52.4.214.42
54.194.225.3
54.235.69.50
54.75.234.63
95.101.111.158
01bd3848e9b18a2fafbda6e097d5a024332b83bd76f3610017fc640908771500
0609d127885700576d3e495193f8be3c7ec31a98fa1bc5d6f65a2134e5ea4313
09cff25adf02e25fcdaac9140d0cfcf36060315f16e71031056b5570c6551a03
0b2b8579ecbc2c77ef6221208e243537f61fd6b4c5f8ac6def77440551d9ca60
0c66c855006ab2ae4f702be94152ccc855d729ee985a3676d7e046763430e431
0d6f4cdf43fdb9aebe1a80bc4139cf042677c25f7298666358b4c1c255c71259
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10c055e552cd4e8121eded0e5227a20534bfc3484aacecd99b553c069a332f53
155ae9a5b5aad976bcea98140251cf38c9b0fabbd6d14e1e0330e6bc7db652a6
1642a6d6cc97bf5bfe91800158a878baca8bab245235414617091cc1a450afdb
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1
2187fffe3c2bd2e6dbb65dfa2c4007bd7b134ba4efe001a9d8b80f4e6499311b
2ae5aed8aab32ad79a23003eee65fec603ddbeed83b296ba4735ff840e12b005
2b190951381e4b4a828256e7ad0ace4283b531ddb8886edf059ad43f50e7a73a
2ba76ac3b4572521491bb591f63a3e1ae467fe1719760c9e90b9351de1dba5fe
2c19aeab881aea1a7033b72c171ca69d8d42a913c3dc6ebf45f1bda6b29368eb
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
36413a633884c3e5aec1a5567453b21ca8721f35c6dc11bbb49f670da2d7d317
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4d3b64fdd5e3e078208065746c8c69f14f40bdb904006a6cd5d30395a956d7cd
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55dc504b416ccfe3e0651847a7604efe81c4a62fd00bccc8decae5c756be9eca
56bcb9155d456cfe21d3231d5c2f9f17283978d8be3e9df3ff1b660782f52bae
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6122cf9440016e1c82fe44da77e31d8d3438b9a84cf7810d88938b497f1444e5
70212eacf2b641df77cb7f0b97262908d1f8abde30a8b77b1a7cd8ef7031ab7a
737be8d2a2db4d729155190f62d3b1f656cdaec35b42b59eeeda3043246a50cd
745bde356b612b68150773606ace945e6b8a3134798005239fc645f7c092751d
78eb416a3693c2992d54aed8c3c49acb4839892302bdfe5cbb48a4369339471a
79f95850ee3772b67d52ec317d635d639e53586fb33ef91514c6c6d093b06dfa
7c9b372368252f043de386112de451f480711eacade3412a0cebecd8fb0718ad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f47a6eb79a32be385cc041f156b55c7b27684c5378175cd48f77e69d792c28
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87538b4bed933f5366437d7f623ef7ebb1e1458fdd8cc25352c99951e480b43d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d178d6bff5879ce8ff79ebc348abe60f5c63f3f0d91e25dee702258186e6e2d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
abe9ba592cd97e3c51b80224a8f2e7c9856f1b230d5ed991363bad4fb2131439
ac8bf349506385dcaf484022e82be6371c3708b8a01f41000876476674646e76
b09fde7deec44f1506668938733914165faf1ee1731c2c7d86f1d255af321289
b16536ac8f4dc22595142244daba17fd653cbeb18ab213d5e73a07df55f78264
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5d6f82ad3aa8ae774925d9ff42dcff0872a40f9f04f9d860fb901ff4d614b0c
bc02f15e19c77d1da2079910f40f5732edbe068bcee8b867f7a2b9de52d5d070
c5129d2806d078e48f491b47016b9518a12f2504e2d89603ef4422584d23482b
c6d0306eebd470be66a4a4ba2112beca2648b347f4551587ab3816cbfbb87a40
c6f71f7c14de7eacac1793a5bc104bcd5ba99a1b9ac4f7dbda99fc08c14e79c2
ca1f76f3e333116f0ed5ae78dbce5c9c407d50d21530beb81e9cc0db1fa4cfac
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10fd777a5cc232f00251db78eb432d62ea103d91b120eff3db75ce1f6318565
d45d40cc676cc3054088f35bd8b85359694f89cc7999df1de0b52913235426fd
d4dc0c66eadd4b3167ccb395964b88ea5717313ab053efc1618af0064cb7f3fd
d64e243770a7345b699907f77f5e6789584278786ffa215802150dab0ee1d7a6
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73a140c69c1bc697cacc30b095e0adbe7153c61bb8d94b3b550e34601c4b042
ed6978c9e69eebe9726a3f4f90fad28e177a30fd56e6fec89c75a5e906daf6cd
ee99cd2123f1dc69cd202c1828e4984b07933ee18837dbd0c61e5a2f3117a1aa
eea95dca96d7fcc0437ff906477c23f478bd096431c548ffbf23e0515ec0182d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f472bfb2f42dcea57418c88bc810388e019cadf8b2c9045403b26c5ffb7ac573
f52d48827d9878c28727e46bb57301787d454fe211fc76876e751b70ce32b374
fb239fe37b695d099e0bc17ccc8e079934004875f86fe2be6b14a9b1bc52adc2