subs.consumerreportsmagazine.org Open in urlscan Pro
198.176.166.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://l.e.consumerreports.org/rts/go2.aspx?h=208265&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP&x=subs.consumerr...
Effective URL:
https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=3178...
Submission: On June 27 via manual (June 27th 2023, 7:41:43 pm UTC) from US — Scanned from DE

Summary HTTP 38 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 38 HTTP transactions. The main IP is 198.176.166.221, located in United States and belongs to CDS-GLOBAL-01, US. The main domain is subs.consumerreportsmagazine.org.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 27th 2023. Valid for: a year.

This is the only time subs.consumerreportsmagazine.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	63.148.46.72 63.148.46.72	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1 11	198.176.166.221 198.176.166.221	397973 (CDS-GLOBA...) (CDS-GLOBAL-01)
2	52.222.149.93 52.222.149.93	16509 (AMAZON-02) (AMAZON-02)
5	198.176.166.187 198.176.166.187	397973 (CDS-GLOBA...) (CDS-GLOBAL-01)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	63.148.46.76 63.148.46.76	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
2	13.32.145.13 13.32.145.13	16509 (AMAZON-02) (AMAZON-02)
12	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
38	9

1 63.148.46.72 (United States) 1 redirects

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: rts.eccmp.com

l.e.consumerreports.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 198.176.166.221 (United States) 1 redirects

ASN397973 (CDS-GLOBAL-01, US)

subs.consumerreportsmagazine.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.149.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-93.cdg52.r.cloudfront.net

payments.cloud.buysub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.176.166.187 (United States)

ASN397973 (CDS-GLOBAL-01, US)
PTR: w1.buysub.com

w1.buysub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.148.46.76 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: sts.eccmp.com

sts.eccmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.145.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-13.cdg50.r.cloudfront.net

payments-api.cloud.buysub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	consumerreportsmagazine.org 1 redirects subs.consumerreportsmagazine.org	175 KB
10	paypal.com www.paypal.com — Cisco Umbrella Rank: 2380 t.paypal.com — Cisco Umbrella Rank: 3125	40 KB
9	buysub.com payments.cloud.buysub.com w1.buysub.com — Cisco Umbrella Rank: 290463 payments-api.cloud.buysub.com — Cisco Umbrella Rank: 732762	258 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2178	538 KB
2	eccmp.com sts.eccmp.com — Cisco Umbrella Rank: 19928	8 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 433	31 KB
1	consumerreports.org 1 redirects l.e.consumerreports.org	565 B
38	7

	Domain	Requested by
11	subs.consumerreportsmagazine.org	1 redirects subs.consumerreportsmagazine.org
9	www.paypal.com	www.paypalobjects.com
5	w1.buysub.com	subs.consumerreportsmagazine.org w1.buysub.com
3	www.paypalobjects.com	payments.cloud.buysub.com www.paypal.com
2	payments-api.cloud.buysub.com	payments.cloud.buysub.com
2	sts.eccmp.com	subs.consumerreportsmagazine.org sts.eccmp.com
2	payments.cloud.buysub.com	subs.consumerreportsmagazine.org
1	t.paypal.com	subs.consumerreportsmagazine.org
1	ajax.googleapis.com	subs.consumerreportsmagazine.org
1	l.e.consumerreports.org	1 redirects
38	10

This site contains links to these domains. Also see Links.

Domain
www.consumerreports.org

Subject Issuer	Validity	Valid
subs.consumerreportsmagazine.org Sectigo RSA Organization Validation Secure Server CA	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.cloud.buysub.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
*.buysub.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.eccmp.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-24` - `2024-06-09`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
Frame ID: 35ED77AB84DD4DEC55FE2D710B511B14
Requests: 33 HTTP requests in this frame

Frame: https://www.paypal.com/smart/button?env=production&style.label=checkout&style.size=medium&style.shape=rect&style.color=gold&style.tagline=false&style.funding.allowed=paypal.FUNDING.CARD&style.funding.disallowed=paypal.FUNDING.CREDIT&domain=subs.consumerreportsmagazine.org&sessionID=uid_20408bb895_mtk6nde6mzg&buttonSessionID=uid_ebfc694ad8_mtk6nde6mzg&renderedButtons=paypal&storageID=uid_9cd33d8a14_mtk6nde6mzg&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=5fa21ec64c&version=4&xcomponent=1
Frame ID: 7A10EDCFD602F7955D3891D7AF6D637A
Requests: 10 HTTP requests in this frame

Frame: data://truncated
Frame ID: 74D0B8F200A46807F6A272BB8BCE0147
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Holiday Gift Savings Program

Page URL History Show full URLs

http://l.e.consumerreports.org/rts/go2.aspx?h=208265&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1La... HTTP 302
https://subs.consumerreportsmagazine.org/servlet/EmailGateway?cds_fn=ZDNB285DwnHrccPLpE%2FtbSPuM0LyNV7bt8MmndNwo6IKis... HTTP 302
https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=168... Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Dojo (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/dojo/dojo(?:\.xd)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

92 %
HTTPS

11 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

1049 kB
Transfer

4524 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.consumerreports.org/privacy-policy/highlights/index.htm
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.consumerreports.org/cro/about-us/what-we-do/index.htm
Title: About Us

Search URL Search Domain Scan URL

URL: http://www.consumerreports.org/main/redirect/content.jsp?lsid=31781441342059400&vid=1&PATH=/media/content/Custserv/security.html
Title: Security

Search URL Search Domain Scan URL

URL: https://www.consumerreports.org/cro/index.htm
Title: ConsumerReports.org

Search URL Search Domain Scan URL

URL: https://www.consumerreports.org/member-support/
Title: Member Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://l.e.consumerreports.org/rts/go2.aspx?h=208265&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP&x=subs.consumerreportsmagazine.org%2fservlet%2fEmailGateway%3fcds_fn%3dZDNB285DwnHrccPLpE%252FtbSPuM0LyNV7bt8MmndNwo6IKisexcFWCAoqUEx5MZ%252FQyuv0ACkt39%252Bs%253D%7cY%7ci-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP&hp2=976d92724e91e5f3a2a54398522060228d12bfff3f50dee35d6477bb2beb76a8 HTTP 302
https://subs.consumerreportsmagazine.org/servlet/EmailGateway?cds_fn=ZDNB285DwnHrccPLpE%2FtbSPuM0LyNV7bt8MmndNwo6IKisexcFWCAoqUEx5MZ%2FQyuv0ACkt39%2Bs%3D&live_file_ind_Y&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP HTTP 302
https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 2023_OB_DonRen_LP.jsp Show response
subs.consumerreportsmagazine.org/pubs/C8/CNS/
Redirect Chain

http://l.e.consumerreports.org/rts/go2.aspx?h=208265&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP&x=subs.consumerreportsmagazine.org%2fservlet%2fEmailGateway%3fcds_fn%3dZDNB285DwnHrccP...
https://subs.consumerreportsmagazine.org/servlet/EmailGateway?cds_fn=ZDNB285DwnHrccPLpE%2FtbSPuM0LyNV7bt8MmndNwo6IKisexcFWCAoqUEx5MZ%2FQyuv0ACkt39%2Bs%3D&live_file_ind_Y&source=Engage&tp=i-1NGB-By-...
https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-...

50 KB
15 KB

657ms
657ms

Document
text/html

198.176.166.221
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to

Full URL

https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.221 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

Software

Resource Hash

5a5a74fba4af8ddfc95fd6bbd1d4ec2c41140153156b1b928ac14560fe1041d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode = block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Encoding: gzip
Content-Language: en-US
Content-Security-Policy: frame-ancestors 'none' ;
Content-Type: text/html;charset=ISO-8859-1
Date: Tue, 27 Jun 2023 19:41:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=10, max=87
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: DENY
X-XSS-Protection: 1; mode = block
X-content-Type-Options: nosniff

Redirect headers

Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Language: en-US
Content-Length: 0
Content-Security-Policy: frame-ancestors 'none' ;
Date: Tue, 27 Jun 2023 19:41:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=10, max=86
Location: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
Pragma: no-cache
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-content-Type-Options: nosniff

GET
H2 200 cdspaymentswidget-3.3.3.min.js Show response
payments.cloud.buysub.com/static/js/ 397 KB
136 KB 83ms
18ms Script
application/javascript 52.222.149.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.cloud.buysub.com/static/js/cdspaymentswidget-3.3.3.min.js
Requested by: Host: subs.consumerreportsmagazine.org
URL: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-93.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 496f73cca37e8690f1f82a7698fe5e704d99b4c414d2d4f4064172f4ae375bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 01:30:31 GMT
content-encoding: gzip
via: 1.1 0bad7b24b2c9dfacca95c8ce0c8c3706.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 17:58:18 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P1
age: 65464
etag: "feba6093e255c8a3b480904db4cac8c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 138833
x-amz-cf-id: MQyOKpbWR4NaHTK0noUQykYep3TXo8sQUFIoI3tLNHdt8ncFQ1gOhA==

GET
H2 200 cdspaymentswidget-3.3.3.min.css
payments.cloud.buysub.com/static/css/ 228 KB
20 KB 83ms
19ms Stylesheet
text/css 52.222.149.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.cloud.buysub.com/static/css/cdspaymentswidget-3.3.3.min.css
Requested by: Host: subs.consumerreportsmagazine.org
URL: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-93.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c136d7abcbba5630c98356534dba5ccaeaefa879bcdc99cdeff28de93f8515b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 09:04:26 GMT
content-encoding: gzip
via: 1.1 0bad7b24b2c9dfacca95c8ce0c8c3706.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 17:58:19 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P1
age: 38230
etag: "54630a939031864fb824e83a7f547c77"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 19640
x-amz-cf-id: TDJxZws4TgCROaBgcGyM4EJ9dDbFGQbUf-p8mK8yvm_MDMw7Iqbaew==

GET
H/1.1 200
OK SDRGiftCardPreview.js Show response
subs.consumerreportsmagazine.org/pubs/ 4 KB
5 KB 1416ms
1415ms Script
application/javascript 198.176.166.221
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to

Full URL

https://subs.consumerreportsmagazine.org/pubs/SDRGiftCardPreview.js

Requested by

Host: subs.consumerreportsmagazine.org
URL: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.221 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

Software

Resource Hash

6b62e07c1f1fba41489d09cd7dd1b01a371d91a26d226fa219c1d2c5f2734f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:35 GMT
X-content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 00:39:48 GMT
Age: 277
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=93
Content-Length: 4316
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK SDRAddGiftCardPreview.js Show response
subs.consumerreportsmagazine.org/pubs/ 4 KB
5 KB 138ms
137ms Script
application/javascript 198.176.166.221
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to

Full URL

https://subs.consumerreportsmagazine.org/pubs/SDRAddGiftCardPreview.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.221 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

Software

Resource Hash

60df94f277ad7a99a6352e157ba6be091f6a49d2719884d1c796beaf1ef04697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:35 GMT
X-content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 00:39:48 GMT
Age: 277
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=96
Content-Length: 4410
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 2022_main.css
w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/ 25 KB
8 KB 766ms
247ms Stylesheet
text/css 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/2022_main.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

d6b61b3c13fb0163fbc004d10b925f2e5d2c4bc8385aa41190e55f9f98b55281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
X-content-Type-Options: nosniff
Date: Tue, 27 Jun 2023 19:41:36 GMT
Last-Modified: Tue, 26 Apr 2022 13:51:16 GMT
Age: 278
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Language: en-US
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=97
Content-Length: 7847
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 136ms
50ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 07:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 07:58:44 GMT

GET
H/1.1 200
OK emailcarddatepicker.js Show response
subs.consumerreportsmagazine.org/pubs/C8/CNS/images/ 17 KB
18 KB 389ms
250ms Script
application/javascript 198.176.166.221
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to

Full URL

https://subs.consumerreportsmagazine.org/pubs/C8/CNS/images/emailcarddatepicker.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.221 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

Software

Resource Hash

ac89a736f5046e64365990047d40620a3a8399529883efbba0d494d816a4802a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:35 GMT
X-content-Type-Options: nosniff
Last-Modified: Tue, 21 Jul 2020 17:30:16 GMT
Age: 277
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=99
Content-Length: 17660
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.png
subs.consumerreportsmagazine.org/pubs/C8/CNS/images/2021_DonRen/ 12 KB
12 KB 379ms
378ms Image
image/png 198.176.166.221
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subs.consumerreportsmagazine.org/pubs/C8/CNS/images/2021_DonRen/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.221 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

Software

Resource Hash

171f8d99128ad549e6fc3c43663d2562ee74be2a50478d31d2b76487d710d231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:37 GMT
X-content-Type-Options: nosniff
Last-Modified: Thu, 10 Jun 2021 17:00:51 GMT
Age: 279
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 11793
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK logo.png
w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/ 12 KB
12 KB 124ms
124ms Image
image/png 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

171f8d99128ad549e6fc3c43663d2562ee74be2a50478d31d2b76487d710d231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:37 GMT
X-content-Type-Options: nosniff
Last-Modified: Thu, 10 Jun 2021 17:00:51 GMT
Age: 1070
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=96
Content-Length: 11793
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK CNS_Holiday_Fan2023.jpg
w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/ 78 KB
79 KB 251ms
126ms Image
image/jpeg 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/CNS_Holiday_Fan2023.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

2514a14eaddc14d5858de50f51cbeeb87a600432762fb00ebaa4cc423cec6314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:37 GMT
X-content-Type-Options: nosniff
Last-Modified: Wed, 07 Jun 2023 17:38:34 GMT
Age: 3171
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=91
Content-Length: 79960
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK dojo.js Show response
subs.consumerreportsmagazine.org/scripts/dojo-1.3.1/dojo/ 80 KB
80 KB 128ms
127ms Script
application/javascript 198.176.166.221
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to

Full URL

https://subs.consumerreportsmagazine.org/scripts/dojo-1.3.1/dojo/dojo.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.221 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

Software

Resource Hash

83b4ef703d63df695c0a18d76f92a7bae93bc4039a4c4471b55252308ea69029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:36 GMT
X-content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 00:39:48 GMT
Age: 862
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 81498
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK cds_cart_calculator.js Show response
subs.consumerreportsmagazine.org/scripts/ 12 KB
13 KB 129ms
129ms Script
application/javascript 198.176.166.221
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to

Full URL

https://subs.consumerreportsmagazine.org/scripts/cds_cart_calculator.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.221 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

Software

Resource Hash

e530ace83f2e9b552c9717ad954e49d7cac3b24e9c1e5fd2df5be8e3d650c280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:37 GMT
X-content-Type-Options: nosniff
Last-Modified: Fri, 26 May 2023 00:39:48 GMT
Age: 279
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=94
Content-Length: 12525
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK visa-mastercard.png
subs.consumerreportsmagazine.org/pubs/C8/CNS/images/2021_DonRen/ 14 KB
14 KB 373ms
372ms Image
image/png 198.176.166.221
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subs.consumerreportsmagazine.org/pubs/C8/CNS/images/2021_DonRen/visa-mastercard.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.221 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

Software

Resource Hash

d64e2617533ec4594102b9807361d5066e1378503a491f96714aaa382da0118d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:37 GMT
X-content-Type-Options: nosniff
Last-Modified: Wed, 16 Jun 2021 21:12:34 GMT
Age: 279
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=100
Content-Length: 14370
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK amex-card.png
subs.consumerreportsmagazine.org/pubs/C8/CNS/images/2021_DonRen/ 12 KB
12 KB 223ms
128ms Image
image/png 198.176.166.221
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subs.consumerreportsmagazine.org/pubs/C8/CNS/images/2021_DonRen/amex-card.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.221 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

Software

Resource Hash

a407ba056994bb762583e9d9568cde8e1c9c487e628f38c8c529763c5a253652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:37 GMT
X-content-Type-Options: nosniff
Last-Modified: Wed, 16 Jun 2021 21:12:34 GMT
Age: 279
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=95
Content-Length: 11898
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70c311642e33c34c10c7891026aaef253060eb3f68201dc5a195181720a8fc4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET 31FD30_0_0.woff
w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/ 0
0

GET
H/1.1 200
OK lock.gif
w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/ 2 KB
2 KB 274ms
126ms Image
image/gif 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/lock.gif

Requested by

Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/2022_main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

2b8795985be365f012ba028e6a1dbfaffb0396c5aa4329f473d0eb7b03b0ce5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/2022_main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:37 GMT
X-content-Type-Options: nosniff
Last-Modified: Wed, 16 Jun 2021 21:12:34 GMT
Age: 279
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=93
Content-Length: 1861
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK arrow.png
w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/ 393 B
848 B 377ms
125ms Image
image/png 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/arrow.png

Requested by

Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/2022_main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

54062c3140209e0919515167c09c2a71a1d75b7a5dd15b54edc50d7e45599999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/2022_main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Date: Tue, 27 Jun 2023 19:41:37 GMT
X-content-Type-Options: nosniff
Last-Modified: Thu, 10 Jun 2021 17:00:51 GMT
Age: 1625
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Language: en-US
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=93
Content-Length: 393
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK conversen-SDK.js Show response
sts.eccmp.com/sts/scripts/ 15 KB
7 KB 402ms
94ms Script
application/javascript 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Requested by: Host: subs.consumerreportsmagazine.org
URL: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 735ace838c4f02a810a79d750fa248e3f70fa9483a4ede6f8f123bf6a314a4f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 19:41:37 GMT
Content-Encoding: gzip
Last-Modified: Sat, 10 Jun 2023 06:12:50 GMT
Server
Age: 5491
ETag: "01d6a95629bd91:0"
X-Powered-By
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 7051

OPTIONS
H2 200 pwconfig
payments-api.cloud.buysub.com/ Frame 0
0 372ms
269ms Preflight
application/json 13.32.145.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments-api.cloud.buysub.com/pwconfig
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.145.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-145-13.cdg50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-api-key
Access-Control-Request-Method: POST
Origin: https://subs.consumerreportsmagazine.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://subs.consumerreportsmagazine.org
content-length: 1
content-type: application/json
date: Tue, 27 Jun 2023 19:41:37 GMT
via: 1.1 28f110beed532776cb7e7d4f319b2230.cloudfront.net (CloudFront)
x-amz-apigw-id: HMY5zHXLIAMFqkg=
x-amz-cf-id: RMvoxayNPta17I52cwMz2NMKJTQ3fihSFI6GSrtK9zE_wVjS_UlWFw==
x-amz-cf-pop: CDG50-C2
x-amzn-requestid: 0ee32b11-ed42-46a8-acf4-14df7c38308d
x-cache: Miss from cloudfront

POST
H/1.1 200
OK GeminiAjaxToolkit Show response
subs.consumerreportsmagazine.org/servlet/ 27 B
796 B 428ms
314ms XHR
application/json 198.176.166.221
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to

Full URL

https://subs.consumerreportsmagazine.org/servlet/GeminiAjaxToolkit

Requested by

Host: subs.consumerreportsmagazine.org
URL: https://subs.consumerreportsmagazine.org/scripts/dojo-1.3.1/dojo/dojo.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.221 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

Software

Resource Hash

e33daf1db095171a214cc2a04bf0dc1ff959117000eadc71f64a171e9b7ce869

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 27 Jun 2023 19:41:37 GMT
Content-Security-Policy: frame-ancestors 'none' ;
X-content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-Frame-Options: DENY
Transfer-Encoding: chunked
Content-Type: application/json
Content-Language: en-US
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Keep-Alive: timeout=10, max=90
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 pwconfig Show response
payments-api.cloud.buysub.com/ 738 B
1 KB 372ms
372ms XHR
application/json 13.32.145.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments-api.cloud.buysub.com/pwconfig

Requested by

Host: payments.cloud.buysub.com
URL: https://payments.cloud.buysub.com/static/js/cdspaymentswidget-3.3.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.145.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-145-13.cdg50.r.cloudfront.net

Software

Resource Hash

9067c48665072f120f09e9656e13f9f5c914b82fc03b074d6dc4cd78ee413bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://subs.consumerreportsmagazine.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-Api-Key: BqrybIofE34HlwAj1JsRJ5zKdMVp7NSK44ReAhJU
Content-Type: application/json

Response headers

date: Tue, 27 Jun 2023 19:41:38 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 28f110beed532776cb7e7d4f319b2230.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-C2
x-amzn-requestid: 4d81cc00-8ca0-4934-9548-4784c73851c1
x-amzn-trace-id: Root=1-649b3b71-1dc704cc5df8f86257701546;Sampled=0;lineage=8f4e5278:0
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: must-revalidate
x-amz-apigw-id: HMY52HnXoAMF7VA=
content-length: 738
x-amz-cf-id: ckovel4WOjmQwauVCgFHPWWJsdmbOqP8GWmKFS31HdFKGGGsacS6Kg==

GET
H/1.1 200
OK 742 Show response
sts.eccmp.com/wts/WebEvent/GetCookieExpiry/ 35 B
426 B 378ms
97ms XHR
text/xml 63.148.46.76
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://sts.eccmp.com/wts/WebEvent/GetCookieExpiry/742
Requested by: Host: sts.eccmp.com
URL: https://sts.eccmp.com/sts/scripts/conversen-SDK.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.76 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: sts.eccmp.com
Software: /
Resource Hash: 61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 19:41:37 GMT
X-AspNetMvc-Version: 3.0
Server
X-Powered-By
Vary: Accept-Encoding
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 35

GET 31FD30_0_0.ttf
w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/ 0
0

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ 1 MB
230 KB 297ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: payments.cloud.buysub.com
URL: https://payments.cloud.buysub.com/static/js/cdspaymentswidget-3.3.3.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D06) /

Resource Hash

3802b7c6e393f1eda09bdabeecc73640dcf633c7c1dc9136d182052e18e158bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e908ca6ac98e5
dc: ccg11-origin-www-1.paypal.com
content-length: 235351
last-modified: Wed, 24 May 2023 16:43:28 GMT
server: ECAcc (frc/4D06)
traceparent: 00-0000000000000000000e908ca6ac98e5-afb7380ea1cd3d43-01
etag: "646e3eb0-16d204+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 28 Jun 2023 19:41:38 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 945d125f07512551c6ca0e595446c11674609c6a0038aa0c440ad068613d4954

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b88ee3c3a61c0520d0fe5565394b0bbabfbf6e9db56f4edc1ca638d8553e2441

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e3f46a6a71ee82321d90f96fd2c2f9abeaa6e3b17ee48f2d2ca84eceaaff0e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88e88b8f4c7d697cf7b0dd24357d71e1761e22cf34062b1b874ce25dfe7ca4f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
13 KB 30ms
15ms Script
application/x-javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=subs.consumerreportsmagazine.org&source=checkoutjs&t=xo&v=4.0.338

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CFD) /

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-4mdh3f6sqkUN6GKHKVa9R0C8e0tEaoGEjosWARGF5QhBpw3m' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-4mdh3f6sqkUN6GKHKVa9R0C8e0tEaoGEjosWARGF5QhBpw3m' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
date: Tue, 27 Jun 2023 19:41:38 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9792
x-cache: HIT
paypal-debug-id: 0724274974362
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 12084
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Jun 2023 05:59:35 GMT
accept-ch: Sec-CH-UA-Full
server: ECAcc (frc/4CFD)
traceparent: 00-00000000000000000000724274974362-67346ccaef4a1761-01
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 button Show response
www.paypal.com/smart/ Frame 7A10 64 KB
15 KB 301ms
301ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/button?env=production&style.label=checkout&style.size=medium&style.shape=rect&style.color=gold&style.tagline=false&style.funding.allowed=paypal.FUNDING.CARD&style.funding.disallowed=paypal.FUNDING.CREDIT&domain=subs.consumerreportsmagazine.org&sessionID=uid_20408bb895_mtk6nde6mzg&buttonSessionID=uid_ebfc694ad8_mtk6nde6mzg&renderedButtons=paypal&storageID=uid_9cd33d8a14_mtk6nde6mzg&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=5fa21ec64c&version=4&xcomponent=1

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD5) /

Resource Hash

6ba7876bd9f750e3d47725923783685982b8d0bcd7f4a067b5c7764e592c76d8

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subs.consumerreportsmagazine.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Tue, 27 Jun 2023 19:41:38 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: 0695146b13621
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server: ECAcc (frc/4CD5)
server-timing: traceparent;desc="00-00000000000000000000695146b13621-784813a951c72391-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000695146b13621-789dda5c991fa529-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 74D0 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 74D0 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1004 B
2 KB 308ms
306ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C88) /

Resource Hash

f5a357654427070ddae78c28adf2b5a72154d808cbc02ebe33b7913360a5e35f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-app-name: checkoutjs
Referer: https://subs.consumerreportsmagazine.org/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 27 Jun 2023 19:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 0841201666434
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 607
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4C88)
traceparent: 00-00000000000000000000841201666434-55e209fddd6cd151-01
etag: W/"3ec-kdgviOLa78losntWtUatuY+83qY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subs.consumerreportsmagazine.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
x-ec-security-audit: 403
timing-allow-origin: *

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 257ms
230ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C88) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-app-name,x-requested-with
Access-Control-Request-Method: POST
Origin: https://subs.consumerreportsmagazine.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-app-name,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://subs.consumerreportsmagazine.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 27 Jun 2023 19:41:38 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: 04b235963b322
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server: ECAcc (frc/4C88)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000004b235963b322-7c3ae84f9f564844-01
x-content-type-options: nosniff

GET
H2 200 ts
t.paypal.com/ 42 B
791 B 231ms
183ms Image
image/gif 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Holiday%20Gift%20Savings%20Program&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1687894898629&g=0&completeurl=https%3A%2F%2Fsubs.consumerreportsmagazine.org%2Fpubs%2FC8%2FCNS%2F2023_OB_DonRen_LP.jsp%3Fcds_page_id%3D266604%26cds_mag_code%3DCNS%26id%3D1687894894768%26lsid%3D31781441342059400%26vid%3D1%26source%3DEngage%26tp%3Di-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subs.consumerreportsmagazine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 27 Jun 2023 19:41:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 4fa2edd66233f
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230116-FRA
pragma: no-cache
correlation-id: 4fa2edd66233f
traceparent: 00-00000000000000000004fa2edd66233f-d6917b930d1aa93e-01
x-timer: S1687894899.684256,VS0,VE170
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 19:41:38 GMT

GET 31FD30_0_0.woff2
w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/ 0
0

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ Frame 7A10 1 MB
230 KB 9ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&style.label=checkout&style.size=medium&style.shape=rect&style.color=gold&style.tagline=false&style.funding.allowed=paypal.FUNDING.CARD&style.funding.disallowed=paypal.FUNDING.CREDIT&domain=subs.consumerreportsmagazine.org&sessionID=uid_20408bb895_mtk6nde6mzg&buttonSessionID=uid_ebfc694ad8_mtk6nde6mzg&renderedButtons=paypal&storageID=uid_9cd33d8a14_mtk6nde6mzg&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=5fa21ec64c&version=4&xcomponent=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D06) /

Resource Hash

3802b7c6e393f1eda09bdabeecc73640dcf633c7c1dc9136d182052e18e158bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: e908ca6ac98e5
dc: ccg11-origin-www-1.paypal.com
content-length: 235351
last-modified: Wed, 24 May 2023 16:43:28 GMT
server: ECAcc (frc/4D06)
traceparent: 00-0000000000000000000e908ca6ac98e5-afb7380ea1cd3d43-01
etag: "646e3eb0-16d204+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers: x-csrf-token
expires: Wed, 28 Jun 2023 19:41:38 GMT

GET
H2 200 button.js Show response
www.paypalobjects.com/api/xo/ Frame 7A10 446 KB
77 KB 45ms
44ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/xo/button.js?date=2023-5-27

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

d423b2b316d239308fcb45a1cbf9e68b6436767c2c4f6b4f2fbeb8190fb79f0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 19:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 83c43bdb21e4c
dc: ccg11-origin-www-1.paypal.com
content-length: 78632
last-modified: Tue, 28 Mar 2023 15:15:01 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-000000000000000000083c43bdb21e4c-061d40acfbcbac07-01
etag: "64230475-6f8fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Wed, 28 Jun 2023 19:41:38 GMT

GET
DATA 200
OK truncated
/ Frame 7A10 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7A10 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 graphql Show response
www.paypal.com/ Frame 7A10 2 KB
3 KB 271ms
270ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/graphql?GetNativeEligibility

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2023-5-27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF8) /

Resource Hash

55bc10de64171a4087a5caf3a7ea7048c27adc4744d323cb0a88622fc3b514a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-TPhOE2XRdSPBC3jQGwwUjwSBpiu5IPyBJV5B6dmDNkfc5Vzh' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; base-uri 'self' https://.paypal.com; form-action 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

x-app-name: smart-payment-buttons
accept: application/json
Referer: https://www.paypal.com/smart/button?env=production&style.label=checkout&style.size=medium&style.shape=rect&style.color=gold&style.tagline=false&style.funding.allowed=paypal.FUNDING.CARD&style.funding.disallowed=paypal.FUNDING.CREDIT&domain=subs.consumerreportsmagazine.org&sessionID=uid_20408bb895_mtk6nde6mzg&buttonSessionID=uid_ebfc694ad8_mtk6nde6mzg&renderedButtons=paypal&storageID=uid_9cd33d8a14_mtk6nde6mzg&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=5fa21ec64c&version=4&xcomponent=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-TPhOE2XRdSPBC3jQGwwUjwSBpiu5IPyBJV5B6dmDNkfc5Vzh' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 19:41:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 000a389077343
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CF8)
traceparent: 00-0000000000000000000000a389077343-16d427b6ba27b2bc-01
etag: W/"66a-jbpMQIGvorgn5LVstodPmI3Wll8"
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 7A10 1019 B
2 KB 230ms
229ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB3) /

Resource Hash

4604d40142db7fdafea7a0572296b13b4502eb1cf08e41cc26cd8ddc3e9c63d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-app-name: checkoutjs
Referer: https://www.paypal.com/smart/button?env=production&style.label=checkout&style.size=medium&style.shape=rect&style.color=gold&style.tagline=false&style.funding.allowed=paypal.FUNDING.CARD&style.funding.disallowed=paypal.FUNDING.CREDIT&domain=subs.consumerreportsmagazine.org&sessionID=uid_20408bb895_mtk6nde6mzg&buttonSessionID=uid_ebfc694ad8_mtk6nde6mzg&renderedButtons=paypal&storageID=uid_9cd33d8a14_mtk6nde6mzg&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=5fa21ec64c&version=4&xcomponent=1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 27 Jun 2023 19:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 09b38ab338706
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 620
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CB3)
traceparent: 00-000000000000000000009b38ab338706-353f625adeaf3108-01
etag: W/"3fb-DcNcUN9kwUabDw/08bonaXxnJtQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

GET
H2 200 funding Show response
www.paypal.com/smart/api/button/ Frame 7A10 567 B
2 KB 243ms
243ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/api/button/funding?buttonLabel=checkout&buttonSessionID=uid_ebfc694ad8_mtk6nde6mzg&country=US&disallowed=venmo&domain=subs.consumerreportsmagazine.org&lang=en&renderedButtons=paypal

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2023-5-27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C9E) /

Resource Hash

7281065b83f285e4af75456eec15e7137b79ddb9a10390df00117d873c710b30

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
x-requested-by: smart-payment-buttons
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
x-csrf-jwt: __blank__
Accept: application/json
Referer: https://www.paypal.com/smart/button?env=production&style.label=checkout&style.size=medium&style.shape=rect&style.color=gold&style.tagline=false&style.funding.allowed=paypal.FUNDING.CARD&style.funding.disallowed=paypal.FUNDING.CREDIT&domain=subs.consumerreportsmagazine.org&sessionID=uid_20408bb895_mtk6nde6mzg&buttonSessionID=uid_ebfc694ad8_mtk6nde6mzg&renderedButtons=paypal&storageID=uid_9cd33d8a14_mtk6nde6mzg&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=5fa21ec64c&version=4&xcomponent=1
X-Requested-With: XMLHttpRequest
x-cookies: {}

Response headers

content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 19:41:39 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: true
paypal-debug-id: 0516481237063
server-timing: traceparent;desc="00-00000000000000000000516481237063-3cd27e89a83fd44e-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 467
x-xss-protection: 1; mode=block
pragma: no-cache
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4C9E)
traceparent: 00-00000000000000000000516481237063-527af6c93830ac61-01
etag: W/"237-chZuJOQnxL7MSzYc77qYdkqXM8g"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-csrf-jwt: __blank__
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 7A10 1019 B
2 KB 235ms
235ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB3) /

Resource Hash

9fdb50ce889dd271b47cdbbe7dde93a2564e2fee8ebe6ddfae091babda49e1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-app-name: checkoutjs
Referer: https://www.paypal.com/smart/button?env=production&style.label=checkout&style.size=medium&style.shape=rect&style.color=gold&style.tagline=false&style.funding.allowed=paypal.FUNDING.CARD&style.funding.disallowed=paypal.FUNDING.CREDIT&domain=subs.consumerreportsmagazine.org&sessionID=uid_20408bb895_mtk6nde6mzg&buttonSessionID=uid_ebfc694ad8_mtk6nde6mzg&renderedButtons=paypal&storageID=uid_9cd33d8a14_mtk6nde6mzg&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=5fa21ec64c&version=4&xcomponent=1
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 27 Jun 2023 19:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 03505269102b8
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 622
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CB3)
traceparent: 00-000000000000000000003505269102b8-5fb69e39bd5c85cf-01
etag: W/"3fb-2VcN1z/Kh2J8UPSaeCc8OiXeCt0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 7A10 1 KB
2 KB 240ms
239ms Ping
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2023-5-27

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB3) /

Resource Hash

1acd545a8dc3019ec0e28926e73372ea479a3957dcb56fa719df4b8ceffc91e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/button?env=production&style.label=checkout&style.size=medium&style.shape=rect&style.color=gold&style.tagline=false&style.funding.allowed=paypal.FUNDING.CARD&style.funding.disallowed=paypal.FUNDING.CREDIT&domain=subs.consumerreportsmagazine.org&sessionID=uid_20408bb895_mtk6nde6mzg&buttonSessionID=uid_ebfc694ad8_mtk6nde6mzg&renderedButtons=paypal&storageID=uid_9cd33d8a14_mtk6nde6mzg&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=5fa21ec64c&version=4&xcomponent=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Jun 2023 19:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 078541a661953
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 618
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CB3)
traceparent: 00-0000000000000000000078541a661953-09c8c2d241a55d03-01
etag: W/"400-bTJVEQoBg/POmU9eLmp+UUAmLl0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: w1.buysub.com
URL: https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/31FD30_0_0.woff

Domain: w1.buysub.com
URL: https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/31FD30_0_0.ttf

Domain: w1.buysub.com
URL: https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/31FD30_0_0.woff2

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
l.e.consumerreports.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fbnduj1pcoomjhcl4mq1o1pl
subs.consumerreportsmagazine.org/	1969-12-31 23:59:59	Name: JSESSIONID Value: 0000B2rn-5DlPafxTdy4upZUtcT:1dgnqdj59
.subs.consumerreportsmagazine.org/	1969-12-31 23:59:59	Name: TS018e05fc Value: 01c449994b7fc030affa136164ad7cd76ffda31685f5fd708467cf6f577355f15f2d3b60ad001b42fda2cccb9493a8dde5989afb4f81574b288103c536ce9b58b6988e5b9dd284409839ae79e1f7948acc60d5f1f8
.consumerreportsmagazine.org/	1970-01-20 13:01:39	Name: xyz_cr_742_et_100 Value: tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP&cr=742&wegc=&et=100&ap=
.paypal.com/	1970-01-20 12:51:36	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-20 22:27:34	Name: ts_c Value: vr%3Dfe6037ec1880a1d60a302cfcfd9d138a%26vt%3Dfe6037ec1880a1d60a302cfcfd9d1389
.paypal.com/	1970-01-20 21:37:10	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 12:52:06	Name: LANG Value: de_DE%3BDE
.paypal.com/	1970-01-20 22:27:34	Name: ts Value: vreXpYrS%3D1782589299%26vteXpYrS%3D1687896699%26vr%3Dfe6037ec1880a1d60a302cfcfd9d138a%26vt%3Dfe6037ec1880a1d60a302cfcfd9d1389%26vtyp%3Dnew
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3ADds_wpqcyb_7WORQNu7xhc44chfVXEaE.KYq1NDl5iienzp4QSb0nyeJUFJ33Pwv%2BSYNDkyzQito
.paypal.com/	1970-01-20 12:55:54	Name: tsrce Value: loggernodeweb
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4Nzg5NDg5OTI1NSIsImwiOiIwIiwibSI6IjAifQ

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP Message: Access to font at 'https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/31FD30_0_0.woff' from origin 'https://subs.consumerreportsmagazine.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/31FD30_0_0.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP Message: Access to font at 'https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/31FD30_0_0.ttf' from origin 'https://subs.consumerreportsmagazine.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/31FD30_0_0.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://subs.consumerreportsmagazine.org/pubs/C8/CNS/2023_OB_DonRen_LP.jsp?cds_page_id=266604&cds_mag_code=CNS&id=1687894894768&lsid=31781441342059400&vid=1&source=Engage&tp=i-1NGB-By-BxT-3ZC5x-1r-bRfZ-1c-3YxQB-l97Yya8cqu-1LaMUP Message: Access to font at 'https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/31FD30_0_0.woff2' from origin 'https://subs.consumerreportsmagazine.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://w1.buysub.com/pubs/C8/CNS/images/2021_DonRen/31FD30_0_0.woff2 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode = block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
l.e.consumerreports.org
payments-api.cloud.buysub.com
payments.cloud.buysub.com
sts.eccmp.com
subs.consumerreportsmagazine.org
t.paypal.com
w1.buysub.com
www.paypal.com
www.paypalobjects.com
w1.buysub.com
13.32.145.13
151.101.1.35
192.229.221.25
198.176.166.187
198.176.166.221
2a00:1450:4001:82a::200a
52.222.149.93
63.148.46.72
63.148.46.76
171f8d99128ad549e6fc3c43663d2562ee74be2a50478d31d2b76487d710d231
1acd545a8dc3019ec0e28926e73372ea479a3957dcb56fa719df4b8ceffc91e4
2514a14eaddc14d5858de50f51cbeeb87a600432762fb00ebaa4cc423cec6314
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2b8795985be365f012ba028e6a1dbfaffb0396c5aa4329f473d0eb7b03b0ce5c
3802b7c6e393f1eda09bdabeecc73640dcf633c7c1dc9136d182052e18e158bd
4604d40142db7fdafea7a0572296b13b4502eb1cf08e41cc26cd8ddc3e9c63d4
496f73cca37e8690f1f82a7698fe5e704d99b4c414d2d4f4064172f4ae375bfa
54062c3140209e0919515167c09c2a71a1d75b7a5dd15b54edc50d7e45599999
55bc10de64171a4087a5caf3a7ea7048c27adc4744d323cb0a88622fc3b514a3
5a5a74fba4af8ddfc95fd6bbd1d4ec2c41140153156b1b928ac14560fe1041d1
60df94f277ad7a99a6352e157ba6be091f6a49d2719884d1c796beaf1ef04697
61339a21fa71d17d0dfebceba08dc76ce605e73f65a88438397483478d953aae
6b62e07c1f1fba41489d09cd7dd1b01a371d91a26d226fa219c1d2c5f2734f24
6ba7876bd9f750e3d47725923783685982b8d0bcd7f4a067b5c7764e592c76d8
6c136d7abcbba5630c98356534dba5ccaeaefa879bcdc99cdeff28de93f8515b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70c311642e33c34c10c7891026aaef253060eb3f68201dc5a195181720a8fc4c
7281065b83f285e4af75456eec15e7137b79ddb9a10390df00117d873c710b30
735ace838c4f02a810a79d750fa248e3f70fa9483a4ede6f8f123bf6a314a4f3
83b4ef703d63df695c0a18d76f92a7bae93bc4039a4c4471b55252308ea69029
88e88b8f4c7d697cf7b0dd24357d71e1761e22cf34062b1b874ce25dfe7ca4f0
8e3f46a6a71ee82321d90f96fd2c2f9abeaa6e3b17ee48f2d2ca84eceaaff0e8
9067c48665072f120f09e9656e13f9f5c914b82fc03b074d6dc4cd78ee413bee
945d125f07512551c6ca0e595446c11674609c6a0038aa0c440ad068613d4954
9fdb50ce889dd271b47cdbbe7dde93a2564e2fee8ebe6ddfae091babda49e1a7
a407ba056994bb762583e9d9568cde8e1c9c487e628f38c8c529763c5a253652
ac89a736f5046e64365990047d40620a3a8399529883efbba0d494d816a4802a
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3
b88ee3c3a61c0520d0fe5565394b0bbabfbf6e9db56f4edc1ca638d8553e2441
d423b2b316d239308fcb45a1cbf9e68b6436767c2c4f6b4f2fbeb8190fb79f0a
d64e2617533ec4594102b9807361d5066e1378503a491f96714aaa382da0118d
d6b61b3c13fb0163fbc004d10b925f2e5d2c4bc8385aa41190e55f9f98b55281
e33daf1db095171a214cc2a04bf0dc1ff959117000eadc71f64a171e9b7ce869
e530ace83f2e9b552c9717ad954e49d7cac3b24e9c1e5fd2df5be8e3d650c280
f5a357654427070ddae78c28adf2b5a72154d808cbc02ebe33b7913360a5e35f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

subs.consumerreportsmagazine.org Open in urlscan Pro 198.176.166.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

38 Requests

92 %HTTPS

11 %IPv6

7 Domains

10 Subdomains

9 IPs

2 Countries

1049 kBTransfer

4524 kBSize

12 Cookies

5 Outgoing links

Page URL History

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

subs.consumerreportsmagazine.org Open in urlscan Pro
198.176.166.221 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

92 %
HTTPS

11 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

1049 kB
Transfer

4524 kB
Size

12
Cookies

38 HTTP transactions
9 data transactions