buy2get-24.com Open in urlscan Pro
2606:4700:3031::6815:308d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com/merritzhtm.html
Effective URL:
https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type...
Submission: On April 15 via manual (April 15th 2024, 11:21:10 am UTC) from DE — Scanned from DE

Summary HTTP 59 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 59 HTTP transactions. The main IP is 2606:4700:3031::6815:308d, located in United States and belongs to CLOUDFLARENET, US. The main domain is buy2get-24.com.
TLS certificate: Issued by GTS CA 1P5 on March 3rd 2024. Valid for: 3 months.

This is the only time buy2get-24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.231.168.209 54.231.168.209	16509 (AMAZON-02) (AMAZON-02)
2 2	34.78.223.0 34.78.223.0	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	18.193.209.105 18.193.209.105	16509 (AMAZON-02) (AMAZON-02)
40	2606:4700:303... 2606:4700:3031::6815:308d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:303... 2606:4700:3033::6815:3390	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3036::ac43:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:13b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
59	11

1 54.231.168.209 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.78.223.0 (Brussels, Belgium) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 0.223.78.34.bc.googleusercontent.com

easline-pro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.193.209.105 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-209-105.eu-central-1.compute.amazonaws.com

eu-region.superfast-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2606:4700:3031::6815:308d (United States)

ASN13335 (CLOUDFLARENET, US)

buy2get-24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:3390 (United States)

ASN13335 (CLOUDFLARENET, US)

weatherwidget.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

api.buy2get-24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:13b7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.by.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

measurements-api.wonderpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	buy2get-24.com buy2get-24.com api.buy2get-24.com	2 MB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 462 p.typekit.net — Cisco Umbrella Rank: 566	502 KB
4	wonderpush.com cdn.by.wonderpush.com — Cisco Umbrella Rank: 41871 measurements-api.wonderpush.com — Cisco Umbrella Rank: 32995	93 KB
2	weatherwidget.io weatherwidget.io — Cisco Umbrella Rank: 27961	1 KB
2	superfast-cdn.com 2 redirects eu-region.superfast-cdn.com	1 KB
2	easline-pro.com 2 redirects easline-pro.com	1 KB
1	gstatic.com fonts.gstatic.com	23 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	amazonaws.com e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com	609 B
59	9

	Domain	Requested by
40	buy2get-24.com	e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com buy2get-24.com
7	use.typekit.net	buy2get-24.com use.typekit.net
3	cdn.by.wonderpush.com	buy2get-24.com cdn.by.wonderpush.com
2	api.buy2get-24.com	buy2get-24.com
2	weatherwidget.io	buy2get-24.com weatherwidget.io
2	eu-region.superfast-cdn.com	2 redirects
2	easline-pro.com	2 redirects
1	measurements-api.wonderpush.com	buy2get-24.com
1	fonts.gstatic.com	fonts.googleapis.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	buy2get-24.com
1	e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com
59	12

This site contains links to these domains. Also see Links.

Domain
forecast7.com
www.ncbi.nlm.nih.gov
pubmed.ncbi.nlm.nih.gov
www.mdpi.com
journals.sagepub.com
www.aad.org
www.wonderpush.com

Subject Issuer	Validity	Valid
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
buy2get-24.com GTS CA 1P5	`2024-03-03` - `2024-06-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
weatherwidget.io E1	`2024-03-31` - `2024-06-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
wonderpush.com GTS CA 1P5	`2024-03-29` - `2024-06-24`	3 months	crt.sh
measurements-api.wonderpush.com GTS CA 1D4	`2024-03-25` - `2024-06-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Frame ID: D8C8ECFDDDC7AB50F6CE2130E887A695
Requests: 59 HTTP requests in this frame

Frame: https://weatherwidget.io/w/
Frame ID: A6DF92EBB40D71B4468D72805172D444
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DERMATOLOGISCHE INFORMATIONEN

Page URL History Show full URLs

https://e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com/merritzhtm.html Page URL
https://easline-pro.com/?a=4321&oc=19065&c=51554&m=3&s1=40&s2=40&s3=oth-all-cmb-ho&s4=htmundefined HTTP 302
https://easline-pro.com/?a=4321&oc=19065&c=51554&m=3&s1=40&s2=40&s3=oth-all-cmb-ho&s4=htmundefined&c... HTTP 302
https://eu-region.superfast-cdn.com/cb6c98e7-7b95-4dff-a67f-86d5c022a136?affiliate_id=4321&externalid=362252485 HTTP 307
https://eu-region.superfast-cdn.com/cb6c98e7-7b95-4dff-a67f-86d5c022a136/2?affiliate_id=4321&externalid=362252485 HTTP 302
https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_ch... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

59
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

2376 kB
Transfer

3292 kB
Size

6
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://forecast7.com/en/52d5213d40/berlin/
Title: BERLIN WEATHER

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7168306/
Title: New Herbal Biomedicines for the Topical Treatment of Dermatological Disorders

Search URL Search Domain Scan URL

URL: https://pubmed.ncbi.nlm.nih.gov/15140856/
Title: Antifungal effects of Melaleuca alternifolia (tea tree) oil and its components on Candida albicans, Candida glabrata and Saccharomyces cerevisiae

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4334616/
Title: The Influence of Tea Tree Oil (Melaleuca alternifolia) on Fluconazole Activity against Fluconazole-Resistant Candida albicans Strains

Search URL Search Domain Scan URL

URL: https://www.mdpi.com/2223-7747/11/18/2357
Title: Biological Activity of Bark Extracts from Northern Red Oak (Quercus rubra L.): An Antioxidant, Antimicrobial and Enzymatic Inhibitory Evaluation

Search URL Search Domain Scan URL

URL: https://journals.sagepub.com/doi/10.1177/1091581818776013
Title: Safety Assessment of Hydrolyzed Wheat Protein and Hydrolyzed Wheat Gluten as Used in Cosmetics

Search URL Search Domain Scan URL

URL: https://pubmed.ncbi.nlm.nih.gov/16205932/
Title: Effect of oral intake of choline-stabilized orthosilicic acid on skin, nails and hair in women with photodamaged skin

Search URL Search Domain Scan URL

URL: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4938278/
Title: Use of silicon for skin and hair care: an approach of chemical forms available and efficacy

Search URL Search Domain Scan URL

URL: https://pubmed.ncbi.nlm.nih.gov/29057689/
Title: Biotin for the treatment of nail disease: what is the evidence?

Search URL Search Domain Scan URL

URL: https://pubmed.ncbi.nlm.nih.gov/8477615/
Title: Brittle nails: response to daily biotin supplementation

Search URL Search Domain Scan URL

URL: https://www.aad.org/dw/dw-insights-and-inquiries/archive/2021/biotin-supplementation-hair-nails
Title: BIOTIN SUPPLEMENTATION FOR HAIR AND NAIL HEALTH: DOES IT PASS THE TEST?

Search URL Search Domain Scan URL

URL: https://www.mdpi.com/1999-4923/14/10/2204
Title: Antifungal Nail Lacquer for Enhanced Transungual Delivery of Econazole Nitrate

Search URL Search Domain Scan URL

URL: https://pubmed.ncbi.nlm.nih.gov/16149717/
Title: In vitro antimycotic activity and nail permeation models of a piroctone olamine (octopirox) containing transungual water soluble technology

Search URL Search Domain Scan URL

URL: https://pubmed.ncbi.nlm.nih.gov/28906086/
Title: New formulation for topical treatment of onychomycoses

Search URL Search Domain Scan URL

URL: https://www.wonderpush.com/
Title: WonderPush

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com/merritzhtm.html Page URL
https://easline-pro.com/?a=4321&oc=19065&c=51554&m=3&s1=40&s2=40&s3=oth-all-cmb-ho&s4=htmundefined HTTP 302
https://easline-pro.com/?a=4321&oc=19065&c=51554&m=3&s1=40&s2=40&s3=oth-all-cmb-ho&s4=htmundefined&ch-redir=1&ckmxid=coegr7hc0001032b2j00 HTTP 302
https://eu-region.superfast-cdn.com/cb6c98e7-7b95-4dff-a67f-86d5c022a136?affiliate_id=4321&externalid=362252485 HTTP 307
https://eu-region.superfast-cdn.com/cb6c98e7-7b95-4dff-a67f-86d5c022a136/2?affiliate_id=4321&externalid=362252485 HTTP 302
https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK merritzhtm.html
e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com/ 215 B
609 B 716ms
127ms Document
text/html 54.231.168.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com/merritzhtm.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.231.168.209 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
Content-Length: 215
Content-Type: text/html
Date: Mon, 15 Apr 2024 11:21:03 GMT
ETag: "92200e9dbbcdc8398b71948344f71845"
Last-Modified: Sat, 13 Apr 2024 00:08:33 GMT
Server: AmazonS3
x-amz-id-2: kWQnL6yHNzsXAyVv6MdOoBI6AQ8h8TEMGahj0HYkartHS5d6Y4SnjttpMKHg2Z7ttwboMFVdVjg=
x-amz-request-id: TYC1RQBNBK127943
x-amz-server-side-encryption: AES256

GET
H3

200

Primary Request news Show response
buy2get-24.com/de-drmerritz-yum-ar/
Redirect Chain

https://easline-pro.com/?a=4321&oc=19065&c=51554&m=3&s1=40&s2=40&s3=oth-all-cmb-ho&s4=htmundefined
https://easline-pro.com/?a=4321&oc=19065&c=51554&m=3&s1=40&s2=40&s3=oth-all-cmb-ho&s4=htmundefined&ch-redir=1&ckmxid=coegr7hc0001032b2j00
https://eu-region.superfast-cdn.com/cb6c98e7-7b95-4dff-a67f-86d5c022a136?affiliate_id=4321&externalid=362252485
https://eu-region.superfast-cdn.com/cb6c98e7-7b95-4dff-a67f-86d5c022a136/2?affiliate_id=4321&externalid=362252485
https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-...

48 KB
12 KB

123ms
72ms

Document
text/html

2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=

Requested by

Host: e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com
URL: https://e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com/merritzhtm.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b20e1686e8b63473a284301f7956bf827722b869ea0b41c37da40ef849131a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com/merritzhtm.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 874b8cc44f363653-FRA
content-encoding: br
content-type: text/html
date: Mon, 15 Apr 2024 11:21:03 GMT
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbzGizMZmVRzcjVDYH%2BKqnVeujTuA5psOWGR8DiiZye%2BJOSk6j95C7%2FA3zSEsgZqAfdYtoReFokW9K7Y3TmUkhQthY%2FricHIo1v0TdwxkR6XSlqJCH4HI4pvgtITyNaaNPdPZ2OBq5lMl3WWgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 0
date: Mon, 15 Apr 2024 11:21:03 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
pragma: no-cache
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 46ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@700&family=Raleway:wght@400;500&display=swap

Requested by

Host: buy2get-24.com
URL: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dcde2b9f9abb7d4a26b59357711c0907703ce025e9416f4c2a176c9fdc2a6f8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Apr 2024 11:21:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Apr 2024 11:21:03 GMT

GET
H2 200 zwq3pdt.css
use.typekit.net/ 10 KB
1 KB 422ms
102ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/zwq3pdt.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a158230fdf12f88f189e1612e97df7f8ba648526f3520ef598528b9ce2ccdc56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 15 Apr 2024 11:21:03 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1123

GET
H3 200 news-DHzM1B2T.js Show response
buy2get-24.com/de-drmerritz-yum-ar/js/ 150 KB
50 KB 76ms
75ms Script
application/javascript 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/js/news-DHzM1B2T.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b64383da62a368f3fbf22823a49fc1eb97e51f8ebd5a0b245960e9b327a7ca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: W/"660fd0cb-25830"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bVgr1m%2BkuitUOycsRGn2RDqruhX%2BPL0a4FlJEYXnX8gw28ZN%2BM71Mg5SUQLM45uo4GNcEvi%2FFed3%2F1Td3wupnAVK9faW8JVS0FAYQDLVn3DWp%2BmsMPtOset8DGooY0dKeL7RHa1%2Fs38hg4lO5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4dfc73653-FRA

GET
H3 200 default-5lNEaWaT.js Show response
buy2get-24.com/de-drmerritz-yum-ar/js/ 405 KB
103 KB 109ms
108ms Script
application/javascript 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/js/default-5lNEaWaT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aab47f5724f12e11e1a45766e7f8a0206062116fc5cf27a29f0960381c507ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: W/"660fd0c9-655c3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ieJuWEPHcgw%2BRMINkN6LBKgYvmf8inf9pwFiDk9vr3PPJGx1Bu6HraSYQ6TvV1yL2XS9Fo7Pku9ahg2DPInozFo0Y7xRT10PblPaKLgOnycU9C9VSPmJL0%2FBHUISjYOZqNjZQ4%2BIhzGXZMtnZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4dfc83653-FRA

GET
H3 200 default-uKxxGzIx.css
buy2get-24.com/de-drmerritz-yum-ar/css/ 2 KB
1 KB 74ms
73ms Stylesheet
text/css 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/css/default-uKxxGzIx.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

891e362b517d57c2152eb65b192140dd3921a209f49f24087fca72dd1cd3bc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: W/"660fd0cb-68d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dLM7HoETRkXD48nRyhFQFyOhzmTDU28AoOUNiNlZ6r1nszTibW92NF4QJd%2Fa6Zl%2F9hU6NntXAstPfeZ%2BoUSD6geDSYjb7XUC%2Bh6T9IcV0NYggp6Zyxgfbcmi6q9NqEyOu0CZ93bux1JID%2FD1eg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4dfc93653-FRA

GET
H3 200 news-DFM1OSfF.css
buy2get-24.com/de-drmerritz-yum-ar/css/ 225 KB
33 KB 90ms
89ms Stylesheet
text/css 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/css/news-DFM1OSfF.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

284e8e6b1b91e0878bf94ee7747db0d3df31068a8ae0d6e4ff2861ebc9ab00fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: W/"660fd0c8-38376"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BCzXs0AtMSCIfNDEh0askKSr6JScauPiQEpFhoeXi04eZnkknNCu3D4F9WIH1eUGVp%2BPyp7x2c8JZEsnljfnFDmsDaUDiNcT2wuO2WlwY1QWLqMVGnxLL33%2FeE3pgwJnHBig5YP9l4ObVD3sJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4dfca3653-FRA

GET
H3 200 hamburger-CMZQGJ3T.svg
buy2get-24.com/de-drmerritz-yum-ar/images/ 542 B
789 B 69ms
68ms Image
image/svg+xml 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/hamburger-CMZQGJ3T.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbe08a70ccce8095d6712f09b4c230951117cfc53473b8c3a767526132408af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: W/"660fd0c8-21e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KQaIG2rRvWdnvBlzwhd51TgfnTnj2A4oUzalUSZCYy4q%2FVlZwGkzuQaQD3eunN06AmHzXj8ZDb5dsjtO79%2FsfNY1EMfI8VaL4KGztGRLEbCDpzTF%2F0UKds0pS9PRZIeaEnK0eX9gZxIBbwxYqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4dfcb3653-FRA

GET
H3 200 hz-CRBuuGRK.png
buy2get-24.com/de-drmerritz-yum-ar/images/ 4 KB
4 KB 68ms
67ms Image
image/png 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/hz-CRBuuGRK.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

870f579a8cab8199339d27ff2d0e8994cf56e4b771225e02fe20d86cf948d486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4104
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: "660fd0cb-1008"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZbpVorYms%2BQOKlXZ3mr9icTmeG9AfGtQ4Wb0C%2BkqXze33RmSkmBJU4gVIku3BItylYaQ9WDRRy9C59UrM3%2B5fl64SrXEvMTfSa7WgwMcpn1badMjJzikYRFDGpv4QAQE66vIjrPKdNETWpPeYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4dfcc3653-FRA

GET
H3 200 fb-Czh5boCT.svg
buy2get-24.com/de-drmerritz-yum-ar/images/ 671 B
945 B 47ms
46ms Image
image/svg+xml 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/fb-Czh5boCT.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892fd073ed54168def312d82431c3938b9b43acabd06bf2010929402236f6e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: W/"660fd0c8-29f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZzVJrj08A2rbuLcsgfPJaK3c653TO%2BMqIVxNZdoAMFuWTAuht%2BgmrRnXn2AC6jBOGskfQr4IXmNfno57zVx5i29lsuN%2FMIL7QXZnxPkvrP7G2OLa%2FSUA5eeTHJajAOSW9pI1aJwsXihdZhsHdA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4ffe63653-FRA

GET
H3 200 insta-DHxwz-QE.svg
buy2get-24.com/de-drmerritz-yum-ar/images/ 2 KB
1 KB 80ms
79ms Image
image/svg+xml 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/insta-DHxwz-QE.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb8f8ef4a6d54a5decfe60791e52171b8cba284fa6d64c41b071b56fa040a922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: W/"660fd0cb-8a6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7KcCtDLhEK4BTZ9EIO7eApEkywBDJkIiLHDfuWKrY%2BWlJiVnkd%2BoTEYg6Ed%2FJPcr4jPtX09kmi3Qaa8Ex3btx5HpwF2f8Dq%2FZ4QfqwGUyw1G4dduQtVGRQvxkXHPcmJTDu%2B0bBjSTcog1jd1TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4ffe93653-FRA

GET
H3 200 twitter-C_o-ahNv.svg
buy2get-24.com/de-drmerritz-yum-ar/images/ 1 KB
1 KB 81ms
79ms Image
image/svg+xml 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/twitter-C_o-ahNv.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bd8595fac66ae1852072bacb74b40b1eb8b3896402086aa9698a2251da45d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: W/"660fd0c8-4bc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zsgogU1CsqcuqrsLULBJIsCFLrit0NeOWYL5xjQ5grl74ag3%2FobmE1%2BelL05C6UF50ijGMwOQxnkPmBfarlBBEdaoO6kco14tLM5ZMrqKA2oY6%2F0hw%2BmNuc%2FDLRrnfP7zX7%2BbZYMupQRV3MmSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4ffea3653-FRA

GET
H3 200 img2-BPEoWYZ-.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 261 KB
262 KB 101ms
99ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/img2-BPEoWYZ-.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c65e50619fd5e82a825ff3086a4fd09c8dd239f4d09d36d1d6d1624fb9d083d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 267705
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: "660fd0c9-415b9"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhVt5GxG0TRI3E7IPP2hZD2%2Fgwm0245TelExqOzgxPFhBpns7OtddwIshCb4DfwCr9AqwtMLl%2FSUDAJeo%2FC%2FlONTzNCUBbCJWdAt2bSCQN4oD7xdmASVIevfQ5wTSL0DVELOlbTW%2FdBzeknj6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4ffeb3653-FRA

GET
H3 200 quote-JLEO1gSf.svg
buy2get-24.com/de-drmerritz-yum-ar/images/ 1 KB
1 KB 81ms
79ms Image
image/svg+xml 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/quote-JLEO1gSf.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a27e611e87f3673d06dc13e7e50f7592078c36d04fef3c540ef374d2ab18e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: W/"660fd0c8-541"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CVlhOjh4sT%2BktXgicO0QUmEInVHgaWzhxfOg1ybdgZ9%2BntE5qra87ul01GjIXhjl9eowKx60gFs%2Fu1AZReeEmdFGO8AX1BxRlhQjso%2FpiyOxVgIp0xcVTGpQXcvlxEy3Hb3jLYpYLSpYl6PdNg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4ffed3653-FRA

GET
H3 200 img3-npSDhmwT.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 261 KB
262 KB 107ms
104ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/img3-npSDhmwT.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28cdad153ef207f95f4d1dddc7139130e18c75569cdc2e166c918e0e405980db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 267294
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: "660fd0c8-4141e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcZV5uhjOO003i6yh%2BZ2THptqO4H%2FO2P8OKaZgWS%2BLxi5V%2BK2Ms%2BPmy1Ouo9yCKFYXWGzroAXVT%2FfEhGfczreYaeyUTFMuMzgUbrlHZo43Vsh8N7W3u88QeLGFIXTFrwdQkf4rJrZklouLN5gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4ffee3653-FRA

GET
H3 200 img4-BMeaesuL.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 263 KB
263 KB 110ms
107ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/img4-BMeaesuL.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d026b51253f01b642c0c437aeeae0c0819d4e46b5e95fd58c0ccd268981e7b58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 269247
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: "660fd0c9-41bbf"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1l3ANiN97IzeZ48eofqyNxo2KgReBtwxIdB0XlWCt01VhQQtY0MxABE6OPO6iF0RQUIEyvb%2BrAo38meltaDSVYSTPbur8cSzouu5I2F4RP8kGK8yV1g7W3DOwjXVmjB6%2FTspXk461XD99buLJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4ffef3653-FRA

GET
H3 200 img5-BD9auMu6.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 261 KB
262 KB 82ms
79ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/img5-BD9auMu6.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a5d6720a3c9f490c447e0efd136b15ddcd25c2b00450b12ebacf0c13ba6234c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 267536
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: "660fd0cb-41510"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VnRjqlo1vCGXCtZ1Qxo6Hyh%2FdQMZzpdBHAa3qVb3ChOfus%2FGq1NuryMEKS9I3pYtXp8eoUptcsI0VwMtjhGydIf6UjZtPiZL7wVwUSrNiAgwI8mxy1KHnLzOEzaLAFojOX1bKyOSJXcRXrQz1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4fff03653-FRA

GET
H3 200 img6-CdQmYtPx.png
buy2get-24.com/de-drmerritz-yum-ar/images/ 11 KB
11 KB 171ms
168ms Image
image/png 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/img6-CdQmYtPx.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fec530918cc4b79e0b3e4ecef04d53039e2a41de56ccc7d20257f660a2e75855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 10893
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: "660fd0cb-2a8d"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwU5mit8EGK22Ot4QTo3xrMo4R6lE50SZgl2umszyrROXC4mKSqTk9h5RvKNOdFvHI8s82dqNBQI0%2BUBRGEm4FGnWppzAw16rX7SamBSyOkvAWRvCdxwyRuSYjedidBPm2ODjRNVcULMz3NPxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4fff13653-FRA

GET
H3 200 check-D86QCHHW.svg
buy2get-24.com/de-drmerritz-yum-ar/images/ 392 B
705 B 172ms
169ms Image
image/svg+xml 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/check-D86QCHHW.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc335fb73d19d0ab916f204974b3d55f06a301e6808b5ace17bd5c293024197f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: W/"660fd0cb-188"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TIb9VQIUVg9y4mLvvldhxJY9rsypX6MkRAbUlkgyOXwZtqJtl3BGzDrmOsQTR8OKpujWJxukwesVwI0kw3xrbvqCmCfxjmktCwmBCmNESyww4OGUSfx%2BUUzj8VH91VEWSbQYvxBl%2FczI5R9t8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4fff23653-FRA

GET
H3 200 add-btn-Cyb5sIVy.svg
buy2get-24.com/de-drmerritz-yum-ar/images/ 586 B
789 B 173ms
170ms Image
image/svg+xml 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/add-btn-Cyb5sIVy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c91b5a53656ce154e9d565a9825a66a04f9590709ab082a3e290a47af559d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: W/"660fd0c8-24a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1SAnuQbP%2BIyHbQFnYSuSJdu25Uk7GF1dXWo%2BrFRb4P58JmUO%2B08uORSg6pZIk55zvRJ%2FAE0ZystIwXCSMixR9nDnW0gEcemxyVHfflLvuRh0tNkcIEhPAx1j1EkpxGbB%2BVwYjmtL8OWlk2wveg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4fff33653-FRA

GET
H3 200 avatar-DCC12v7B.svg
buy2get-24.com/de-drmerritz-yum-ar/images/ 685 B
890 B 174ms
171ms Image
image/svg+xml 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/avatar-DCC12v7B.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94362216cbe0b9678e9dae37796749419a0c78875d21d477dceb9f7604032f75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: W/"660fd0c9-2ad"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrDna48%2BncjcOSnCY9ncR4xOcROMsfsTx2JsNGtzVy484iPSu3CTy6H9P%2FV%2B367jQ8b2x4aZBnTZXJar87oWQloflVjnOAi8a3fqtVorI7bh24ugUQybnh%2FKun5csOrNOuNCg9qVzewxWdxdFA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cc4fff53653-FRA

GET
H3 200 j-DwupPxTv.png
buy2get-24.com/de-drmerritz-yum-ar/images/ 4 KB
5 KB 175ms
172ms Image
image/png 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/j-DwupPxTv.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e148870511086769c2a3a777c194c3047f9a899ef8c86484ee6ecbbb03b8375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4222
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: "660fd0cb-107e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kg66SRzV2Bnl5wCVvon%2ByXsFcXNxd%2BciG8Sc9Fd9lRQKJ65rA2hmWPxUdZB%2FPRWe43eF4VaH38Nye%2FJG0yd7%2FjqKE9jYFdUwtzR2xAjbuvhnYJZQtqOyJZydjs3h2RNWJTYd7OZ9L9o7%2Bm3Amg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4fff63653-FRA

GET
H3 200 img-B0-4b9YV.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 117 KB
117 KB 176ms
174ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/img-B0-4b9YV.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce57dc8906146ecae84602b694e5feb8de634f48975a99433781811fecd695ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 119624
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: "660fd0c8-1d348"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2BYNO5llln5vfR5Y4wCLYMEbN0396fynI%2F0aigPeo4x7BFa0vnPUGXWaHL%2BNiLaL4hlab4EpBuaz4GBs1xV4cCUzRrottlj2wwss8qleqRsUn0SSHTcj5x8%2FmKqBP4T4uplSPBoNN0qGYJWfqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4fff73653-FRA

GET
H3 200 ik-D4V1bq14.png
buy2get-24.com/de-drmerritz-yum-ar/images/ 4 KB
4 KB 178ms
176ms Image
image/png 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/ik-D4V1bq14.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4306fdf896dbf3b7a1e313cfef5ddb1150f983c8259be11f2526c58c7002d6b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3857
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: "660fd0c9-f11"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PRXTFIK9OwtwwILaNrbW%2BiYCGjNf%2FFnmAXuBeJvX0C5WPN5MnA6dJUVedmfa9YQjTbJ%2Fjeh0o69zT4uBeSnYlKM9wXDxLVMNuBQcmbmWY8elJeQEoGUqioiCOvB%2Fvnv9E3n5URytQuBtsKvC9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4fffa3653-FRA

GET
H3 200 b-BTmPaL0L.png
buy2get-24.com/de-drmerritz-yum-ar/images/ 4 KB
4 KB 179ms
177ms Image
image/png 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/b-BTmPaL0L.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1b44ea147b8ee7626b1ce5bce36570e5f637f22d99017bd549f6a9e2086352b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3893
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: "660fd0cb-f35"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0pQ4K95hbMc8TDNDkDbSzKP%2FESiDP9K6VMvuvAjAI%2BJUORToIFBr6Ll2A3LvL37qHtId9VN0XIixIvCWJRY9T8q%2ByuSuVxwOETyshNklanlWccxdGUNVR8dVXq3uY86IbKiKxlpVqlcsJUGrfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4fffb3653-FRA

GET
H3 200 img2-CJYJAJJh.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 126 KB
126 KB 182ms
179ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/img2-CJYJAJJh.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0faae0087bbad041074e80f3c641e21a03a6f1314692049794aefc5939d90cc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 128831
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: "660fd0c9-1f73f"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M83Cil2RYpJdRDbVryDFZ9XOsXet6%2Bt0DjGzxTk%2BvvQhV9JnQXH8iRQjhoqBua9q3MEeFx%2FgHcF9ujATLzPgd5Zu77fiPfXISXVmBFeMzArtTOoJuYSqx3v4AdmoojEXVK2rIcQe8XVDG9gfmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4fffc3653-FRA

GET
H3 200 p-CI9TdYCd.png
buy2get-24.com/de-drmerritz-yum-ar/images/ 4 KB
4 KB 53ms
50ms Image
image/png 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/p-CI9TdYCd.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4066de236d39e9b9d578c63607bd6fb7a32491314414df32b6cb49a456a77a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3996
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: "660fd0c9-f9c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfvXQw6o2FiOKLvDCnzAX2iydsEjT71UkSpKtUg8WfB61mPRuZ55wcOes8LygBA1%2Fw2bnwS0%2Fw2JiF%2F1ru2AvRGUpbMdYXJeNj%2B8Qc6o448dlh7W%2FemW4ZTK8XJ6KuK8aFU%2FvFhNewxjgcfY6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4fffe3653-FRA

GET
H3 200 n1-JpRwIty_.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 8 KB
8 KB 188ms
186ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/n1-JpRwIty_.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70eaacf0d67373caec5f094e198fb74683896a81537b20ac078ce218be78e321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8111
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: "660fd0c9-1faf"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hc5ApiWNi5ywYu0YQoA5xry5NIC3MmxrUCyCJ%2BTGb3JSD5YAf2GFG5n%2FFCs7IixSIOxYFjtOJpRvuMI0KAawWcr7lmdIxyu3sGsvNblQwEJ2qqQ3V5wSqMpX1VTW7Hqkoq4UK4yVbTSM2xCfeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f8003653-FRA

GET
H3 200 n2-DOFUzqCq.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 8 KB
8 KB 190ms
188ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/n2-DOFUzqCq.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e059936ee4765e30f581eb3570029a90777c47a6110665b86172fc2c4683175e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7860
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: "660fd0c9-1eb4"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iagzslsZ39bbW%2F5PA7pUHpsOglKEue%2BkHAQ1zw8fGxhNEM0oFJPYoEIdxbd%2FJ85Jlx98lkt7WLYzKLHe%2Be%2FIduCN7Lpm2xJY1lAtMnoPZwO3dSj5bWENiaxER8VENRM4PWAhEjTujW9wP3wVcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f8013653-FRA

GET
H3 200 n3-DT320PgI.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 7 KB
7 KB 191ms
189ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/n3-DT320PgI.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc3fe739a47c137d14d62b9fb269020de8f5d8cc6b271fc3d3e070c6b451840e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7059
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: "660fd0cb-1b93"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k6OPJOi%2BgYBqm6KaAlXn22UhMbb3VrHdAQYT5mKMqsM4OE91TydHPgHT1w63Lw48C%2FEeHR33w%2BcYu%2FZBlNxDJFXcSgAQCiWm3bng4JGj25qAeTtZWdsQ8mLXg2TQDkCGt9Mz%2B0iIoLl4ho6zHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f8023653-FRA

GET
H3 200 n4--KJpIJwD.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 7 KB
8 KB 192ms
190ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/n4--KJpIJwD.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89e2eee61a420a7c1384aab590af4f510e1f41550e7492af5f92b7b25e91844b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7456
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: "660fd0c8-1d20"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6F75%2BJ6e1JqoDr4ajbUWyd6Ft73XJRB4nmnNWdGAZAHy3NIp%2FgallohDxSE1bjSQesmlcnNuRrSHoJRPWaWm%2FcvryCuTDxI7eTCP1UjPUOtqqX%2FG0fg1fiM7QzLnS0YHlgnRjfPjS493elrDFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f8033653-FRA

GET
H3 200 n5-ZTqGBfs9.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 9 KB
9 KB 193ms
191ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/n5-ZTqGBfs9.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23dc346335896cccd942de9d23cdfe720095fe317518fb0e2f8aa092220138df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9201
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: "660fd0c8-23f1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F2En42skOFUC%2FZ5ndIVEdaU9%2B1NnF7%2Bk0Ai%2FRPr3f3naoys7qG0RPHLZE15h6SM3So18DlAyzdCq2MNWiNtgJOK0bOjObD2%2B%2BDawWGP5116Lpp4o8dAh9dsDQQUfw4Q93ozZAzGTdScHtJESyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f8043653-FRA

GET
H3 200 n6-BZpbH32X.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 9 KB
9 KB 194ms
192ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/n6-BZpbH32X.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef0ad887235514929c5a27b702fc155cc8fe2e0214b4d840026cec5ca5c4ca5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8928
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: "660fd0c8-22e0"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nI%2BJflWLD03FbfEYYEe8KIH9wGIG5IcG93kGR1yM1apY37ajQ14eqC17ceKwQBz75JWqFUPpdKlsYs0sNC7uiZzFYditaQLzWrr8SRzm%2FwTBJUzIEUxHv8iZMYX4UFpMaYbakp5qt9313Uie0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f8063653-FRA

GET
H3 200 n7-DGMZmXBi.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 7 KB
8 KB 195ms
194ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/n7-DGMZmXBi.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

639b20517bb22d1ac4d0f78ea7786a0d182b310939c154717f8a040b2db1fa0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7420
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: "660fd0c9-1cfc"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHz8SbCvD2iCVH6cS9fzXuezYBYdYtw1T4fO8wAYpEgbUq4YoWVDEmOmjqWNXw6%2FOKaDJoOOQwNABCDoYcgQdkdODXIMLjPnhHjHBMMp3h6rLbKy9D6yVsUDAy5o75hjGn%2Ffp3Ke%2BD7%2BRN2kCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f8073653-FRA

GET
H3 200 n8-DaSdHCAh.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 9 KB
9 KB 196ms
194ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/n8-DaSdHCAh.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e43187342c3a612edeb90c3d2e7b14bae39d509c2f7d170eb4e2812e93a832d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8862
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: "660fd0c9-229e"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WFwZVrr97QZBfOihhv9k7aFiZz0KrAcv50iomjW6t6HmRGVxOHv%2Fm63ELDoyR5FcMNRjhdsALXJHOC4CKpXIbTb7SPE75cmR4XaeQptmeA21Zwr5eujg409%2FIMms4IKSYCK09Z2I9lue5TkOlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f8083653-FRA

GET
H3 200 n9-CTy0I1dy.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 8 KB
9 KB 197ms
195ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/n9-CTy0I1dy.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916aa9a66b5de19f62206f2dbf649994753f97143eec26e6ed5d11dc64ecb2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8677
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:01 GMT
server: cloudflare
etag: "660fd0c9-21e5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HotRGGTcuk8BsV0CrVDKK2aV0YUxE4lORqxQnv%2BQFDD%2FemlmjE68a58r0J0cuNhVoKth1dnvt%2Fmk1o%2FsjmPLrZWVFMseAUbLcbnP1lYoocpPcxw1LKRWj%2BcbGoCPYY5rOT7gTQCsiRUKMgsGTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f80b3653-FRA

GET
H3 200 n10-BZkRf-qV.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 7 KB
7 KB 197ms
196ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/n10-BZkRf-qV.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1156c81ea124a52d70424152cb106153b68d1b6c93bc8f55dceaf153115398d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6961
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: "660fd0c8-1b31"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDVFedc7ekFOVFHIVRD2lz46fV1SVsEFMq7UkaJw5caEzDqOtQEJdphAi166b9PnN5Yjb4Ghj0h%2B3Kjjwe5EeL8p%2FgylYWnqoONPMFhFbTyNZdJWj6BZlrq%2F0w%2FSfxLl3w4ODQetCoojZ%2FHiXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f80d3653-FRA

GET
H3 200 n11-lHKLdAU4.jpg
buy2get-24.com/de-drmerritz-yum-ar/images/ 7 KB
8 KB 198ms
197ms Image
image/jpeg 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/n11-lHKLdAU4.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc7a6e6a0aeece46122c6097ad971e97f8dc018eaffe698bc9170f9e220afeb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 7334
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: "660fd0cb-1ca6"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4uM%2B5Iz5mlS0prHiegV2UPFr%2F2ZU0Ir8qg3Z1MJ4juucwIDExsAX33oIsAWwWAzMrQ%2Bvo5G9uLLnfyNRXeY5j77spW%2Fho7M1C4CfUMgK1cUuipYFa6E8w%2Ff2QtSyo8QOxHcIotXD2mO8xdAz%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f80e3653-FRA

GET
H3 200 product-sUeX0eUy.png
buy2get-24.com/de-drmerritz-yum-ar/images/ 65 KB
66 KB 200ms
199ms Image
image/png 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/product-sUeX0eUy.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dda0009cbc14905d8ca592279bdbcaa74e52d946e3452329146ce3a9e1658cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:03 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 66650
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: "660fd0cb-1045a"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MmBI%2BpLcCMasgP4cljMekMibvvIR2z1BuXqXbqpEZ5E72cRiwFOyXOAoyT6NgLisDv3uMezsOeNeO%2FfbKfI86nXQUQodtL5ROzu0QVfDcNnLyuA5OZu0esxutU%2Ft2hB53jOVt%2F%2BLtWngN3wrJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cc4f8123653-FRA

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 443ms
102ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=zwq3pdt&ht=tk&f=15700.15701.15703.15704.15705.15707.15708.15709.22708.22709.22710.22711.22741.22742&a=126254623&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zwq3pdt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.typekit.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H3 200 widget.min.js Show response
weatherwidget.io/js/ 3 KB
1 KB 307ms
107ms Script
application/javascript 2606:4700:3033::6815:3390
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/js/widget.min.js
Requested by: Host: buy2get-24.com
URL: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3390 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Oct 2019 21:35:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5419
etag: W/"5d9d0124-a4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KWLzLN6JQ1%2FBrwwyQ0CL8ASgibbrIRJak8Zsl%2BBcRm2Hu5jBUlAu7%2B%2F7EupWHwL1HeiS5ySLIFGjhVBtMN5FMsLaR4arPA%2FOPJB7e5S4FVRTRa6TmTaKmspfZcgNvyul%2BRYthHrAE44ADpAiOd%2Bq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public; max-age=14400
cf-ray: 874b8ccbcc7e42f5-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 bg-K1Xh-NdP.png
buy2get-24.com/de-drmerritz-yum-ar/images/ 61 KB
62 KB 46ms
46ms Image
image/png 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/bg-K1Xh-NdP.png

Requested by

Host: buy2get-24.com
URL: https://buy2get-24.com/de-drmerritz-yum-ar/css/news-DFM1OSfF.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4c654b80126ddd75b3a3b34462cbdc190a723c17437e8ca8a9ffa568e3c297d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/css/news-DFM1OSfF.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 62631
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:00 GMT
server: cloudflare
etag: "660fd0c8-f4a7"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJ2ToX%2BySJ5V4ZPw2UmMZvzL45QXMcxcT0qGyB8CTD4UAep5v7jZVQgcJug%2BkHtiaqK39QnLs8Q7dKmQalkyJnpWiYmNJIcBTZJqibHz1u7qYiCOLg4ZvZp%2BQpusOFKbJq204GXcvLlBPm3XuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 874b8cca4d843653-FRA

GET
H3 200 logo-B3hopI_d.svg
buy2get-24.com/de-drmerritz-yum-ar/images/ 852 B
952 B 72ms
72ms Image
image/svg+xml 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buy2get-24.com/de-drmerritz-yum-ar/images/logo-B3hopI_d.svg

Requested by

Host: buy2get-24.com
URL: https://buy2get-24.com/de-drmerritz-yum-ar/css/news-DFM1OSfF.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27fc11d9abcce6f8575dd1f98c3804337a3ebaec9c3efb3671ce446d8e932e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/css/news-DFM1OSfF.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Apr 2024 10:22:03 GMT
server: cloudflare
etag: W/"660fd0cb-354"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2Fl63GnFcVAck%2FK2aN0EufVBwRBFqk%2F76hUhSxDKBz9SmjYpuuyCESjeeyEKWbeaOTT44hLscJF7YWkpOE1uLg5ywMLUxdh778ir9DI4v6r5%2BzCJ5%2Ff9RkXAp%2Foq4ou3cYZOiUYbEj58zrf49g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 874b8cca4d893653-FRA

GET
H2 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v13/ 22 KB
23 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuFuYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@700&family=Raleway:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b43cb86a0e63bbb55376b4ea60d8cc9527a1421c367aa09962725e0c5140f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 13:57:58 GMT
x-content-type-options: nosniff
age: 595386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22904
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:50:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 13:57:58 GMT

GET
H2 200 l
use.typekit.net/af/180254/00000000000000000001522c/27/ 83 KB
83 KB 374ms
96ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/180254/00000000000000000001522c/27/l?primer=5a69e0d0d3b67de5f3ef9899b6aedf358155c30c9665a85cf9d3983850458310&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zwq3pdt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5c64a66268465b878da53f9a7119c21f86b9da2416bac041a6b8bf7d30781010

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.typekit.net/zwq3pdt.css
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
server: nginx
etag: "ddb2d14d00af5030be4511128ba4a209f1c28a77"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 85032

GET
H2 200 l
use.typekit.net/af/50d55e/000000000000000000015235/27/ 78 KB
79 KB 673ms
395ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/50d55e/000000000000000000015235/27/l?primer=5a69e0d0d3b67de5f3ef9899b6aedf358155c30c9665a85cf9d3983850458310&fvd=n9&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zwq3pdt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c3fe6608443bc3ed0fd6049954240186d6c5b97768486f52f3185c887838ae83

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.typekit.net/zwq3pdt.css
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
server: nginx
etag: "2f505f166814078e8872d0534db9eae015529c3b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 80328

GET
H2 200 l
use.typekit.net/af/220823/000000000000000000015231/27/ 82 KB
82 KB 589ms
312ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/220823/000000000000000000015231/27/l?primer=5a69e0d0d3b67de5f3ef9899b6aedf358155c30c9665a85cf9d3983850458310&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zwq3pdt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 479bc71aec37809bceccaf035c49271b4032722bb2fdc25f8a9591a28bf937f7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.typekit.net/zwq3pdt.css
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
server: nginx
etag: "c0e16784aaa87227978a279a5dea2d3913ab5e91"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 83988

GET
H2 200 l
use.typekit.net/af/bdde80/00000000000000000001522d/27/ 88 KB
88 KB 707ms
429ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/bdde80/00000000000000000001522d/27/l?primer=5a69e0d0d3b67de5f3ef9899b6aedf358155c30c9665a85cf9d3983850458310&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zwq3pdt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 289c80f7b9ebef1af302ee6445dfd354c898818065ca76598abe2922919af42d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.typekit.net/zwq3pdt.css
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
server: nginx
etag: "2c1bb4eec7ec79ab766a01dd88ae75ad98c2de36"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 90268

GET
H2 200 l
use.typekit.net/af/6c7e72/000000000000000000015232/27/ 87 KB
87 KB 481ms
204ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6c7e72/000000000000000000015232/27/l?primer=5a69e0d0d3b67de5f3ef9899b6aedf358155c30c9665a85cf9d3983850458310&fvd=i7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zwq3pdt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ab0dcf091e7680e493639b15aa24088e17a40bbf671cae03e24759950bffb6c6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.typekit.net/zwq3pdt.css
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
server: nginx
etag: "1551d1a46777146da8922bad4a115c263bebe7e0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 89284

OPTIONS
H3 204 analytics_hits
api.buy2get-24.com/api/v3/ Frame 0
0 144ms
89ms Preflight
text/plain 2606:4700:3036::ac43:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.buy2get-24.com/api/v3/analytics_hits

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://buy2get-24.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-allow-origin: https://buy2get-24.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 874b8ccacf662a7b-CDG
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 15 Apr 2024 11:21:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfXTnvqqruiozxdE60jz1nMtRHcpsWe1XUXne6FLj8o062aSD6y0xy8aDAIiWEfrlTqNJl%2FDusq9S8%2B5%2FtTvAAGFNis4O1W1vdIzMxlIq18zmrgLyvwQavNawGpS4NqsZuVxt%2Bu0TudOC7zzacRFRwo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H3 201 analytics_hits Show response
api.buy2get-24.com/api/v3/ 2 B
784 B 250ms
250ms Fetch
application/json 2606:4700:3036::ac43:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.buy2get-24.com/api/v3/analytics_hits

Requested by

Host: buy2get-24.com
URL: https://buy2get-24.com/de-drmerritz-yum-ar/js/default-5lNEaWaT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://buy2get-24.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: acd53033-f962-44d3-8487-8669e813f904
x-runtime: 0.043961
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"44136fa355b3678a1146ad16f7e8649e"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept
content-type: application/json; charset=utf-8
access-control-allow-origin: https://buy2get-24.com
access-control-allow-methods: GET, POST, OPTIONS, PUT
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=0, private, must-revalidate
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7bsAkeNYUW7X9SKn57qin6Q%2FRBNKNqLgGzci359QF5X30DsMgbCGiye%2BIZ25TikXS5OufrR557TL8QmirproFRiDGis7bFZ6BQt%2BCzGzvS0fgY4givTyV1O4YLXbBHfICz1oW43fFr0np%2BL7sJB%2BpU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 874b8ccb581e2a7b-CDG
access-control-allow-headers: User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 wonderpush-loader.min.js Show response
cdn.by.wonderpush.com/sdk/1.1/ 2 KB
1 KB 74ms
33ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by: Host: buy2get-24.com
URL: https://buy2get-24.com/de-drmerritz-yum-ar/js/default-5lNEaWaT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4b6f1e89823eb3953d76d22b254f456ed58e053a34346c11ef013b1e6573fc4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
content-encoding: gzip
via: 1.1 c968eb4bd5f1a91dae1c71eba1ef9d56.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P9
age: 559
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 872
last-modified: Tue, 10 Oct 2023 16:29:47 GMT
server: cloudflare
etag: "3bfe95c40b26f3ffec80bc846ed15b60ed6e"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 874b8ccaa9221da0-FRA
x-amz-cf-id: Nk24lai4lyq_KFxfm7u0Un9N64JtUAiakCJi7cRoGxsbGjiqy2ivUQ==

GET
H2 200 l
use.typekit.net/af/a18530/00000000000000000001522e/27/ 81 KB
81 KB 598ms
354ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a18530/00000000000000000001522e/27/l?primer=5a69e0d0d3b67de5f3ef9899b6aedf358155c30c9665a85cf9d3983850458310&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/zwq3pdt.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9cea6055db8300e01b0b7137a2c1c9d5f770f4ed68b4210a5b785d37bc62f364

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://use.typekit.net/zwq3pdt.css
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:04 GMT
server: nginx
etag: "3bef1fedfa77614fd4f8b4f15ed991ada305a45d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 82652

GET
H3 200 /
weatherwidget.io/w/ Frame A6DF 0
0 34ms
16ms Document
text/html 2606:4700:3033::6815:3390
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/js/widget.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3390 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://buy2get-24.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 5404
alt-svc: h3=":443"; ma=86400
cache-control: public; max-age=14400
cf-cache-status: HIT
cf-ray: 874b8cccf8511c97-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 15 Apr 2024 11:21:04 GMT
last-modified: Mon, 15 Apr 2024 09:50:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6kEdsDsKOuev5cCgtrkOPLry4SJsCKwA4yqusERHxIVHa9LAlcxpfYyg4%2FNqKks5rc1V9r4kY4ctWM7hAr1mjhmL1jrEXmvUhzqgkGXPti6L3w%2FWHDSyH%2B6ZYqEcfIOuS8Ml6QhMVgcCIWf2i8c"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 favicon.ico
buy2get-24.com/ 0
430 B 43ms
43ms Other
text/plain 2606:4700:3031::6815:308d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy2get-24.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3031::6815:308d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/de-drmerritz-yum-ar/news?ctxdatafw=1&clickid=wr6hp41ip1eh1rj0jv5kvo2s&utm_channel=perfo&utm_type=new&utm_action=activesale&utm_source=LolaLeads_2023&utm_campaign=DE_DR_AC_de-drmerritz-yum-ar&utm_campaign_id=cb6c98e7-7b95-4dff-a67f-86d5c022a136&utm_content=4321&utm_term=
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:05 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N4QRMoWpiArh0LzUGBq%2FE%2Bm%2FdHotnCoxGSlNZbnYbf0P6mwdAffpF6q9djnZKjJ3CYTV29P9hEjtG%2F2TrBA1mKALQekeGLQvz9DcfgwihguUeal9SYBaVPkaDM0jtA3i9G0NsbXyEqIuidY1ig%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 874b8ccf0b7b3653-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 wonderpush.min.js Show response
cdn.by.wonderpush.com/sdk/1.1.33.36/ 375 KB
91 KB 15ms
15ms Script
application/javascript 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/sdk/1.1.33.36/wonderpush.min.js
Requested by: Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ba77247588da7b85eb0d23e70fb7dfc650c5ac7da3acc7d2b8ea7feffadfbc2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:07 GMT
content-encoding: gzip
via: 1.1 7ab8983df8c6e33475e52fb04de82cbc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P9
age: 2831903
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 92310
last-modified: Tue, 10 Oct 2023 16:27:00 GMT
server: cloudflare
etag: "34c4d826740620a0081d04f5feba9a20ed6e"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 874b8cdc19611da0-FRA
x-amz-cf-id: QFSzwKTOvNBn-epJIQ7HUmpuNnKxmKRJ4s9wkqaV3gLXxSRmI-ypDw==

GET
H3 200 d597de0abacb10ad36b48ebb43fcb436dbc4550265f87f8dfdc0b26dec5472ee Show response
cdn.by.wonderpush.com/config/webkeys/ 2 KB
1 KB 41ms
24ms Fetch
application/json 2606:4700::6812:13b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.by.wonderpush.com/config/webkeys/d597de0abacb10ad36b48ebb43fcb436dbc4550265f87f8dfdc0b26dec5472ee?_=1713180067309
Requested by: Host: buy2get-24.com
URL: https://buy2get-24.com/de-drmerritz-yum-ar/js/default-5lNEaWaT.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:13b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 319a7adb95af4de281ee1f87a4832d2c18bd95d17fc8d65c33f47fc18c3e4872

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://buy2get-24.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 11:21:07 GMT
content-encoding: gzip
via: 1.1 4e5a83b6aa19a0c9339b31bdad0aa0d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P9
age: 2246
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 827
last-modified: Thu, 18 Jan 2024 14:30:27 GMT
server: cloudflare
etag: "692546ff56833f647f4db49f05ba2e10ed6e"
access-control-max-age: 86400
access-control-allow-methods: HEAD, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 874b8cdccb6018f7-FRA
x-amz-cf-id: w4wzLcfEIB9o7Zzlj5RiFsPuhN6OtrGjiDPrQImHeLztYBEMwY0wHw==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26daf1fcd00317505834fe2fbe095bce8d6266e8391e8f8ed7c826e57233026f

Request headers

Referer
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 849 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c993ebaec0d3f9d97ac4c6ea7dbe3084d32ca010b4983f043aa024612d6c23a

Request headers

Referer
Origin: https://buy2get-24.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 202 events Show response
measurements-api.wonderpush.com/v1/ 94 B
270 B 80ms
50ms XHR
application/json 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://measurements-api.wonderpush.com/v1/events
Requested by: Host: buy2get-24.com
URL: https://buy2get-24.com/de-drmerritz-yum-ar/js/default-5lNEaWaT.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 19ec3310d814bc1006cc8801c0fd9cf06e7c85cd6d4025d749309f381433ddd3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://buy2get-24.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://buy2get-24.com
x-cloud-trace-context: 7c5181f5b0c9ffe014d01c41507708a8
date: Mon, 15 Apr 2024 11:21:07 GMT
access-control-allow-credentials: true
server: Google Frontend
content-length: 94
content-type: application/json

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buy2get-24.com/de-drmerritz-yum-ar	1969-12-31 23:59:59	Name: testCookie Value: 1
.easline-pro.com/	1969-12-31 23:59:59	Name: sfd Value: beQ0dzIK6cBVk67sXj7aRL6ruJA8pc9B7/gvgV7pg39Mb6PWe7LSiQ==
.easline-pro.com/	1970-01-21 05:29:00	Name: tm Value: GzGb6r/CPbnBvKwZ0CI4y76ruJA8pc9B7/gvgV7pg39Mb6PWe7LSiQ==
.easline-pro.com/	1970-01-20 20:36:12	Name: c19013 Value: beQ0dzIK6cCCn48oECIu1xpmDW/tjfojo5WaYScJJOOjqrCL3IIQlA==
.eu-region.superfast-cdn.com/	1970-01-20 19:54:26	Name: cb6c98e7-7b95-4dff-a67f-86d5c022a136-v4 Value: W9wqYrTeWez3k_600XcDeEIs_f2TPJ_XWWodNYLGeeg
.eu-region.superfast-cdn.com/	1970-01-21 04:38:36	Name: cc-v4 Value: 7RBvcdhjsQ%2Fql8pgUqHitKqcoVe%2F35vV7W7ZDEfSE12zjHstYgP9bYG1oK4U36BN2HXs89jcv03XoFviYYSHY2MkRR1jxB5DEroE%2BYWdljkcpo%2BKtOxKwhYEfJNPgBHxu1UJAu%2BGieCT55mh0L8Y4g%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.buy2get-24.com
buy2get-24.com
cdn.by.wonderpush.com
e6p5k9g7y1d9f0c5x5p6j7v7y7a0p5b0p3k6e2.s3.amazonaws.com
easline-pro.com
eu-region.superfast-cdn.com
fonts.googleapis.com
fonts.gstatic.com
measurements-api.wonderpush.com
p.typekit.net
use.typekit.net
weatherwidget.io
18.193.209.105
2001:4860:4802:36::15
2606:4700:3031::6815:308d
2606:4700:3033::6815:3390
2606:4700:3036::ac43:bab1
2606:4700::6812:13b7
2a00:1450:4001:812::2003
2a00:1450:4001:82b::200a
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
34.78.223.0
54.231.168.209
0faae0087bbad041074e80f3c641e21a03a6f1314692049794aefc5939d90cc2
19ec3310d814bc1006cc8801c0fd9cf06e7c85cd6d4025d749309f381433ddd3
1ba77247588da7b85eb0d23e70fb7dfc650c5ac7da3acc7d2b8ea7feffadfbc2
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
23dc346335896cccd942de9d23cdfe720095fe317518fb0e2f8aa092220138df
26daf1fcd00317505834fe2fbe095bce8d6266e8391e8f8ed7c826e57233026f
27fc11d9abcce6f8575dd1f98c3804337a3ebaec9c3efb3671ce446d8e932e8f
284e8e6b1b91e0878bf94ee7747db0d3df31068a8ae0d6e4ff2861ebc9ab00fd
289c80f7b9ebef1af302ee6445dfd354c898818065ca76598abe2922919af42d
28cdad153ef207f95f4d1dddc7139130e18c75569cdc2e166c918e0e405980db
2b20e1686e8b63473a284301f7956bf827722b869ea0b41c37da40ef849131a8
319a7adb95af4de281ee1f87a4832d2c18bd95d17fc8d65c33f47fc18c3e4872
3c993ebaec0d3f9d97ac4c6ea7dbe3084d32ca010b4983f043aa024612d6c23a
4066de236d39e9b9d578c63607bd6fb7a32491314414df32b6cb49a456a77a94
4306fdf896dbf3b7a1e313cfef5ddb1150f983c8259be11f2526c58c7002d6b5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
479bc71aec37809bceccaf035c49271b4032722bb2fdc25f8a9591a28bf937f7
5bd8595fac66ae1852072bacb74b40b1eb8b3896402086aa9698a2251da45d4a
5c64a66268465b878da53f9a7119c21f86b9da2416bac041a6b8bf7d30781010
5e148870511086769c2a3a777c194c3047f9a899ef8c86484ee6ecbbb03b8375
639b20517bb22d1ac4d0f78ea7786a0d182b310939c154717f8a040b2db1fa0d
6a5d6720a3c9f490c447e0efd136b15ddcd25c2b00450b12ebacf0c13ba6234c
70eaacf0d67373caec5f094e198fb74683896a81537b20ac078ce218be78e321
7b43cb86a0e63bbb55376b4ea60d8cc9527a1421c367aa09962725e0c5140f5f
7c65e50619fd5e82a825ff3086a4fd09c8dd239f4d09d36d1d6d1624fb9d083d
7c91b5a53656ce154e9d565a9825a66a04f9590709ab082a3e290a47af559d5f
870f579a8cab8199339d27ff2d0e8994cf56e4b771225e02fe20d86cf948d486
891e362b517d57c2152eb65b192140dd3921a209f49f24087fca72dd1cd3bc3e
892fd073ed54168def312d82431c3938b9b43acabd06bf2010929402236f6e9e
89e2eee61a420a7c1384aab590af4f510e1f41550e7492af5f92b7b25e91844b
8b64383da62a368f3fbf22823a49fc1eb97e51f8ebd5a0b245960e9b327a7ca9
916aa9a66b5de19f62206f2dbf649994753f97143eec26e6ed5d11dc64ecb2c8
94362216cbe0b9678e9dae37796749419a0c78875d21d477dceb9f7604032f75
9a27e611e87f3673d06dc13e7e50f7592078c36d04fef3c540ef374d2ab18e4c
9cea6055db8300e01b0b7137a2c1c9d5f770f4ed68b4210a5b785d37bc62f364
a158230fdf12f88f189e1612e97df7f8ba648526f3520ef598528b9ce2ccdc56
a1b44ea147b8ee7626b1ce5bce36570e5f637f22d99017bd549f6a9e2086352b
aab47f5724f12e11e1a45766e7f8a0206062116fc5cf27a29f0960381c507ed7
ab0dcf091e7680e493639b15aa24088e17a40bbf671cae03e24759950bffb6c6
bb8f8ef4a6d54a5decfe60791e52171b8cba284fa6d64c41b071b56fa040a922
c3fe6608443bc3ed0fd6049954240186d6c5b97768486f52f3185c887838ae83
cbe08a70ccce8095d6712f09b4c230951117cfc53473b8c3a767526132408af7
cc335fb73d19d0ab916f204974b3d55f06a301e6808b5ace17bd5c293024197f
ce57dc8906146ecae84602b694e5feb8de634f48975a99433781811fecd695ac
d026b51253f01b642c0c437aeeae0c0819d4e46b5e95fd58c0ccd268981e7b58
d4b6f1e89823eb3953d76d22b254f456ed58e053a34346c11ef013b1e6573fc4
dc7a6e6a0aeece46122c6097ad971e97f8dc018eaffe698bc9170f9e220afeb6
dcde2b9f9abb7d4a26b59357711c0907703ce025e9416f4c2a176c9fdc2a6f8f
dda0009cbc14905d8ca592279bdbcaa74e52d946e3452329146ce3a9e1658cf6
e059936ee4765e30f581eb3570029a90777c47a6110665b86172fc2c4683175e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43187342c3a612edeb90c3d2e7b14bae39d509c2f7d170eb4e2812e93a832d8
e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e
ef0ad887235514929c5a27b702fc155cc8fe2e0214b4d840026cec5ca5c4ca5a
f1156c81ea124a52d70424152cb106153b68d1b6c93bc8f55dceaf153115398d
f4c654b80126ddd75b3a3b34462cbdc190a723c17437e8ca8a9ffa568e3c297d
fc3fe739a47c137d14d62b9fb269020de8f5d8cc6b271fc3d3e070c6b451840e
fec530918cc4b79e0b3e4ecef04d53039e2a41de56ccc7d20257f660a2e75855

buy2get-24.com Open in urlscan Pro 2606:4700:3031::6815:308d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

75 %IPv6

9 Domains

12 Subdomains

11 IPs

3 Countries

2376 kBTransfer

3292 kBSize

6 Cookies

15 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

buy2get-24.com Open in urlscan Pro
2606:4700:3031::6815:308d Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

2376 kB
Transfer

3292 kB
Size

6
Cookies

59 HTTP transactions
2 data transactions