urlscan.io logo urlscan.io
SecurityTrails logo

buyem.xyz Open in urlscan Pro
172.67.134.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://buyem.xyz/
Submission: On August 05 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 14 domains to perform 26 HTTP transactions. The main IP is 172.67.134.11, located in United States and belongs to CLOUDFLARENET, US. The main domain is buyem.xyz.
TLS certificate: Issued by WE1 on July 4th 2024. Valid for: 3 months.
This is the only time buyem.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 172.67.134.11 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 13.35.93.68 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2620:127:f00f... 13335 (CLOUDFLAR...)
1 18.67.65.47 16509 (AMAZON-02)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
1 104.17.230.46 13335 (CLOUDFLAR...)
1 185.194.90.7 12488 (KRYSTAL)
1 185.181.118.22 204436 (KUALO-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2620:1ec:33:1... 8075 (MICROSOFT...)
26 13
11    172.67.134.11 (United States)

ASN13335 (CLOUDFLARENET, US)
buyem.xyz
1    2607:f8b0:400d:c02::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.35.93.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-68.jfk50.r.cloudfront.net
c8.alamy.com
1    2606:4700::6812:1ebe (United States)

ASN13335 (CLOUDFLARENET, US)
ih1.redbubble.net
1    2620:127:f00f:ff01:: (Canada)

ASN13335 (CLOUDFLARENET, US)
cdn.shopify.com
1    18.67.65.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-47.iad89.r.cloudfront.net
ca-times.brightspotcdn.com
1    2600:1408:c400:27::17da:daad (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
lakelandcamel.scene7.com
1    104.17.230.46 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.notonthehighstreet.com
1    185.194.90.7 (United Kingdom)

ASN12488 (KRYSTAL, GB)
PTR: trunks-lon.krystal.uk
www.wearemiddlesbrough.com
1    185.181.118.22 (United Kingdom)

ASN204436 (KUALO-AS, GB)
PTR: prod-ds1.dentocare.co.uk
www.dentaldirect.co.uk
2    2607:f8b0:400d:c1d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ts2.mm.bing.net
Apex Domain
Subdomains		 Transfer
11 buyem.xyz
buyem.xyz
120 KB
2 bing.net
ts2.mm.bing.net — Cisco Umbrella Rank: 174076
58 KB
2 gstatic.com
fonts.gstatic.com
38 KB
1 dentaldirect.co.uk
www.dentaldirect.co.uk
123 KB
1 wearemiddlesbrough.com
www.wearemiddlesbrough.com
125 KB
1 notonthehighstreet.com
cdn.notonthehighstreet.com — Cisco Umbrella Rank: 243028
91 KB
1 scene7.com
lakelandcamel.scene7.com — Cisco Umbrella Rank: 735023
26 KB
1 brightspotcdn.com
ca-times.brightspotcdn.com — Cisco Umbrella Rank: 44160
308 KB
1 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 2768
25 KB
1 redbubble.net
ih1.redbubble.net — Cisco Umbrella Rank: 58182
57 KB
1 alamy.com
c8.alamy.com — Cisco Umbrella Rank: 40025
254 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
0 decorhom.co.uk Failed
www.decorhom.co.uk Failed
0 bawdeswellgardencentre.com Failed
bawdeswellgardencentre.com Failed
26 14
Domain Requested by
11 buyem.xyz buyem.xyz
2 ts2.mm.bing.net buyem.xyz
2 fonts.gstatic.com fonts.googleapis.com
1 www.dentaldirect.co.uk buyem.xyz
1 www.wearemiddlesbrough.com buyem.xyz
1 cdn.notonthehighstreet.com buyem.xyz
1 lakelandcamel.scene7.com buyem.xyz
1 ca-times.brightspotcdn.com buyem.xyz
1 cdn.shopify.com buyem.xyz
1 ih1.redbubble.net buyem.xyz
1 c8.alamy.com buyem.xyz
1 fonts.googleapis.com buyem.xyz
0 www.decorhom.co.uk Failed buyem.xyz
0 bawdeswellgardencentre.com Failed buyem.xyz
26 14

This site contains no links.

Subject Issuer Validity Valid
buyem.xyz
WE1		 2024-07-04 -
2024-10-02		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.alamy.it
Amazon RSA 2048 M02		 2023-11-21 -
2024-12-20		 a year crt.sh
redbubble.net
WE1		 2024-06-12 -
2024-09-10		 3 months crt.sh
cdn.shopify.com
E6		 2024-07-01 -
2024-09-29		 3 months crt.sh
cdn.ca-times.psdops.com
Amazon RSA 2048 M02		 2024-06-18 -
2025-07-17		 a year crt.sh
*.scene7.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
cdn.notonthehighstreet.com
WE1		 2024-07-25 -
2024-10-23		 3 months crt.sh
www.nemp.42898e6bffb13b342018a6586-10856.sites.k-hosting.co.uk
R10		 2024-07-09 -
2024-10-07		 3 months crt.sh
dentaldirect.co.uk
R11		 2024-07-09 -
2024-10-07		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.mm.bing.net
Microsoft Azure RSA TLS Issuing CA 04		 2024-07-30 -
2025-01-26		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://buyem.xyz/
Frame ID: 241312A9954F0ABA23003E2FFCB03EF2
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Buyem Xyz

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

92 %
HTTPS

50 %
IPv6

14
Domains

14
Subdomains

13
IPs

4
Countries

1225 kB
Transfer

1375 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://www.bawdeswellgardencentre.com/wp-content/uploads/2016/10/Breakfast-Bar.jpg HTTP 301
  • https://bawdeswellgardencentre.com/wp-content/uploads/2016/10/Breakfast-Bar.jpg

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
buyem.xyz/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buyem.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.7.1
Resource Hash
2f418d69986d7b11ba7c0f1620ee52b2c59933dbfa5ed0dfeae732b3b7bbf3dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ae5d9070e77527b-LAX
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 05 Aug 2024 09:44:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N204yW%2FUwtqC6VOjcNJzWg%2BTLAg5UCW3MInH6ZzB8c7CH6e%2Bcez8TgUXwLbjmrGUt5NO5mLZAEG8BO1YoGMqOSGoMBfEklVR97D6paWBvDwKZFr3%2BXj%2Bz9MIsLs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
EasyEngine v4.7.1
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato&family=Source+Sans+Pro:wght@400;700&display=swap
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c02::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c8a0c50bfd7360c297e2daaa0b09ed5ba347dd2049eda54361986dc0a316ac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Aug 2024 09:44:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Aug 2024 09:44:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Aug 2024 09:44:18 GMT
theme.min.css
buyem.xyz/themes/paradigm/assets/ 		531 B
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buyem.xyz/themes/paradigm/assets/theme.min.css
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.7.1
Resource Hash
b4da8d23d8da0d5677fd409090c269adce5a808a3e0654ee5a56dca60ed3da66

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 11 May 2024 11:14:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"663f5310-213"
x-powered-by
EasyEngine v4.7.1
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wDg%2BpdzKCkVDPt6PW9R%2FyngulmfSAke4tK%2BOZfo50MkQRx%2Bo4V%2Fh9u4XuXRD6KJofMM8%2FqHAXTTMB5vccHzKfkJIQ7RWhDFZdECyTLO5KTJV3i5XyhOSw6TvNBc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400, must-revalidate
cf-ray
8ae5d907cef9527b-LAX
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Aug 2024 09:44:17 GMT
style.min.css
buyem.xyz/themes/paradigm/assets/ 		173 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buyem.xyz/themes/paradigm/assets/style.min.css
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.7.1
Resource Hash
cfa3fc85e3f92c9516a18001c3dd627f68acaa6195e47c92c5809239fda9645d

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:17 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 11 May 2024 11:14:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"663f5327-2b40f"
x-powered-by
EasyEngine v4.7.1
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wkqzt%2B0ggQfrkOpA8CObXbuurn9RjTmRJmBFzetiioEa63jAriinc3qvssEU0tAjWYn%2Fccecs%2BmVP9Bg%2BfXnbVAa3WC%2FnzVCfPlf3AZmXxb9%2FrLKdVhaTMvQ214%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400, must-revalidate
cf-ray
8ae5d907cefd527b-LAX
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Aug 2024 09:44:17 GMT
fa-solid-900.woff2
buyem.xyz/themes/paradigm/assets/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://buyem.xyz/themes/paradigm/assets/fa-solid-900.woff2
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.7.1
Resource Hash
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer
https://buyem.xyz/
Origin
https://buyem.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
EasyEngine v4.7.1
alt-svc
h3=":443"; ma=86400
content-length
80148
last-modified
Sat, 11 May 2024 11:16:13 GMT
server
cloudflare
etag
"663f537d-13914"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9v1iLyN2iM5VcVG5VA7nhl5Uw8AiqMUxS79TH7YCJZ9LlqTdMtGEAJwX5xdMChm2MP56uVGuC8uVC%2BfixKuJRxDQlppl%2B684bRco9dM6b%2BYv5IJB2sNSlKx%2Fp2I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
8ae5d907ceff527b-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
buyem.xyz/themes/paradigm/assets/image/ 		874 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buyem.xyz/themes/paradigm/assets/image/logo.svg
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.7.1
Resource Hash
89546e3be6f71c95926f8399c1c704e34cf7460eaf58a941f7827ec8045b82d7

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:17 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
EasyEngine v4.7.1
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 11 May 2024 16:04:26 GMT
server
cloudflare
etag
W/"663f970a-36a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yNxbl2xNu7M6Z2NeaRomWH%2FpMsdXLJDL98wUGGMtxkhtzLwYiBkQKX30dqO5O0Bu54ZxbVGdU%2FLMid9n2EFeCwuASVjEYPz%2BFzJGDuoShBPpL3v2H5ZhHhGsKj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8ae5d907cf01527b-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-invert.svg
buyem.xyz/themes/paradigm/assets/image/ 		876 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buyem.xyz/themes/paradigm/assets/image/logo-invert.svg
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.7.1
Resource Hash
efbd4535e67be813cbd995fce41385f729e3c42b1019c4d74205104b4a4d9a7d

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:17 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
EasyEngine v4.7.1
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 11 May 2024 16:04:31 GMT
server
cloudflare
etag
W/"663f970f-36c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=usP86BDl9Hz5Lq1B52pUwuqJdvB3uYGV7ca47LrJRlnZaqmx04VOJIvNze1AuTMqcJAqGv81L%2FrsFYPy%2B41KyhjQteskJGOHvZ7HBrN1AeBGzWQJ4R0FgUpeNkw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8ae5d907cf05527b-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-mobile.svg
buyem.xyz/themes/paradigm/assets/image/ 		876 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buyem.xyz/themes/paradigm/assets/image/logo-mobile.svg
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.7.1
Resource Hash
bd920185ebc5fa97fb7943658c65b84476583304f9eeff84f98295388fd05465

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:18 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
EasyEngine v4.7.1
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 11 May 2024 16:04:30 GMT
server
cloudflare
etag
W/"663f970e-36c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hRjQj1ka11Gc%2FANFABuRXDcKVzuscbwt7AyCBjrib8Un9VmvEFRxA4Xt31FUyWIvfBKUn2oxShZHfGKK24F2w2Huy6KV1x5DXU1xEI402YSPHyJr3kI5HMO626Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8ae5d9086f5f527b-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-invert-mobile.svg
buyem.xyz/themes/paradigm/assets/image/ 		876 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buyem.xyz/themes/paradigm/assets/image/logo-invert-mobile.svg
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.7.1
Resource Hash
efbd4535e67be813cbd995fce41385f729e3c42b1019c4d74205104b4a4d9a7d

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:18 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
EasyEngine v4.7.1
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 11 May 2024 16:04:28 GMT
server
cloudflare
etag
W/"663f970c-36c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ufc7sohKBm1PfUP0nALPCOe09boxJ%2BNPukWetj4HwnmwmxaNvunRyKtGRI7eScwthM10leQyjsWNcqrU9G8doRyra2pkNxxyLuGO0iBf0%2FDecbIDlDsdY%2FjmcEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
8ae5d9086f64527b-LAX
expires
Thu, 31 Dec 2037 23:55:55 GMT
town-centre-great-torrington-devon-england-united-kingdom-BHM6KY.jpg
c8.alamy.com/comp/BHM6KY/ 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c8.alamy.com/comp/BHM6KY/town-centre-great-torrington-devon-england-united-kingdom-BHM6KY.jpg
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-68.jfk50.r.cloudfront.net
Software
/
Resource Hash
fd4789638eb0a548c09198dd7e91562edf94f4b83a6815c670a2b9dcd0751d4a

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 02:55:16 GMT
via
1.1 c7705692ed008dad7e46e32f966aa3fe.cloudfront.net (CloudFront)
last-modified
Tue Oct 19 2021 00:00:00 GMT+0000 (Coordinated Universal Time)
x-amz-cf-pop
JFK50-P8
age
283742
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-id
iZg10A44_VQxxghYtdtvtSN2mHmKC-x-rPS5MRoXlOCF0GA5B9a6GQ==
cover.667922.2400x600.jpg
ih1.redbubble.net/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih1.redbubble.net/cover.667922.2400x600.jpg
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1ebe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
963f04ab390c2ed1b78f823f4cd4e881aef31cd41fafc5044ba6e5ee95f45e5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
inline
x-xss-protection
1; mode=block
x-request-id
960541e5-51c4-4846-8c63-ce5b2f0cf729
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"963f04ab390c2ed1b78f823f4cd4e881"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
https://www.redbubble.com
access-control-expose-headers
Content-Length,Content-Range
cache-control
public, max-age=31556952
vary
Accept-Encoding
cf-ray
8ae5d90bceea2eb1-LAX
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Tue, 05 Aug 2025 15:33:31 GMT
parker-rollerball-refill-by-monteverde-in-blueblack-fine-point_494.jpg
cdn.shopify.com/s/files/1/1693/8459/products/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/1693/8459/products/parker-rollerball-refill-by-monteverde-in-blueblack-fine-point_494.jpg?v=1565079918
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:127:f00f:ff01:: , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcbc727046ca090098b9a16309e937bf9e0871da0e1b1393adf9317132991e8
Security Headers
Name Value
Content-Security-Policy sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:18 GMT
content-security-policy
sandbox allow-scripts allow-forms allow-modals allow-popups allow-downloads allow-top-navigation-by-user-activation
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,gcp-us-east1
source-type
image/jpeg
server-timing
imagery;dur=249.920, imageryFetch;dur=84.445, imageryProcess;dur=164.264;desc="image", cfRequestDuration;dur=151.999950, ipv6
source-length
31476
content-length
24402
x-xss-protection
1; mode=block
x-request-id
bd4687aa-021d-4d8d-954e-fbc738c4accb-1720890528
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 13 Jul 2024 17:08:48 GMT
server
cloudflare
x-shopid
16938459
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRn3%2FqxlsBabKlVfwoEgQtScmYnLB3Tzq2c7CkLmZQgSI%2BGRKR39Nyh6Xcz1fuI2GHh2yBsmjdd0EtxzE09GAf3r0yax8lPsQvo69IfOrbwKmVddXEejlgZneJY2e0RJvpxwTzrHtrTxD2nrdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/1693/8459/products/parker-rollerball-refill-by-monteverde-in-blueblack-fine-point_494.jpg>; rel="canonical"
cf-ray
8ae5d90bcc430fe4-LAX
Breakfast-Bar.jpg
bawdeswellgardencentre.com/wp-content/uploads/2016/10/
Redirect Chain
  • https://www.bawdeswellgardencentre.com/wp-content/uploads/2016/10/Breakfast-Bar.jpg
  • https://bawdeswellgardencentre.com/wp-content/uploads/2016/10/Breakfast-Bar.jpg
0
0
/
ca-times.brightspotcdn.com/dims4/default/632168e/2147483647/strip/true/crop/6000x4000+0+0/resize/1486x991!/quality/80/ 		308 KB
308 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca-times.brightspotcdn.com/dims4/default/632168e/2147483647/strip/true/crop/6000x4000+0+0/resize/1486x991!/quality/80/?url=https:%2F%2Fcalifornia-times-brightspot.s3.amazonaws.com%2F95%2Fb0%2Fe64631024b41bf3ca41d6de220a9%2Fadidasmex091-jasminebaeza.jpg
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-47.iad89.r.cloudfront.net
Software
Apache /
Resource Hash
d26e6241008f646c0315b26d4f31a3d0013c823a85a540bb4b4825c22a42dc34

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:43:17 GMT
via
1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
IAD89-P1
age
61
etag
6ebb5ff7d8b4cbdb09d3cf62807ba4ee
x-cache
Hit from cloudfront
content-type
image/jpeg
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
alt-svc
h3=":443"; ma=86400
content-length
314989
x-amz-cf-id
er7Swo3Jycpav0wHsvMJ0xXDyW--WSLMWtIZWQAV36pchJBFvKKnuQ==
expires
Tue, 05 Aug 2025 09:43:17 GMT
crown-trade-fastflow-quick-dry-satin-paint_49637.jpg
www.decorhom.co.uk/productimages/1200/ 		0
0
24749_1
lakelandcamel.scene7.com/is/image/LakelandCamel/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lakelandcamel.scene7.com/is/image/LakelandCamel/24749_1?$800$
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:27::17da:daad Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
26c3ccc6b389d3eb93133c6177b7e7d4ec8fe37b8e3dea3f37a4c027297c7aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 05 Aug 2024 09:44:18 GMT
last-modified
Wed, 30 Oct 2019 04:53:26 GMT
server
Unknown
akamai-grn
0.ad02de17.1722851058.68426e47
x-adobe-modifierlist
QlpoOTFBWSZTWX8CIZYAAAADgAAKv2f+hCAASKeppoam0aTI9CnqDRoaANB40L4JGUr0Ovsd5eQQOf0z2FLNtNBCio/ly3A4UVWJmROuNsn8XckU4UJB/AiGWA==
etag
"e71437a6f5aea0b6923671a405b675f4"
x-adobe-assetlist
QlpoOTFBWSZTWVqhgpcAAASfAAAAtKAIBAAKpg8gADFNMjExMQagZBtQep2KWdxuDnRJSXkJj4u5IpwoSC1QwUuA
access-control-allow-origin
*
content-type
image/jpeg
x-adobe-smart-imaging
-15504
x-akamai-cache
Hit
content-length
26006
expires
Thu, 31 Jul 2025 09:43:17 GMT
original_personalised-children-s-boxing-gloves-leopard-print.jpg
cdn.notonthehighstreet.com/fs/e5/12/1ab8-21db-4480-98ba-39c8d356f0c0/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.notonthehighstreet.com/fs/e5/12/1ab8-21db-4480-98ba-39c8d356f0c0/original_personalised-children-s-boxing-gloves-leopard-print.jpg
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.230.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9198536254e9fd9eb446d1faf9c81d00014fb6e058e3f1b0e8246d6cd859599e
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:19 GMT
x-amz-version-id
X5eg2orj7k7YBi6yPzM5MMEOcWYpa1MW
cf-cache-status
MISS
x-amz-request-id
5HFCPYWQRQASHKA6
content-length
92538
x-amz-id-2
BUfRzHEfnoFkZfBWFsPAL1ppCHfrUd90fFruVxbqhhygqOz1qfApsVmRW/jD/KS37QxSZOv8z+g=
last-modified
Thu, 23 Sep 2021 18:53:04 GMT
server
cloudflare
etag
"b3f26e2a284ec9a16cc57476acf5700c"
vary
Accept-Encoding
x-frame-options
sameorigin
content-type
image/jpeg
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
8ae5d90bdab0fafc-SJC
expires
Thu, 05 Sep 2024 09:44:19 GMT
Middlesborough-Theatre-new-1024x768.jpg
www.wearemiddlesbrough.com/wp-content/uploads/2021/07/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wearemiddlesbrough.com/wp-content/uploads/2021/07/Middlesborough-Theatre-new-1024x768.jpg
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.194.90.7 , United Kingdom, ASN12488 (KRYSTAL, GB),
Reverse DNS
trunks-lon.krystal.uk
Software
LiteSpeed /
Resource Hash
bc909b3da63b827953529b355444a996515c043c0c37056a6e600f2b99ff9095

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:18 GMT
last-modified
Thu, 09 Nov 2023 08:40:06 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
127255
expires
Mon, 12 Aug 2024 09:44:18 GMT
co470_1.jpg
www.dentaldirect.co.uk/media/catalog/product/cache/d41ab62429e043fad4803de93e4bba5d/c/o/ 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.dentaldirect.co.uk/media/catalog/product/cache/d41ab62429e043fad4803de93e4bba5d/c/o/co470_1.jpg
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.181.118.22 , United Kingdom, ASN204436 (KUALO-AS, GB),
Reverse DNS
prod-ds1.dentocare.co.uk
Software
/
Resource Hash
93a387ec6057ecd5f9ab68e2436c6ed6954721f0c349a707e45b1806cb3815ee
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Tue, 05 Aug 2025 09:44:18 GMT
date
Mon, 05 Aug 2024 09:44:18 GMT
strict-transport-security
max-age=300; includeSubDomains;
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
125417
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Jul 2024 15:27:27 GMT
x-frame-options
SAMEORIGIN
content-type
image/jpeg
setifempty
Referrer-Policy: same-origin
cache-control
public, max-age=31536000,public
accept-ranges
bytes
edit
Set-Cookie (.*) "$1;HttpOnly;Secure"
darkModeBundle.min.js
buyem.xyz/themes/paradigm/assets/ 		1 KB
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buyem.xyz/themes/paradigm/assets/darkModeBundle.min.js
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.7.1
Resource Hash
2776fe9b08af66b2cf442bb773650c95d309d9a7e090a694b6fcc806594c9b20

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 11 May 2024 11:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"663f52a9-45d"
x-powered-by
EasyEngine v4.7.1
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vLXAB%2FU0KbYNnQ9i2Dp%2F0vFtauKiuI%2F1gjglZ%2FQL36vJMn4XXUQQy4P1DCeji%2BLIXh577ynag2P4XuW4PQDrtVuPzJwtSBIDcfTUAp58XUQm8gmOiTkY%2FbzPec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400, must-revalidate
cf-ray
8ae5d909b8be527b-LAX
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Aug 2024 09:44:18 GMT
bundle.min.js
buyem.xyz/themes/paradigm/assets/ 		863 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://buyem.xyz/themes/paradigm/assets/bundle.min.js
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.7.1
Resource Hash
e4b2c9e60af01d12b35fa8abed3343c873ef4a438fd4d4ce91ef64fefaef1cb2

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:18 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 11 May 2024 11:12:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"663f52bb-35f"
x-powered-by
EasyEngine v4.7.1
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBBtutC4KpRxc3cGrLASD%2BFxaM1RZTl%2Bnl6wzFd36AYjXVU4s03qMEVL4dgQW7aC%2FTFeBqup%2Fk1wqEQ9GOgY5XCsRdr%2FYTetNBWh2A6jGYuTT4h81Kx2BHQ4kqk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400, must-revalidate
cf-ray
8ae5d90a3913527b-LAX
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Aug 2024 09:44:18 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Source+Sans+Pro:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buyem.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 00:24:09 GMT
x-content-type-options
nosniff
age
379209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 00:24:09 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Source+Sans+Pro:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c1d::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buyem.xyz
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 01 Aug 2024 00:23:29 GMT
x-content-type-options
nosniff
age
379249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Aug 2025 00:23:29 GMT
th
ts2.mm.bing.net/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ts2.mm.bing.net/th?q=crown-trade-paint.webp
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d9e082e41d685195a22659ecbc4574ad1cb3299c0c01000f189cb6a88ae17943

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:18 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0FB2EFCC02D545C2BDBCE6E09A6C0966 Ref B: LAX311000112035 Ref C: 2024-08-05T09:44:18Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
24548
th
ts2.mm.bing.net/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ts2.mm.bing.net/th?q=breakfast-bar-furniture.webp
Requested by
Host: buyem.xyz
URL: https://buyem.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3d96a2a44eb3bd2faca489fdbfdc1a4d3bceb1d3d66c23376ede7dc87cdbcbbc

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:19 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E26BEB3EDCAA4101BBB62BCF4161270A Ref B: LAX311000112035 Ref C: 2024-08-05T09:44:20Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_MISS
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type
image/jpeg
cache-control
public, max-age=5184000
timing-allow-origin
*
access-control-allow-headers
*
content-length
33687
favicon.ico
buyem.xyz/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://buyem.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.134.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / EasyEngine v4.7.1
Resource Hash
2fb0d8517be343559eb607be7f4fe59d03f41843a75a2aef75467222aa3203c4

Request headers

Referer
https://buyem.xyz/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 09:44:20 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 04 Jul 2024 23:41:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66873340-47e"
x-powered-by
EasyEngine v4.7.1
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YBS8lCp%2Fiaw6QpaA%2FOPPDp6ciwTYJFPvzrBhICU9lkJBJDMLfD97oB0q%2BR6P6Oy1twdkBEAm0sLekWkBXHm3yEX9Zk6wxXbyMG6p4MXAuDoxmAEDignHJ%2BijSRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=315360000
cf-ray
8ae5d9185b9b527b-LAX
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bawdeswellgardencentre.com
URL
https://bawdeswellgardencentre.com/wp-content/uploads/2016/10/Breakfast-Bar.jpg
Domain
www.decorhom.co.uk
URL
https://www.decorhom.co.uk/productimages/1200/crown-trade-fastflow-quick-dry-satin-paint_49637.jpg

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| toggleDarkMode function| initDarkMode function| debounce

1 Cookies

Domain/Path Name / Value
.redbubble.net/ Name: __cf_bm
Value: a2tkAUCYTmSCezC10X6ea.cvR4NoLMnu1geJbPAy0pA-1722851059-1.0.1.1-P48.60pJFJFEu9TMUrnBShFJUv1Tl5LA_0Pq__K0xzHUPWMhvxQmMbW5YgBlDyVBdk3EOTEa3Gnxe3JjHE..Eg

6 Console Messages

Source Level URL
Text
security warning URL: https://buyem.xyz/
Message:
Mixed Content: The page at 'https://buyem.xyz/' was loaded over HTTPS, but requested an insecure element 'http://www.bawdeswellgardencentre.com/wp-content/uploads/2016/10/Breakfast-Bar.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://buyem.xyz/
Message:
Mixed Content: The page at 'https://buyem.xyz/' was loaded over HTTPS, but requested an insecure element 'http://lakelandcamel.scene7.com/is/image/LakelandCamel/24749_1?$800$'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://buyem.xyz/(Line 261)
Message:
Mixed Content: The page at 'https://buyem.xyz/' was loaded over HTTPS, but requested an insecure element 'http://www.bawdeswellgardencentre.com/wp-content/uploads/2016/10/Breakfast-Bar.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://buyem.xyz/(Line 261)
Message:
Mixed Content: The page at 'https://buyem.xyz/' was loaded over HTTPS, but requested an insecure element 'http://lakelandcamel.scene7.com/is/image/LakelandCamel/24749_1?$800$'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://www.decorhom.co.uk/productimages/1200/crown-trade-fastflow-quick-dry-satin-paint_49637.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
javascript warning URL: https://buyem.xyz/
Message:
The resource https://buyem.xyz/themes/paradigm/assets/fa-solid-900.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bawdeswellgardencentre.com
buyem.xyz
c8.alamy.com
ca-times.brightspotcdn.com
cdn.notonthehighstreet.com
cdn.shopify.com
fonts.googleapis.com
fonts.gstatic.com
ih1.redbubble.net
lakelandcamel.scene7.com
ts2.mm.bing.net
www.decorhom.co.uk
www.dentaldirect.co.uk
www.wearemiddlesbrough.com
bawdeswellgardencentre.com
www.decorhom.co.uk
104.17.230.46
13.35.93.68
172.67.134.11
18.67.65.47
185.181.118.22
185.194.90.7
2600:1408:c400:27::17da:daad
2606:4700::6812:1ebe
2607:f8b0:400d:c02::5f
2607:f8b0:400d:c1d::5e
2620:127:f00f:ff01::
2620:1ec:33:1::10
26c3ccc6b389d3eb93133c6177b7e7d4ec8fe37b8e3dea3f37a4c027297c7aab
2776fe9b08af66b2cf442bb773650c95d309d9a7e090a694b6fcc806594c9b20
2f418d69986d7b11ba7c0f1620ee52b2c59933dbfa5ed0dfeae732b3b7bbf3dd
2fb0d8517be343559eb607be7f4fe59d03f41843a75a2aef75467222aa3203c4
3c8a0c50bfd7360c297e2daaa0b09ed5ba347dd2049eda54361986dc0a316ac6
3d96a2a44eb3bd2faca489fdbfdc1a4d3bceb1d3d66c23376ede7dc87cdbcbbc
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
89546e3be6f71c95926f8399c1c704e34cf7460eaf58a941f7827ec8045b82d7
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9198536254e9fd9eb446d1faf9c81d00014fb6e058e3f1b0e8246d6cd859599e
93a387ec6057ecd5f9ab68e2436c6ed6954721f0c349a707e45b1806cb3815ee
963f04ab390c2ed1b78f823f4cd4e881aef31cd41fafc5044ba6e5ee95f45e5e
b4da8d23d8da0d5677fd409090c269adce5a808a3e0654ee5a56dca60ed3da66
bc909b3da63b827953529b355444a996515c043c0c37056a6e600f2b99ff9095
bd920185ebc5fa97fb7943658c65b84476583304f9eeff84f98295388fd05465
cfa3fc85e3f92c9516a18001c3dd627f68acaa6195e47c92c5809239fda9645d
cfcbc727046ca090098b9a16309e937bf9e0871da0e1b1393adf9317132991e8
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d26e6241008f646c0315b26d4f31a3d0013c823a85a540bb4b4825c22a42dc34
d9e082e41d685195a22659ecbc4574ad1cb3299c0c01000f189cb6a88ae17943
e4b2c9e60af01d12b35fa8abed3343c873ef4a438fd4d4ce91ef64fefaef1cb2
efbd4535e67be813cbd995fce41385f729e3c42b1019c4d74205104b4a4d9a7d
fd4789638eb0a548c09198dd7e91562edf94f4b83a6815c670a2b9dcd0751d4a