urlscan.io logo urlscan.io
SecurityTrails logo

buytadalix.com Open in urlscan Pro
104.21.6.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://trueweightloss.iceiy.com/?s1=xrymer&lol=1
Effective URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Submission: On October 25 via manual from ES — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 53 HTTP transactions. The main IP is 104.21.6.17, located in United States and belongs to CLOUDFLARENET, US. The main domain is buytadalix.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 24th 2021. Valid for: a year.
This is the only time buytadalix.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 185.27.134.126 34119 (WILDCARD-...)
2 2 34.65.149.9 396982 (GOOGLE-PR...)
1 1 63.32.67.114 16509 (AMAZON-02)
1 1 3.229.41.119 14618 (AMAZON-AES)
48 104.21.6.17 13335 (CLOUDFLAR...)
1 142.250.186.170 15169 (GOOGLE)
1 142.250.184.195 15169 (GOOGLE)
53 4
3    185.27.134.126 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)
trueweightloss.iceiy.com
2    34.65.149.9 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 9.149.65.34.bc.googleusercontent.com
sid1v.doctortshooter.com
1    63.32.67.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-67-114.eu-west-1.compute.amazonaws.com
nmttrack.com
1    3.229.41.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-41-119.compute-1.amazonaws.com
xpresskonnekt.com
48    104.21.6.17 (United States)

ASN13335 (CLOUDFLARENET, US)
buytadalix.com
1    142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net
fonts.googleapis.com
1    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
48 buytadalix.com buytadalix.com
3 trueweightloss.iceiy.com trueweightloss.iceiy.com
2 sid1v.doctortshooter.com 2 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com buytadalix.com
1 xpresskonnekt.com 1 redirects
1 nmttrack.com 1 redirects
53 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-24 -
2022-03-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Frame ID: 5798C0298A27515AB55E27F154A6AFC7
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tadalix

Page URL History Show full URLs

  1. http://trueweightloss.iceiy.com/?s1=xrymer&lol=1 Page URL
  2. http://trueweightloss.iceiy.com/?s1=xrymer&lol=1&i=1 Page URL
  3. https://sid1v.doctortshooter.com/l/?sub1=1 HTTP 301
    https://sid1v.doctortshooter.com/l?sub1=1 HTTP 303
    http://nmttrack.com/?a=129285&c=268782&mt=16& HTTP 302
    https://xpresskonnekt.com/?a=747&c=345&s1=129285&s2=4dee1b7d704f445f86d756ca475096d3194d3&s4= HTTP 302
    https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery\.fancybox(?:\.pack|\.min)?\.js(?:\?v=([\d.]+))?$
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

94 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

4
IPs

3
Countries

1757 kB
Transfer

1949 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://trueweightloss.iceiy.com/?s1=xrymer&lol=1 Page URL
  2. http://trueweightloss.iceiy.com/?s1=xrymer&lol=1&i=1 Page URL
  3. https://sid1v.doctortshooter.com/l/?sub1=1 HTTP 301
    https://sid1v.doctortshooter.com/l?sub1=1 HTTP 303
    http://nmttrack.com/?a=129285&c=268782&mt=16& HTTP 302
    https://xpresskonnekt.com/?a=747&c=345&s1=129285&s2=4dee1b7d704f445f86d756ca475096d3194d3&s4= HTTP 302
    https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
trueweightloss.iceiy.com/ 		851 B
845 B 		Document
General
Check archive.org
Download Go to
Full URL
http://trueweightloss.iceiy.com/?s1=xrymer&lol=1
Protocol
HTTP/1.1
Server
185.27.134.126 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
a968cef81de61b4646ac35363d9c78447e00c895b37d15c92aeda27b276924b3

Request headers

Host
trueweightloss.iceiy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Mon, 25 Oct 2021 12:07:48 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Content-Encoding
gzip
aes.js
trueweightloss.iceiy.com/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://trueweightloss.iceiy.com/aes.js
Requested by
Host: trueweightloss.iceiy.com
URL: http://trueweightloss.iceiy.com/?s1=xrymer&lol=1
Protocol
HTTP/1.1
Server
185.27.134.126 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
trueweightloss.iceiy.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://trueweightloss.iceiy.com/?s1=xrymer&lol=1
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://trueweightloss.iceiy.com/?s1=xrymer&lol=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 25 Oct 2021 12:07:48 GMT
Last-Modified
Sat, 08 Aug 2015 08:12:26 GMT
Server
nginx
ETag
"55c5b9ea-79e6"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31206
/
trueweightloss.iceiy.com/ 		87 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
http://trueweightloss.iceiy.com/?s1=xrymer&lol=1&i=1
Requested by
Host: trueweightloss.iceiy.com
URL: http://trueweightloss.iceiy.com/?s1=xrymer&lol=1
Protocol
HTTP/1.1
Server
185.27.134.126 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
89b8b6324e7c5b1648cf0e6b89211037059c5877cd34b59f56082422cfd91101

Request headers

Host
trueweightloss.iceiy.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://trueweightloss.iceiy.com/?s1=xrymer&lol=1
Accept-Encoding
gzip, deflate
Cookie
__test=ddf10c005e74edc4939533a556f70f0b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://trueweightloss.iceiy.com/?s1=xrymer&lol=1

Response headers

Server
nginx
Date
Mon, 25 Oct 2021 12:07:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=0
Expires
Mon, 25 Oct 2021 12:07:48 GMT
Content-Encoding
gzip
Primary Request index.php
buytadalix.com/promo/v1/
Redirect Chain
  • https://sid1v.doctortshooter.com/l/?sub1=1
  • https://sid1v.doctortshooter.com/l?sub1=1
  • http://nmttrack.com/?a=129285&c=268782&mt=16&
  • https://xpresskonnekt.com/?a=747&c=345&s1=129285&s2=4dee1b7d704f445f86d756ca475096d3194d3&s4=
  • https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
44 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7c43b0f2c0dc8393b2bae1ca4c5f64fb1a3d7b445ea3c088c53dc876528489

Request headers

:method
GET
:authority
buytadalix.com
:scheme
https
:path
/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://trueweightloss.iceiy.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://trueweightloss.iceiy.com/?s1=xrymer&lol=1&i=1

Response headers

date
Mon, 25 Oct 2021 12:07:55 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=1d5044a1d5253312714a882de8471953; path=/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BWMWQDPltr2di0cdrk04yXUZrjlHM%2FnmO9mqI%2BoHbLLpvxVtukkKEP3A94%2BQ28YjJE1YlUq3bNB124IUg%2BCtuTZDQLkcVhrzcCt1wjK5EpjxfpskHRJ1D5XxNUzN%2FihRxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a3b53ce99b5324c-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Cache-Control
private
Content-Length
210
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Oct 2021 12:07:55 GMT
Location
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
sid=I2PAJhgUGu4TPY/5BYCBHvdAGxeADjxVGJj/Q6oZjkdShvtlS7seSg==; domain=.xpresskonnekt.com; path=/; SameSite=None; secure; HttpOnly trk=dM77gJ2lcUITPY/5BYCBHvdAGxeADjxVGJj/Q6oZjkdShvtlS7seSg==; domain=.xpresskonnekt.com; expires=Sun, 25-Oct-2026 08:07:53 GMT; path=/; SameSite=None; secure; HttpOnly c324=I2PAJhgUGu4bvbHhT6TsXzP0s9JN40sYy77lmrSu+x8=; domain=.xpresskonnekt.com; expires=Wed, 24-Nov-2021 12:07:53 GMT; path=/; SameSite=None; secure; HttpOnly
Connection
close
app.css
buytadalix.com/promo/v1/bmf/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/bmf/assets/css/app.css?v=2
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9bec09ccdbe2aa98b65feda829ccb24d75922aef0a57d57969b3925abd854d6

Request headers

:path
/promo/v1/bmf/assets/css/app.css?v=2
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7H2xN5r6rnHdIx7YVgLlHXBvhlhgQuXq85dtqPWFO%2B5qgZH0JsjqsHZuvZlzQ%2FGqmHjPqiXLSTJ%2BdFpdxd7DrGPR2hahDvjjfwcHmXA8QqT%2BrsG0l0Zmuc4XA748kc4Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a3b53cf0a57324c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
buytadalix.com/promo/v1/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/css/style.css?v=4
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2a51376656f52131c8f946eea6f8799cbd0c7f7ac8d8b482db5abe810472ee

Request headers

:path
/promo/v1/css/style.css?v=4
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZeJZ7Cn9dI%2B%2FharAN5rrl2FT5BUq6kW12z1zQtjCZHa43fqr4mjhq6NHd9cPd4L%2BZJS8XhD8lcdGpjTUZtZeOZatB%2BW%2BWDB1kzNsvlg1WaYczyKxjmTLgVs%2Fd%2Bj2joqoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a3b53cf0a59324c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
slick-theme.css
buytadalix.com/promo/v1/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/css/slick-theme.css
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96515980be147363926919ea9d2337f7726aff845749c5b0adf409bff3fab7e7

Request headers

:path
/promo/v1/css/slick-theme.css
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tk2VHrrL3V8MVJvbU%2B4C3AYvqc%2F7NZ5ZhGqAhPdejjcH5YOsCrqEtW76NsALaaJmnd3L1lEUjUaofNp8qAGdAGu3%2F1KI0pUcrAuaz%2FBTvu%2Bn1Tkf6aC%2BDwfwGMiSvIbwcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a3b53cf0a5a324c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.fancybox.css
buytadalix.com/promo/v1/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/css/jquery.fancybox.css
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9f3dac0d6072f5b020af00040a8a5c53f293b1948276222b7d6d5e91418f6b

Request headers

:path
/promo/v1/css/jquery.fancybox.css
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FxK%2FuRbhhyohKhyDpAp00UOyKM0W5vQMqz4%2BGlOHERGGtQ3gk3rn428Ad94ocVvkBinTJOP%2BVn5iiGLqfQqI4rpt7VJXwSNfsSKMPljEjNyHm5BDOV%2BtK0VhVEJNcKLqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a3b53cf0a5b324c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f10.1e100.net
Software
ESF /
Resource Hash
c6da3e29d7e9c52e3786c3a361d3c00084681338fcd8cfb1539618617f4a258a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Oct 2021 12:04:48 GMT
server
ESF
date
Mon, 25 Oct 2021 12:07:56 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 25 Oct 2021 12:07:56 GMT
jquery.autocomplete.css
buytadalix.com/promo/v1/bmf/assets/css/ 		598 B
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/bmf/assets/css/jquery.autocomplete.css
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9923f776d38ff1e32eec661421dbe6f329a8ea886bbe7397a99a1df18d07f869

Request headers

:path
/promo/v1/bmf/assets/css/jquery.autocomplete.css
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma72Ksx2mBzf12zZjItlZuzu2LVoVmWx9dvG%2BPWP0xRnj3udHhpSlxDHxEUayGWF8gWMwomE124%2BwX8Mjn7bQTOt3H%2BrqqZxl%2FZfVkgZUXe%2FcFp5mQzT0XabOU1URd0Zvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a3b53cf0a5c324c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
top-logo.png
buytadalix.com/promo/v1/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/top-logo.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a92865ee93fe101eccd8030485d0095f11e76f3ddbb4a68a84c9cb28ca52ce

Request headers

:path
/promo/v1/images/top-logo.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xXJhw6n25JMu6jbDOL%2B30Ykgz3OqjKN6%2Bc0BVMaEnGOSS6t3yw9Pb7x1K40YFkRDTKE5xxA%2FgmHmmzLr5QuhqsQZDgxzBBIBvR%2BMWsgmjtg4I0iLjU7RHpeQFL1KMBucPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6adc6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1524
top-txt.png
buytadalix.com/promo/v1/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/top-txt.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19af2344ee0b117b2130c6cc788d68e3a127417d96a4bc5e3471db001cf2fa3a

Request headers

:path
/promo/v1/images/top-txt.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KlmAk4yK3e85C50Dz0dasCIuTSsFeODeZLFdmieY%2BMH7esg8BLrm4rOUMrhwP93GQo8tRVMpzRNJGsZWs5DGfG6pFrOUz1okwkKRCmugU7aT2IwPj05S0Kw0as4%2FezE2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6ade6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8943
rx.png
buytadalix.com/promo/v1/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/rx.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a527434d580155d3c1c1e5e66be459b49524fb9e5c0a3828c942822a3c2dbd24

Request headers

:path
/promo/v1/images/rx.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4l%2BFItkBmpyRPUmLjkFCZctGGH7ZG%2BFLqx%2BQ2cmd1IPMkfKrbvwBbWxPx6rCr4wvX6tBLY88XkyUEj6h9b3i8b3pCy4VBrecOpJSHIctY2UXyLPoPjDgMez19xwJPeMuGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6ae26955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15700
arrow.png
buytadalix.com/promo/v1/images/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/arrow.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e5667682ad4d1f172790678b8329740a08a743247523a4cf8478ba9cc7a23e5

Request headers

:path
/promo/v1/images/arrow.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:57 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0rQs2YYwKpgOF29pyKfxp5ci30V7QT%2F2X849T7XZheqjwiEXbo8jAGQU2ZDB%2BSC5%2Bd1l9D6gZct%2FivZurItg6Jko95newFwGqwoKL79%2BqELmM%2BRXBN0%2FFbjO15gitbRRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6ae36955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
44066
as-seen.png
buytadalix.com/promo/v1/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/as-seen.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17ec883311d94fc92aa3aebee609a312435cd952dedeb43d685f344723739be2

Request headers

:path
/promo/v1/images/as-seen.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xR%2B33G%2BdZ0oF9hvPyzNrL6G6hnaKk1%2FOh8JLIwzy5FQM671WmwSdSVZ0xspF85Yw0ICNjFuzh%2BiCTIxGsHSSO%2FwlgwXbcSO5pvwAm3cl4Ys9GcAOkwQ2NmliJKR2fjBYZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6ae56955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11440
bottle.png
buytadalix.com/promo/v1/images/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/bottle.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b32d0c77da9615523d027b9bf7f4d822fa16538e90891b58fa2fe9628f49f0aa

Request headers

:path
/promo/v1/images/bottle.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTxmYwHYOJeQFqLP%2BpH%2BL%2F6No9dOAl3D11iciwN0DbX%2FZfAfZpIfdwiQ6sTyj2Avx%2BBZuigN586bEESNTfRuTbemA%2F8ocEUYQwwvfcInnbL9V5vwopsU%2F0v9zUdTK4ukHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6ae66955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
105298
us-seal.png
buytadalix.com/promo/v1/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/us-seal.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a3875ff546dbfb710d3d1178dbf79109f6df75b6b9c6bfd6ac3c78abf7c3d62

Request headers

:path
/promo/v1/images/us-seal.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKKWFZE1PVCFmKX%2Fowu79NMLrfT%2FQetFLpyPfRncxIyZ938GGlaCzQsonDe543GHDXZI%2Fm%2FiKau7B0B07BO%2Br4ST8cA8Megvndy95ozxnZxQhyvPn2SG8yU0VvEJ12XlKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6ae76955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24154
frm-top.png
buytadalix.com/promo/v1/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/frm-top.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2f3998e7d26642ae3656833bada4e43b9062c5d34218b3ed0c849e1009f33b3

Request headers

:path
/promo/v1/images/frm-top.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14LiYh9WeZmgTqVt2a5AyRMRGCNSCYAjQxS%2Fh6%2B4lfw5hpRkHBIuJFoOyypeZEtT2VgBoBR9%2BFgNOlpNuJvl2gFUMKYp713OpjJ1O%2FheHm%2FszO5hrzZKlfw7lWEAdIbprQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6aea6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
10624
lock.png
buytadalix.com/promo/v1/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/lock.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f97658952b3257e3bee6db8d64b263c2501fbe520363cf7887ac38e5483e8fe

Request headers

:path
/promo/v1/images/lock.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FoT8XzYcuLYO%2FELyGd5VYgpdgg8T35HMt9Y6tnpIZHXOUwTx0OEPrfIGKEVNjBGuefTEiQvjleNYiM8T%2B4iPqKKxJfNHh8YVE%2BCT5LH86sCVrNlbddrrDWOuezKXFM05w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6aeb6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2153
frm-btm.png
buytadalix.com/promo/v1/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/frm-btm.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fecec8c4e1065650e7689c363f39b95b5d1d8ffa5e38ed979fbf47a290f604d5

Request headers

:path
/promo/v1/images/frm-btm.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hnHJozvUA9pge5Gu2tg%2FXa9uKx4n2OWGnElvHwX63cn2DauFNwqjngSykkesPvSqgePYNRH2UR6ThwJqb%2F4Tb6K1YeHDdDMELv2V1tu21BdnIfufZEUJ5mE4WSDbejYBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6aed6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5139
icon1-sec2.png
buytadalix.com/promo/v1/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/icon1-sec2.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7437907877de3c47dbdd6b3723b892706cb6ff84f899a6f19d016da98dc32616

Request headers

:path
/promo/v1/images/icon1-sec2.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojQ1O545WJ%2F1UmscEUmoO4n95YBmtUapXlQvf1gQUNqoUU4B70D1s12SpBR3fo7vS2yNlvVDlvBf7DijICybi6IIX%2FqjFTJAQkzPxLYMC%2BXyJpSF6FHPGwYXRiM5aRRNLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6aee6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12314
icon2-sec2.png
buytadalix.com/promo/v1/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/icon2-sec2.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac8a105bd7065f2e554e3b873625696ae49f2eca29bb354a42542c8e2fcc5f41

Request headers

:path
/promo/v1/images/icon2-sec2.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRA46CMPLmDCVLJfLh6CZWrPHS55wklE1uAMaPJQMTiIRlWM%2FpaDeuoyhIwnD7UH3QwgrCZM6flvnQjfz7nZBAhgeVMhyBpIRfoy%2FBFZukv%2BzUos0hF2wr9wXb8leFQaMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6af16955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12798
icon3-sec2.png
buytadalix.com/promo/v1/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/icon3-sec2.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf320acd8b6abf5e5e636778d998d5c10d020c685c7bbc2dd933bd79a87a9df5

Request headers

:path
/promo/v1/images/icon3-sec2.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4oNqlbTzXNxISsQZ7nYWJizyqgohk%2FCbVpDaIpzE4gmNQSS%2Fd4mouqywTWV1LOYPIa8q9Lnnqbb8npdvwFdM6Id3mDcTA4oTUbLjU%2B6Oqbd5UX7vGHSWO89X%2BzzqlH0GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6af36955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12013
icon4-sec2.png
buytadalix.com/promo/v1/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/icon4-sec2.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1eda5c7e11d13ec40c52ed005c17f107ec0bb83b41580afb5c3fe4a23f9c4a8

Request headers

:path
/promo/v1/images/icon4-sec2.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDmN%2FCON4Pe3OM7DZXIkNSfQ0CYK9Il86nYumyLwirAh8JTRCsinqBk1jXErfLDsRv5jVENyt9yfTnKuH2TG7oabcf1ArHT7UqlH5lKzHSXnIMCHBouh5R%2FoL6R6SD4C8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6af76955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
11059
button.png
buytadalix.com/promo/v1/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/button.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81713e9e4f45da351ec253581a6b3321cd77858bc35aee229f810f89cab411cd

Request headers

:path
/promo/v1/images/button.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7GipvrO%2B3w1va9cw8hbFQZz%2BXMBYIqWUNMym%2FsqgTQ6zyOR7lxJqPgxz1V1plnqJUfK%2F3buPf5aFYJPtfob59f6BfX4JZdRij6dOplkENs8rvJcDNoUYxotqJOH6uz8Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6afb6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3467
clink-seal.png
buytadalix.com/promo/v1/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/clink-seal.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0272ba488a512eb8683456afb1e9df36a4c29b49a62c1d6dbb95b823b0c10c2a

Request headers

:path
/promo/v1/images/clink-seal.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQvE%2Bni4hQ1Sxib5nmTTIG5pPbPl4qeO24nyluM0FdqLtgFo4Pc8mS2tk1eTEqjYItEPhWAwAUG1ncoV4cafEQIKa6xhRkBvaRv797YZguqfiuZbZd64yW6ZOeFE%2FwIMrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b006955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
21137
s4img.png
buytadalix.com/promo/v1/images/ 		195 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/s4img.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b2ef275cad3a4e9e681a526b55feecb4cdee7a131ae9f2b89a74ca4909b56f

Request headers

:path
/promo/v1/images/s4img.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wR39i05RcHae%2FcrsLG2TnUhc7da6%2FgPg7GFqi3xTLX4gEcz0EnyEAebyIlPX5s15f%2B%2FDpTEKTUgJm5D7DOQfrcrzsRK3nL4iijMxiVa%2Bt7gZquVes85PDF9awkVWHk%2BhEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b066955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
199846
satisfaction-seal.png
buytadalix.com/promo/v1/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/satisfaction-seal.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e400dfc4e27cdee3fc89ef521c2c1e3abd457ad25628856189171de84d12a912

Request headers

:path
/promo/v1/images/satisfaction-seal.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky%2BH9SxlpWTEcH0a9ULdITTCteN9nW012x%2BjQF1%2FG1DZ03Jzc27aKSt9aPoXMmsAApyHbgJ%2FLUxq0%2BHY6Mnk9RmCwSjBgf3Oku5ILxrAsyUgkkiDFKHHv6IJw43Weh4HkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b086955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20063
one-img.png
buytadalix.com/promo/v1/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/one-img.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
971639fa171df17f62ba70a743e1531358560bf1051187169bad39c061a9eea8

Request headers

:path
/promo/v1/images/one-img.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqlFnEtlwXiPeEJTcFIh8B9STnr9%2FtfWhBqnxgXSpeKI8rAmlcAmVgvYngb36SqVaUgwcWQEybj4M9wLzk3h%2Bc%2FTLGbY9szam%2BSATta9dPvwyDzMQTHMoRH5IqWEEgSjNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b0b6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6879
natural-seal.png
buytadalix.com/promo/v1/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/natural-seal.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e213e9a0b20322ced51f86ca0b9609651cab84fda34aff71562e436f510a2d

Request headers

:path
/promo/v1/images/natural-seal.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=niVjrJ8Rz%2FkdVK83dfaerXn4yTto92N4EIsttq%2FaJVQZUSUpv3dQijYioETKjd7t6NKQFC5qpwnplJKi%2BkTy6lgE153MZqm9G57YmGPnM%2F2rJ%2FT2rmipR%2FnW8Zy3BNKZIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b0f6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17477
man1.png
buytadalix.com/promo/v1/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/man1.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f2a51f0e0fc9d72339dffa30553044bbe77f32495baecb60885129f26b91c7e

Request headers

:path
/promo/v1/images/man1.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvFU%2Ff%2Fny%2FmRtR6qwjO6Xx2C%2Fp6GTpumS%2FBQaaQqRDUoIghgGzNQ3fd5tbJqaCXxGGaUiw0DrbW0bk6AQeyaHB90R1NurmJw1QAuzZEtRxG%2BCp5ok5KZRLcnLLRLyJBNNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b106955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24269
star.png
buytadalix.com/promo/v1/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/star.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4afab56ca077a2eafc4864b7896c44fcef0b2c44145ab7a6b293197af657848d

Request headers

:path
/promo/v1/images/star.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaGidvYYmaGDkFZ4sRTEFOFbxSH7C%2F8N6HwGlV%2F49NbBHrOzHOxqJ%2B35Ct59AoLiQ9WM2pYopvhwFiLU9VckZT8CV1Qi1tOCSTfXdwyI4rYtUspqE1qMKpCfErIqGyFUEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b136955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1307
man2.png
buytadalix.com/promo/v1/images/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/man2.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
483a8f42df3a8adc76ed84bb9d87e91013bb823b5a39baf6ee2465f71ccd753c

Request headers

:path
/promo/v1/images/man2.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJe7mV5EKRUhqBd3MwD0K559kd5EGYthILGEnt08%2BQfWplSA0ZWqlVW52fh6Ybda8k0zK2wK2XOyYnwiafgGPSYFSGRDvyVITj26FAj1A2X5mIesRoBcmqQoZmUaE%2F8Gsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b156955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
25635
man3.png
buytadalix.com/promo/v1/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/man3.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac9c6f3f581b1f0f5b71853fe120dd9303942dd1b6764a365f083f9e7613819

Request headers

:path
/promo/v1/images/man3.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPacM2KD%2B5MsoH6CMJp7fgEgY21gewoc9BcL%2F5yMzDs1l1ygpurwvEa3IZNWFWP01BVp8RCm40Vbg4RePnEtiSJtauwYxDYEOPD7DIr%2BeJn1ZK5Kp0quOGhJjJFrCMdofg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b186955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20837
man4.png
buytadalix.com/promo/v1/images/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/man4.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13eeb9062d717219aae6c829c131251353e2a791909a2ab3ae822e484228bf57

Request headers

:path
/promo/v1/images/man4.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qbAwDzgQAjYNBxMjxtX%2BeL9H5ZIQCceJanV5m237brNLhpEfSWRSgp2atf0WiAjrr%2FnRxssEqCS9es6EJ%2B4T9hnBsrhwAAH44032VjWWpT2GZ1gqZx6Vsh%2BJWlUuXPFEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b1a6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26865
jquery.min.js
buytadalix.com/promo/v1/js/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/js/jquery.min.js
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59ce5b2fc62c2cce339b5b218d32c21e7a6eb53a567f548d52c88b2f563b172e

Request headers

:path
/promo/v1/js/jquery.min.js
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kYtlanW%2BINBBc3EJtbRqDvrHDasftwZp1zlVqDZfSxS29fuySDcbJyo4g4KM06PWwDMBUeQ9H03r%2FPHa3R5PM8ia40Yrm7kccU7gpjnQAoSWR948nRHmYPVR6JC9vrFFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a3b53cf5aae6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.fancybox.js
buytadalix.com/promo/v1/js/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/js/jquery.fancybox.js
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2acd5c593f99ed3f880053a8e2e09daa948ebff4c8615efa63055e0695756926

Request headers

:path
/promo/v1/js/jquery.fancybox.js
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2AZTP6LM3SmVIzQeEhQbQ%2FgcvzORs9nNOOJNykdxEYCpjKr2rZ7NpvEibO%2Fs5RZTJlLQ96%2BA2%2F1danRsQk%2FAWQGbHA%2FTizaMnMH8yuktcHLD3mygb5tUVo%2BYzn%2BWJNp6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a3b53cf6acd6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
slick.js
buytadalix.com/promo/v1/js/ 		79 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/js/slick.js
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b852bb8f52000143cb635f8feb6e3e7771f056e31ef8781686921ebd15456120

Request headers

:path
/promo/v1/js/slick.js
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsKvtQx1mfhODScp7Ru9PJ3D0so24XJtp8ePsxt5DKfhIXoxudyI%2BNtUNZ9RK83NQZjpiQQWyadRy%2FfhiYDdHe0JSlgvnuTrU%2BDJ5bGoXvxzcqvPMqMDcc2WFPb3gBu7lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a3b53cf6ad16955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
jquery.autocomplete.min.js
buytadalix.com/promo/v1/bmf/assets/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/bmf/assets/js/jquery.autocomplete.min.js
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f

Request headers

:path
/promo/v1/bmf/assets/js/jquery.autocomplete.min.js
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/index.php?AFFID=V1IC&C1=747&C2=129285&C3=32826264
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=paYpOpPJLRQ8jiFmmVloiWoPy1hjzCO85RmPcrOiLYPQly8ZHNH1L4fnyRZ%2BlzC3YeapuzVNMTAnLFqlgItaag5K%2FhKJ%2BmhR4bSU6nCj0bhoLVBWQO9BbxYtv8JF%2BdLTag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a3b53cf6ad56955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
section1.jpg
buytadalix.com/promo/v1/images/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/section1.jpg
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c33e8679bd207a2f4cb60b0bed6054fb903aba963acd2c8bc3428ab72eabba

Request headers

:path
/promo/v1/images/section1.jpg
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=essLW90E%2BefcSKG%2BmPMV5lr%2BY6PmVWKEMoj70HutnxECfqaU2rgK9PxPlzf5YtFwSW5h2eQPpxNLEoWzxY214XxmYWltp4gKVj6R35ZCrrEBGaBnic00wrVPQKUbAyjiZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b1d6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
163306
icon.png
buytadalix.com/promo/v1/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/icon.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c13409cd508d45201499fd7f12b3cc698cec19b72e2f4d598bf2e6c56face89

Request headers

:path
/promo/v1/images/icon.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2hWyjkEWvr0hTVNoPzlMm%2FDEyLH2ih2ZiJb8WbqAEzUSHtiAMpUMcHmrjWp%2B%2FGAo6FIStZR91gnKV4rMAEn8QTxnUXW3fOPxeO1kmegnSkQY%2FKCEEIjp4KUf9ZGw9o1cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b266955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4142
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://buytadalix.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 18:26:14 GMT
x-content-type-options
nosniff
age
322902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 21 Oct 2022 18:26:14 GMT
section2.jpg
buytadalix.com/promo/v1/images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/section2.jpg
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92319fd6404819e807c32f51bb5d187b8b6b94e3725c514e5f41400aa829abe8

Request headers

:path
/promo/v1/images/section2.jpg
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ohm0HDHAM0elTmTklalte%2FvVZxvNzKqZBgt5NzU%2FON2PhpB6r6xNNHGOi5IuouAFcyCjG3BJ3N8msjx13AU5p5csQWhhuwUtJh7shArshxi%2FAdKvOuyh9tn0K%2B5LTQzGMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b286955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
29041
section3.jpg
buytadalix.com/promo/v1/images/ 		136 KB
137 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/section3.jpg
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cc27c722b6da3af87567ada15391216735b324163b02fa4452b573bbf3e7085

Request headers

:path
/promo/v1/images/section3.jpg
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6okqre%2Fu6uoNaja67PP7GeQjcQaTeGsOEY0n8W4kzn%2BLgs7wmYIVNNFFX6bhwzny%2F2rtGdHV6hjJDNELzgBfzQusvOvgymRuSI37vCNTJgMgaSrmcpF98oKbWfW2IW5Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b2f6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
139262
yellow-strip.png
buytadalix.com/promo/v1/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/yellow-strip.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e6401d711b6990b986ad877fc12624ad8dd6d97342e790ae64f99670296d19

Request headers

:path
/promo/v1/images/yellow-strip.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 25 Mar 2021 10:53:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U86Wh10x9xCFU7SF081uaLUKHcr%2B1HMoy3QKKqnMFVpsGKrlqq%2BdFn6gFB3UdZYZHo4FzpNSTXVnhDjFCF50Sa3JLS4lmb4LPdrfwTw9dUwu0NXYLyX4wAGD4Dhsi39G9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b326955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4577
section4.jpg
buytadalix.com/promo/v1/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/section4.jpg
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80589fa8a51ad2229e596a7f847a1c6ea9f4919a9651aa611b03ebe214bd7160

Request headers

:path
/promo/v1/images/section4.jpg
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kXFHf31fsfM3SACIrN5tVXQlmrcYsrG4UzrwVY4%2Fw01N2gEMq0E5AjERCgo1VdQwWs%2BDBv78ErLfLoI21partx7pYH2mI6SJESsMcGVhwgVXDv2eMVqVSnxjvaKpHOL89Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b346955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
73243
section5.jpg
buytadalix.com/promo/v1/images/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/section5.jpg
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7c5a8298b8131598cb78b48292d6cd2a380ab223bbc181622c264c6180ec915

Request headers

:path
/promo/v1/images/section5.jpg
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:58 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8ExT9EYF2WGYrmjVlZo8RsyL9ZM1oEfBM%2By7jhdumFStK0zqOKkWG9zI4pJEH3oxrDkJ57SJJrobkzai3ZxL9J5dNnNWK2u1xx7TN5mFC4KttHir7fWr949yXj4PyAbtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b356955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
133707
section6.jpg
buytadalix.com/promo/v1/images/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/section6.jpg
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f342da8d2003f9a42b6e73cc32531848af35e6980ab13c2d12a57878fb3bd91

Request headers

:path
/promo/v1/images/section6.jpg
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63h0baJW2pxQBuyZ50LOcHB8pIInmT1tLfSW52nsY3rSKahgJghfDrJl5eExsTCqRbCSuZK6uC9AnSsKz00aafFFmN5d0hE3FSYScbmLf0oPSsOCII8WYF0grABvjcBCmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b376955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
175737
section7.jpg
buytadalix.com/promo/v1/images/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/section7.jpg
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa23f2215b5cad3b69127bab79eccd7bd7bf0c1e12ff9052d6e77b93e8ad0c7d

Request headers

:path
/promo/v1/images/section7.jpg
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRCndOhphxrXqt1wnSFaue3OB9FeJE4wmVwBS0yk7HaumGoby5ZLgmLEH1Dx0qt9gENlrV5HstYsE%2BhgewbRfX0%2BwnfJyRJJzR%2FGCGHaHOXCaunNb0GAPLM%2FRQI2z%2FNmWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b396955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
54584
slider-box.png
buytadalix.com/promo/v1/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/slider-box.png
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18720b9bf66ae13cc2e15d1281ced5f303304a10f5a93c85fde90cdb31ac39a9

Request headers

:path
/promo/v1/images/slider-box.png
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:58 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0dNsfF%2FIwQEZofQYyUElIgAJnitu0YsLllASyEjSrZGFNoQgA%2BsWywkTG8kNkRccu0N41kikSCqpe7y12YX5oTrPGD3erR4Ttjd99rtXoLSCgrbqSpSTHfAZKFo0xuEnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b3b6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12182
section8.jpg
buytadalix.com/promo/v1/images/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buytadalix.com/promo/v1/images/section8.jpg
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33a456319ecc0db593798f7c7ba39ead85e1f43c5892fbdd87b3ed6e1aa744e

Request headers

:path
/promo/v1/images/section8.jpg
pragma
no-cache
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:58 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PlhyNYLLxL%2BZRmJbmEXHyBcbeg%2FGBFimXVbSkAkr6wJ4y71GvwyBNoopYIxqL9CRJ9wH7SB2w9JdLdBx1nBEFbP5%2B2njT3lSQMNtjmAZ1qHJQ4LzVKs8%2B0DV8oG1kyBOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b3f6955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
136931
geomanist-regular-webfont.woff2
buytadalix.com/promo/v1/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/fonts/geomanist-regular-webfont.woff2
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
527868a5bfb892bec7d3d4d503059d7ff48a408efa0f2fc470c98e9f5077509c

Request headers

sec-fetch-mode
cors
origin
https://buytadalix.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
:path
/promo/v1/fonts/geomanist-regular-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
Origin
https://buytadalix.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:56 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeeiI%2FV6QmaQrVlzyZkZcj41xvgCiGHCNSNe0lvyP2l4sOXjPZ3ammpX8pa6WYlht%2BI3kFAXrVnhXBwjORG3NvskSy4phB0Civ7BUtzIm%2BOpT%2F5Oj%2BHHD5VhKOn95mkfeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b446955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18876
geomanist-black-webfont.woff2
buytadalix.com/promo/v1/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://buytadalix.com/promo/v1/fonts/geomanist-black-webfont.woff2
Requested by
Host: buytadalix.com
URL: https://buytadalix.com/promo/v1/css/style.css?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.6.17 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd8906c3eebd64b55b4c81afba4bf621c29caf9587ed87e93d031965b9c98cf

Request headers

sec-fetch-mode
cors
origin
https://buytadalix.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=1d5044a1d5253312714a882de8471953
:path
/promo/v1/fonts/geomanist-black-webfont.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
buytadalix.com
referer
https://buytadalix.com/promo/v1/css/style.css?v=4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://buytadalix.com/promo/v1/css/style.css?v=4
Origin
https://buytadalix.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 25 Oct 2021 12:07:57 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Mar 2021 10:53:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6l%2BiwzcrCVMdjzeEhxHRNapPbyYEjIvcVlrV7yUefkxIAmpxG2htMEkHJdecQIr%2FQB3Eejw12%2By%2FU8XbxaiwM9Dpehvqh4w%2Fu3vPaV9VzU1obfFiFHUyvei5Q5jtoqT1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6a3b53cf6b476955-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18824

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| getDate object| year function| $ function| jQuery string| smtKey number| smtAuto number| smtVerify string| smartUrl string| lastAddress1 string| lastAddress2 object| utils2 function| validate_optin_form function| submitAddress2 function| onlyNumbers function| openNewWindow object| jQuery112204803340859583267

11 Cookies

Domain/Path Name / Value
trueweightloss.iceiy.com/ Name: __test
Value: ddf10c005e74edc4939533a556f70f0b
sid1v.doctortshooter.com/ Name: unique_uuid
Value: 0b29fa78-d5e1-4cee-95a6-3c76ebb8ac81
nmttrack.com/ Name: gdm_suid_v1_1_001
Value: HPfHs3OFxkaNOwO68jCjbQ==
nmttrack.com/ Name: gdm_click_freq_v1_1_001
Value: OjPXVdOoBV/R0gGiTs6rfiD4D9lQrYhl3XQ8q8O45ghUIdcYAZOIfwpkiO+Q1Pg5
nmttrack.com/ Name: gdm_sid_v1_3_001
Value: LV3bWXVdxx3rW5tBFeivX27LzMr9wCCbqrKTxk0a30QnvC1BryfRB6oHKiHmY7MmkxXMORVc6v4xtCj3OIMVpUc2SlOr+2QnPguPjG72PaULQG2OpoRSF3HQSGkTZl/knrWx5zMHS+R3vNS8W1OdW+C0IFukL8A2HhDprUzD3lzSYx5zGjUvzcGZKpDwgkeDkl+a1q3t5+/ik6o4kLJJ6c7AI52XeYwKy93CQaoxeosYVgTrulkNLC4npsIf+1fHKjvDObJpmovzsZ71mY2/lh/NMZMKCCsgbvvQxanXOw2wlcZvOa2SA7RpGsct6idOfuFhO+j1O5cCQNT7fWxoy/Hyjs5vz2PhlhbAZDe9XGRQmnF5TVcKZxIXZeQNu2ZpXdi39Hr/s4UBqhZg/XPQvSADqaqXHaE3HSxZdgOrVjb9auxg5HjtbkZl+Yxx43ABA5EemJjiHjw877a5f7rCWAszxw4yiIrc58maX4UPlpje993KIAGGhw+4SElzaa2R9R7X2pFRXGZYCffSCC1F3qptBETyFi3+VU3ZPn2LvijiXh8KNKf1EHvFzHsBm21dEVeyBtCXmixLLhsaICi3FRMQd5FzbghNJwqYZVR22KyfsVa+4dkTgbxcm8T4fEC4qgKeQFx0E7uOGTxDgTEHPBzfoHSKhcEgeDfNhSB0NTkb3egTz42fkjnUgf7lMN9AbwzaUhujQZ86p2ajX03RhwhRpJkZLCdDI8hIvMLuPpnc2oMzbSqHpRIBMzLoLc/9jm7DYlH5EG6gEckOBwMlOOUaqHtmXPIOcfIFsdsm0pTurRDEluFRHhW2y+hgtjGVEhVuS3eoS/E+iZ02oerImsigT9nFEyR7shsugCUVeL2fd+gox6WjOvUqdk9h364BzEO1U0n14s21s3ZhwKV0hWzYK89zCblp/7t1M0Nodij+c9hTc3Zp30Yll1xasdN1KglzDnNIG615lJUvDW0GF/7nLSislvQ0OV51yMLjmhYY3mRyYoxpdJ0yA0maE5D0qmnL45i6U/5gH0TCAc6u9ni3Rm6jWQ869a5SZprsupTC1LD25DzKTh+9b1e8GQ/wJHTZatX5UuydXFrVzPQr3g==
nmttrack.com/ Name: gdm_click_adv_freq_v1_1_001
Value: It59ihsqa0uwrq7EhMbBN+giu6SLN5CL+yv1vRSXBL1quAF/qRSx3TxUEn/VgC/a
nmttrack.com/ Name: gdm_uid_v1_1_001
Value: QMaBy30LmiglLSNNaYuLXmPPQZSzatiLVbBuPjI0yI3a0wZNAMdRqfl7nQH02CDO
.xpresskonnekt.com/ Name: sid
Value: I2PAJhgUGu4TPY/5BYCBHvdAGxeADjxVGJj/Q6oZjkdShvtlS7seSg==
.xpresskonnekt.com/ Name: trk
Value: dM77gJ2lcUITPY/5BYCBHvdAGxeADjxVGJj/Q6oZjkdShvtlS7seSg==
.xpresskonnekt.com/ Name: c324
Value: I2PAJhgUGu4bvbHhT6TsXzP0s9JN40sYy77lmrSu+x8=
buytadalix.com/ Name: PHPSESSID
Value: 1d5044a1d5253312714a882de8471953

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buytadalix.com
fonts.googleapis.com
fonts.gstatic.com
nmttrack.com
sid1v.doctortshooter.com
trueweightloss.iceiy.com
xpresskonnekt.com
104.21.6.17
142.250.184.195
142.250.186.170
185.27.134.126
3.229.41.119
34.65.149.9
63.32.67.114
0272ba488a512eb8683456afb1e9df36a4c29b49a62c1d6dbb95b823b0c10c2a
13eeb9062d717219aae6c829c131251353e2a791909a2ab3ae822e484228bf57
17ec883311d94fc92aa3aebee609a312435cd952dedeb43d685f344723739be2
18720b9bf66ae13cc2e15d1281ced5f303304a10f5a93c85fde90cdb31ac39a9
19af2344ee0b117b2130c6cc788d68e3a127417d96a4bc5e3471db001cf2fa3a
1f342da8d2003f9a42b6e73cc32531848af35e6980ab13c2d12a57878fb3bd91
1fd8906c3eebd64b55b4c81afba4bf621c29caf9587ed87e93d031965b9c98cf
2acd5c593f99ed3f880053a8e2e09daa948ebff4c8615efa63055e0695756926
2cc27c722b6da3af87567ada15391216735b324163b02fa4452b573bbf3e7085
36e213e9a0b20322ced51f86ca0b9609651cab84fda34aff71562e436f510a2d
3d2a51376656f52131c8f946eea6f8799cbd0c7f7ac8d8b482db5abe810472ee
483a8f42df3a8adc76ed84bb9d87e91013bb823b5a39baf6ee2465f71ccd753c
4afab56ca077a2eafc4864b7896c44fcef0b2c44145ab7a6b293197af657848d
51e6401d711b6990b986ad877fc12624ad8dd6d97342e790ae64f99670296d19
527868a5bfb892bec7d3d4d503059d7ff48a408efa0f2fc470c98e9f5077509c
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
59ce5b2fc62c2cce339b5b218d32c21e7a6eb53a567f548d52c88b2f563b172e
5e5667682ad4d1f172790678b8329740a08a743247523a4cf8478ba9cc7a23e5
5f2a51f0e0fc9d72339dffa30553044bbe77f32495baecb60885129f26b91c7e
63c33e8679bd207a2f4cb60b0bed6054fb903aba963acd2c8bc3428ab72eabba
7437907877de3c47dbdd6b3723b892706cb6ff84f899a6f19d016da98dc32616
80589fa8a51ad2229e596a7f847a1c6ea9f4919a9651aa611b03ebe214bd7160
81713e9e4f45da351ec253581a6b3321cd77858bc35aee229f810f89cab411cd
89b8b6324e7c5b1648cf0e6b89211037059c5877cd34b59f56082422cfd91101
8c13409cd508d45201499fd7f12b3cc698cec19b72e2f4d598bf2e6c56face89
8c7c43b0f2c0dc8393b2bae1ca4c5f64fb1a3d7b445ea3c088c53dc876528489
92319fd6404819e807c32f51bb5d187b8b6b94e3725c514e5f41400aa829abe8
96515980be147363926919ea9d2337f7726aff845749c5b0adf409bff3fab7e7
971639fa171df17f62ba70a743e1531358560bf1051187169bad39c061a9eea8
9923f776d38ff1e32eec661421dbe6f329a8ea886bbe7397a99a1df18d07f869
9a3875ff546dbfb710d3d1178dbf79109f6df75b6b9c6bfd6ac3c78abf7c3d62
9f97658952b3257e3bee6db8d64b263c2501fbe520363cf7887ac38e5483e8fe
a527434d580155d3c1c1e5e66be459b49524fb9e5c0a3828c942822a3c2dbd24
a7b2ef275cad3a4e9e681a526b55feecb4cdee7a131ae9f2b89a74ca4909b56f
a968cef81de61b4646ac35363d9c78447e00c895b37d15c92aeda27b276924b3
a9bec09ccdbe2aa98b65feda829ccb24d75922aef0a57d57969b3925abd854d6
aa23f2215b5cad3b69127bab79eccd7bd7bf0c1e12ff9052d6e77b93e8ad0c7d
ac8a105bd7065f2e554e3b873625696ae49f2eca29bb354a42542c8e2fcc5f41
b32d0c77da9615523d027b9bf7f4d822fa16538e90891b58fa2fe9628f49f0aa
b5a92865ee93fe101eccd8030485d0095f11e76f3ddbb4a68a84c9cb28ca52ce
b852bb8f52000143cb635f8feb6e3e7771f056e31ef8781686921ebd15456120
bf320acd8b6abf5e5e636778d998d5c10d020c685c7bbc2dd933bd79a87a9df5
c6da3e29d7e9c52e3786c3a361d3c00084681338fcd8cfb1539618617f4a258a
c6ff6d4624a5c8140cbc19107aa372a233907f8e6e4d55d002d20cae682a575f
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc
e1eda5c7e11d13ec40c52ed005c17f107ec0bb83b41580afb5c3fe4a23f9c4a8
e400dfc4e27cdee3fc89ef521c2c1e3abd457ad25628856189171de84d12a912
eac9c6f3f581b1f0f5b71853fe120dd9303942dd1b6764a365f083f9e7613819
f2f3998e7d26642ae3656833bada4e43b9062c5d34218b3ed0c849e1009f33b3
f33a456319ecc0db593798f7c7ba39ead85e1f43c5892fbdd87b3ed6e1aa744e
f7c5a8298b8131598cb78b48292d6cd2a380ab223bbc181622c264c6180ec915
fc9f3dac0d6072f5b020af00040a8a5c53f293b1948276222b7d6d5e91418f6b
fecec8c4e1065650e7689c363f39b95b5d1d8ffa5e38ed979fbf47a290f604d5