Submitted URL: https://storage.googleapis.com/herbaly005he/her4474nfrh11.html
Effective URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-...
Submission Tags: falconsandbox
Submission: On June 24 via api from US

Summary

This website contacted 35 IPs in 4 countries across 27 domains to perform 103 HTTP transactions. The main IP is 35.240.1.10, located in Brussels, Belgium and belongs to GOOGLE, US. The main domain is start.herbaly.com.
TLS certificate: Issued by R3 on April 10th 2021. Valid for: 3 months.
This is the only time start.herbaly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 72.9.145.115 30277 (DFW-DATAC...)
2 138.128.118.50 36352 (AS-COLOCR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 65.9.77.119 16509 (AMAZON-02)
1 2 35.240.1.10 15169 (GOOGLE)
6 13.224.193.91 16509 (AMAZON-02)
18 2a04:4e42:3::720 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 65.9.77.23 16509 (AMAZON-02)
1 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a04:4e42:1f::84 54113 (FASTLY)
1 2.18.234.190 16625 (AKAMAI-AS)
13 151.101.114.133 54113 (FASTLY)
1 52.86.86.252 14618 (AMAZON-AES)
8 35.241.14.198 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.77.5 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 70.42.32.159 22075 (AS-OUTBRAIN)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 13.224.193.73 16509 (AMAZON-02)
3 199.232.80.84 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 3.211.43.92 14618 (AMAZON-AES)
4 206.190.215.16 32354 (UNWIRED)
103 35
Domain Requested by
18 convertri.imgix.net start.herbaly.com
11 static.klaviyo.com www.googletagmanager.com
static.klaviyo.com
8 video.cvtdn.com start.herbaly.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
start.herbaly.com
www.day-sugar-useful.com
6 cdn.convertri.com start.herbaly.com
4 f002.backblazeb2.com
4 chunks.convertri.com 4 redirects
3 ct.pinterest.com s.pinimg.com
start.herbaly.com
3 www.google.de start.herbaly.com
3 www.google.com start.herbaly.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
start.herbaly.com
3 www.googletagmanager.com professionmedia.com
start.herbaly.com
2 www.facebook.com start.herbaly.com
2 tr.outbrain.com amplify.outbrain.com
start.herbaly.com
2 stats.g.doubleclick.net www.google-analytics.com
2 s.pinimg.com storage.googleapis.com
s.pinimg.com
2 connect.facebook.net storage.googleapis.com
connect.facebook.net
2 fonts.gstatic.com start.herbaly.com
2 start.herbaly.com 1 redirects professionmedia.com
2 professionmedia.com professionmedia.com
1 users.good-watch-candle.com users.day-sugar-useful.com
1 static-forms.klaviyo.com static.klaviyo.com
1 fast.a.klaviyo.com static.klaviyo.com
1 users.day-sugar-useful.com www.day-sugar-useful.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 snowplow.convertri.com start.herbaly.com
1 amplify.outbrain.com storage.googleapis.com
1 www.googleadservices.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.day-sugar-useful.com start.herbaly.com
1 static.traversedlp.com www.googletagmanager.com
1 static.bouncepilot.com storage.googleapis.com
1 liallocart.com 1 redirects
1 storage.googleapis.com
0 api.traversedlp.com Failed static.traversedlp.com
103 37

This site contains links to these domains. Also see Links.

Domain
herbaly.com
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1
2021-05-24 -
2021-08-16
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
*.bouncepilot.com
Amazon
2021-06-23 -
2022-07-22
a year crt.sh
*.traversedlp.com
Go Daddy Secure Certificate Authority - G2
2020-12-29 -
2022-01-30
a year crt.sh
start.herbaly.com
R3
2021-04-10 -
2021-07-09
3 months crt.sh
*.convertri.com
Sectigo RSA Domain Validation Secure Server CA
2019-11-25 -
2022-02-22
2 years crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-05-10 -
2022-06-11
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-07 -
2021-08-07
a year crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2021-04-12 -
2021-10-12
6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-05-26 -
2021-08-24
3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA
2020-07-16 -
2021-08-04
a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA
2021-05-25 -
2022-06-01
a year crt.sh
static.klaviyo.com
R3
2021-05-28 -
2021-08-26
3 months crt.sh
video.cvtdn.com
GTS CA 1D4
2021-05-01 -
2021-07-30
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-24 -
2021-08-16
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
www.google.de
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.google.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.google.de
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
fast.a.klaviyo.com
R3
2021-05-28 -
2021-08-26
3 months crt.sh
static-forms.klaviyo.com
R3
2021-05-06 -
2021-08-04
3 months crt.sh
backblazeb2.com
R3
2021-05-05 -
2021-08-03
3 months crt.sh

This page contains 3 frames:

Primary Page: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Frame ID: D01F51574CC5D0AD2D05CD5F8F41E850
Requests: 105 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 0E95C1557B6AA2D15D6EE618FA19D4D7
Requests: 1 HTTP requests in this frame

Frame: https://users.good-watch-candle.com/1KUr6oKcAA_nTZyrqW4DheOTW8u4iHtc151O54BWv0ADcvkQ5HrDkJ5L-Qp_qJmRHDfPJAA6BR-x_VfIJETcz5k0nKR4pXmQCBimLpBNx4U_Q3M0EqiST_nyolFS9sxos2h-X06G0LaT7dBxNY3B6UZ5ie0oZG3XHy-9kyhC3F5Je_mTE5n16FLhi-2dpidFoqvOcmwih3S416_E1bOUEVzcVpZekgb40hat0BAPaQQBCc0JU0o0-liFZ47_NzDRqq9vHkQP9Wv3I7R-voEHkmRAX02uPwFfNjd9jdYT4ACYO6ds6Q5LmSxWDMAxxlbUJIAl3O6040QfJQ1JwJ8VYpWu8w3RVjjlQjIzdlGMgz08JnFb4QksXXX8jRM6BaMUtppHkwCNZC3j1bFvUhb-Zltar5vZiaQ432Z12M9zQ6jn4HUuWoHdA3zfbbuZ2l0YDTo8tKTpnKkv3zRC051nb9hix43XbTIkDPhxsLpYF_XMgzjpCoHmvg7_52bvIA_1VQoam-GQhN1TIdM4VZrTpwguVBpMQsbtUu7_c0pQo4o-bNvlRHxTRic6QUa7Qm429cGjCJF9OXZJSJseMsVhUsw0CqNtNzRZwI4H5TKxMREr7pwNM-m1tcb0JvBBNgWFOkDIQkSY4u5APRwkJJr_ZSP2gysz860Bz9jjEOMFzTS_jr-goFt1xBdrRrR_WcYoXF4XJjQ3PmdE0PrEcNYja-io5OUhiXXxJpaa54DnR8NmpSi77XuDeZyR8v_4BlCbZk1NN-iz1Qo2U9wAxqadIzoRXZWyQdW3_d03o3bco6MCHINLpAwarDJaBY8Hp0cA5PS7WBCBdKSiij2DzcDrCIpcUO6LE7480z2HfDCFAQyr7OkGD0JQZDMYk3n1K5AMfNDVkVUPvCoB8Pqq8bs9YS3Wa6rGtWyGFS90PNGrXyfrxlyuKg1GK8mXBRi7w485noWGZDNM3X_sb1ZrUGh8CAvsvemZIcReIJyi9nCpypcPYj4moZXYI_RtR7l_ToqSexPV616xQambdcrXueiOY7oVsQ8eaHTyOOI2WUrTii54hh5dMQM5Pt9tQ6vvAV8EvmHncrHUA5GBut8WU6lbTtqTxrut3L9VvFFSBidp420pYWv47BB5yaW2p4Fft67-luKR398ldXJGYXbYnd1gYDdBxWVb1kVaqe1nF51RTzIxbDAmoFrP0YYtE7JT7s5IkGF_lU49LZs7VOyvINIHPc-nOlajdn52-h8q8PcBfT5mKnn6jUP2REV1nZKMiM3Xr05t5u6adXextKbA4NTadIQDxCH7iPzeS0g28NF0YlsyZj47kIzPwWu1alMwYbCzRYoUAwqwDfH8TI9tmsCLl8Sorifha_0-BhN9Rin53kheORAmlLg7m64aGXEINA-WaZGWlyKDrE0ZRW6v_e9In6REc6l0LJDeQGhc8tHWGHU2QQRIDjgoa31jX3zoBv30eEKr0yHmVXoHB80aPetFdLkU6B9oZYL2BiHScjq59V25pglKxXNv84SR6Ka-aWuoSYuD9NJQwc5wGhvT2kk1Yi2SVEFjHGMaDMs_NTS1Qkl3DTtTnAAcfMhF5vMPvwvZK7P95mTZQ5v-ZGxM_P5a2-9IAip2UlyrTqAA8ah-0fFTReXKejtYWBjutKxmtkkhtQ9jEeQyKZ33FYdgvPlZSh65FHonN1E46Yc3wxjllWI0yC2i1qLJxzMoGxNhSVppFgXFDFBBUTEqZlVE25zDCr6yEYwdNkimzSEK3SXkOK9kM-Tc6pdVA3nFMgaA6LGNjWyDwnzlPSrj5IlSPRdYUTynanfaa8uWytu9g3-q6oBeA6u4rvGv7BWVRWtYvN1lvgH3LC0QUOu6MGe5R7CAXtYQyUgaaX0f44YMbkYehyAYPFGPxn6BCzJ-vNTWroF3aELAcePpk_no1VZW2P520rcHo4hWx7erkJmE9H17Cci2WujeaecwhCEmBXkdXEfKxUwnRLnpyVOEcVw3ytlfoxN2UcSUd9ra1qILI2lThQDz3WaqQ1_lOxxT5ALKKHyaAX4cm4q3jOTOmX3gIipALDW6CyTrmjQEY62XeJ6ezbbWpQQT82lsE2MIEsayuIxkFjeucjPIbJtUIfqbTE50C9bEmHjuZsVfIBhVQK6Lf-vPphTgUpTcRHdBczYH4LZQ7RbWJNxWD_I6qGu56LV7XvUhuckW_WpDAlTq2xl4C0CtQ9otOWcEYeY9ypr92v_LXGoyno1IkjLSBRwqDhI0KZ4BzPIoFZ-mBrHNMcw0mqmaOZ78JOdgxtVIo0wKPAk-hVaMWqZ2m-y199OPBrIL_Dv8OeiMWw9sKPy3E1EoymJhoyvaUBMRPtizkic9arBo-QrlVT9F3RJMKnqsadVkkRlwvaptGzcGJs1JUfsT4YNjxsjvYGcksnXhgpcm-k6XFWjUB34kk7C3FUUtiE4FowLogIjoMFjtC65KqUr9LSE51PgKJpxixvOLlM7wLtDALjy4CXcXvkYgmqD6eyPeZa5Y3AYh9vzF0RaoRyO66muiZoUp2RPGS49m5NNr6njcLdU-v3lZrGn7OeWWTm5No2fkvWsMZYOF1VfXz7u1X4aE6nwGF95PryubL8FddkLqxjc3svuu3NgDLBFlGIcoIKVLZ8gJGjR7N_fGsL_Lrhg5cdZVXSUvmex70LRW7pDrQiNoLt2kJduDE71Yrwt3AaFZUDr1yEeLWh6W4vnLu45FU5oq9atj4EtKlzYzI--UQeDZFOI1GqCBT-vLGaIxnqSHSmNRDyPrsXNw1c8mNXj4ntlkIWHUIe_UWeYlhb8S3kPeH2BLGPU1PCBvnjNYydu75IrLxSdAp--Z7OniJrz379tl9aF2lFXU10PTtpZdObtHLpOCoBHKw2rD5nhChM_2d6aAR4HcxjVBOOGaF5wdJ4GVitvzPJvBcHthS4WFtztehbhSa_vvcXa0gGsusDrgLf262kY8H3fYrgKIZIa0EPq8DHsMYPi_i3VF42o2wAY2atUs8XgR1tBHHNG4U1tiLDe4Qrjks-yfTyor1mbiOvSeaQXRri07OzZDVc9YamoQX89KFDh36SoVlgINJQjTGnu2kYZZt-Zwc0eGfEhuScnZgrxX2bVHUs9JGobZ9wWuRccitOhbo7_mNrggADw26Nh1DRPuX3B0rJ0nBG46WWTIhJzNbiaUF1rpaYs61wNJH_deItz811C8X0S-zqIQspLkyYbuBbZzvPB2hITntXq-bxCiVzi8_X0vp264Wfx6CMBqHAUvKz1nzFmW85o6c1wZcefJado8TukHGJjwZnJEqJ36D1x3nt_7dw0cm0pnsX4Pjvr_sk4B9qRSKw~~
Frame ID: 6331CE9860E835143E2524788B26EF77
Requests: 2 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://storage.googleapis.com/herbaly005he/her4474nfrh11.html Page URL
  2. http://liallocart.com/ikvkj.htm?od=1vct60d1f967f003aojc.oL6MM.Yzzzyrfftrdc6k111_ze883.fftrdd3d3d3g... HTTP 302
    http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_... Page URL
  3. https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02?utm_source=jumbleberry&utm_medium=3841... HTTP 302
    https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384... Page URL

Page Statistics

103
Requests

93 %
HTTPS

53 %
IPv6

27
Domains

37
Subdomains

35
IPs

4
Countries

2872 kB
Transfer

5490 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/herbaly005he/her4474nfrh11.html Page URL
  2. http://liallocart.com/ikvkj.htm?od=1vct60d1f967f003aojc.oL6MM.Yzzzyrfftrdc6k111_ze883.fftrdd3d3d3gyc3Vydmdh0l39LZ HTTP 302
    http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y/signaln_01-wwwwx-fftrd-vct60d1f967f003aojc/2survga-15788-zzzyrfftrd-Y Page URL
  3. https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F HTTP 302
    https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://liallocart.com/ikvkj.htm?od=1vct60d1f967f003aojc.oL6MM.Yzzzyrfftrdc6k111_ze883.fftrdd3d3d3gyc3Vydmdh0l39LZ HTTP 302
  • http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y/signaln_01-wwwwx-fftrd-vct60d1f967f003aojc/2survga-15788-zzzyrfftrd-Y
Request Chain 98
  • https://chunks.convertri.com/chunk/bcf15b01-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts HTTP 302
  • https://f002.backblazeb2.com/file/convertri-video-prod/bcf15b01-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Request Chain 100
  • https://chunks.convertri.com/chunk/1367b16a-15f0-11eb-abef-0697e5ca793e/video_1/segment-0.ts HTTP 302
  • https://f002.backblazeb2.com/file/convertri-video-prod/1367b16a-15f0-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Request Chain 102
  • https://chunks.convertri.com/chunk/69b382d3-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts HTTP 302
  • https://f002.backblazeb2.com/file/convertri-video-prod/69b382d3-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Request Chain 104
  • https://chunks.convertri.com/chunk/7bb14e9b-15ed-11eb-abef-0697e5ca793e/video_1/segment-0.ts HTTP 302
  • https://f002.backblazeb2.com/file/convertri-video-prod/7bb14e9b-15ed-11eb-abef-0697e5ca793e/video_1/segment-0.ts

103 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
her4474nfrh11.html
storage.googleapis.com/herbaly005he/
158 B
755 B
Document
General
Full URL
https://storage.googleapis.com/herbaly005he/her4474nfrh11.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
08c9cfc2e1525f062399b97c5eef0222ddffb765108a71db342efc6072c0acab

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/herbaly005he/her4474nfrh11.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-guploader-uploadid
ABg5-UwmMTm8XutJwyVRRlq4DWV4PjTgV_YPvlef_cCXv7CUjUPahmWeyOuIXv5jchDWGsg3hUGSU0ykmGNr7PFdrx0
expires
Thu, 24 Jun 2021 10:59:55 GMT
date
Thu, 24 Jun 2021 09:59:55 GMT
last-modified
Tue, 22 Jun 2021 15:22:59 GMT
etag
"f8dae90d73f7d7eae023bab5ae84f4e2"
x-goog-generation
1624375379329352
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
158
content-type
text/html
x-goog-hash
crc32c=CkiRhA== md5=+NrpDXP31+rgI7q1roT04g==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
158
server
UploadServer
cache-control
public, max-age=3600
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/
Redirect Chain
  • http://liallocart.com/ikvkj.htm?od=1vct60d1f967f003aojc.oL6MM.Yzzzyrfftrdc6k111_ze883.fftrdd3d3d3gyc3Vydmdh0l39LZ
  • http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y&sid2=signaln_01|wwwwx|...
6 KB
6 KB
Document
General
Full URL
http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y/signaln_01-wwwwx-fftrd-vct60d1f967f003aojc/2survga-15788-zzzyrfftrd-Y
Protocol
HTTP/1.1
Server
138.128.118.50 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash
23097de592b3f09a8d453f47acc4794c0cbd6b996ecad64da6f1a076735c59af

Request headers

Host
professionmedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://storage.googleapis.com/herbaly005he/her4474nfrh11.html

Response headers

Server
nginx
Date
Thu, 24 Jun 2021 09:53:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.26

Redirect headers

Date
Thu, 24 Jun 2021 09:59:55 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.2.17
Location
http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y/signaln_01-wwwwx-fftrd-vct60d1f967f003aojc/2survga-15788-zzzyrfftrd-Y
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
gtm.js
www.googletagmanager.com/
80 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Requested by
Host: professionmedia.com
URL: http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y/signaln_01-wwwwx-fftrd-vct60d1f967f003aojc/2survga-15788-zzzyrfftrd-Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a3063851ebafc217b4476666bee22260400c58d0a4f5bdc618a988759f10e9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://professionmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32219
x-xss-protection
0
last-modified
Thu, 24 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Jun 2021 09:59:56 GMT
fp.php
professionmedia.com/
363 B
564 B
XHR
General
Full URL
http://professionmedia.com/fp.php
Requested by
Host: professionmedia.com
URL: http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y/signaln_01-wwwwx-fftrd-vct60d1f967f003aojc/2survga-15788-zzzyrfftrd-Y
Protocol
HTTP/1.1
Server
138.128.118.50 Los Angeles, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
Software
nginx / PHP/7.3.26
Resource Hash

Request headers

Pragma
no-cache
Origin
http://professionmedia.com
Accept-Encoding
gzip, deflate
Host
professionmedia.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y/signaln_01-wwwwx-fftrd-vct60d1f967f003aojc/2survga-15788-zzzyrfftrd-Y
Connection
keep-alive
Content-Length
976
Referer
http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y/signaln_01-wwwwx-fftrd-vct60d1f967f003aojc/2survga-15788-zzzyrfftrd-Y
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Thu, 24 Jun 2021 09:53:35 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/7.3.26
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
29a38865-21e1-485f-8a85-c343bbbe30fb.js
static.bouncepilot.com/
33 KB
33 KB
Script
General
Full URL
https://static.bouncepilot.com/29a38865-21e1-485f-8a85-c343bbbe30fb.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/herbaly005he/her4474nfrh11.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1400:10:b308:84c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e61357f90c697f10c90ec9140ad77b04da9b8c38be42c958e1951ac3ece0c0c7

Request headers

Referer
http://professionmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 23 Jun 2021 17:19:22 GMT
via
1.1 6c9a2d99a25484f38efa27d58a726b2d.cloudfront.net (CloudFront)
last-modified
Wed, 16 Jun 2021 09:23:01 GMT
server
AmazonS3
age
95983
etag
"f6225316cfad721041627719cf1dfcfd"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
33917
x-amz-cf-id
9i7I-onZJcComl4SN5X6A0F2Y4t4O7N8k2C5iU6n1B11r16spSvqow==
retargeting.js
static.traversedlp.com/v1/
11 KB
4 KB
Script
General
Full URL
https://static.traversedlp.com/v1/retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NXNQ2LW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58

Request headers

Referer
http://professionmedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
F12F5DseUFay5ZveUw335ReTN1KGpJUZ
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 10 Jun 2021 05:37:15 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS1-C1
ETag
W/"c31ba40743566f87f00f822e3cefb390"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
Date
Thu, 24 Jun 2021 09:59:56 GMT
Connection
keep-alive
X-Amz-Cf-Id
wX5d2Qs9btpmKWEI-PT5rgE0-PeIYjfFXfRId8Dm1iFu1ktgxzX7Mw==
cookie
api.traversedlp.com/retargeting/v1/
0
0

Primary Request /
start.herbaly.com/en/tea/wellness-collection/pre/a21v02/
Redirect Chain
  • https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3o...
  • https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3...
724 KB
131 KB
Document
General
Full URL
https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Requested by
Host: professionmedia.com
URL: http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y/signaln_01-wwwwx-fftrd-vct60d1f967f003aojc/2survga-15788-zzzyrfftrd-Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.240.1.10 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4efca0a720e890c77896398917cd1556c30bbaeb2355bf2dcbae2684b14ae84f

Request headers

:method
GET
:authority
start.herbaly.com
:scheme
https
:path
/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://professionmedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://professionmedia.com/a62ad9949f19f0411f2089e92ad00deec/?sid1=7uu4aamfnivvc88319q047&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y&sid2=signaln_01|wwwwx|fftrd&sid3=vct60d1f967f003aojc&sid4=2survga|15788|zzzyrfftrd|Y/signaln_01-wwwwx-fftrd-vct60d1f967f003aojc/2survga-15788-zzzyrfftrd-Y

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
vary
Accept-Encoding
date
Thu, 24 Jun 2021 09:59:57 GMT

Redirect headers

location
//start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
vary
Accept-Encoding
content-length
0
date
Thu, 24 Jun 2021 09:59:57 GMT
font-awesome.woff2
cdn.convertri.com/font-awesome/
75 KB
76 KB
Font
General
Full URL
https://cdn.convertri.com/font-awesome/font-awesome.woff2?v=4.7.0
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://start.herbaly.com
Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 22:28:32 GMT
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
age
473486
x-cache
Hit from cloudfront
content-length
77160
last-modified
Wed, 22 May 2019 08:26:20 GMT
server
AmazonS3
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
HqAQvEqKoUXiWlXAsKSHLbSeg6pKaXiaobpkvFm9jKNIs3HytsUHqA==
P3.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/8fdbdf802c310adf41287327b0d5c89b2cd1d799/
20 KB
20 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/8fdbdf802c310adf41287327b0d5c89b2cd1d799/P3.png?auto=compress,format&fit=scale&w=480&h=480
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1a6d47fc8e727903a830206d220aa3fd50772801e5521ae4e6edf4eaef8fb7e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
age
331387
x-cache
MISS, HIT, MISS
x-imgix-id
6866da0a140fa0dd3d15a87e3e55d9b505e9253e
fastly-restarts
1
x-served-by
cache-sjc10065-SJC, cache-sjc10020-SJC, cache-fra19180-FRA
accept-ranges
bytes
last-modified
Sun, 20 Jun 2021 13:56:50 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
content-length
20450
cross-origin-resource-policy
cross-origin
1.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/ef31a51b92df418f5068efd284b209cdd2510af2/
5 KB
5 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/ef31a51b92df418f5068efd284b209cdd2510af2/1.png?auto=compress,format&fit=scale&w=130&h=130
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
f86453511fa7d8d1d0d1a8c13ce10e499dfd1aeb4969354b52ef0309a51da6ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 14 Jun 2021 22:44:47 GMT
server
imgix
age
818110
vary
Accept, User-Agent
x-cache
HIT, MISS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-imgix-id
f2b28eee68a37f1fb8c53a2db371efd460c4140f
accept-ranges
bytes
content-length
5380
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10048-SJC, cache-fra19180-FRA
2.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/75fa14cdbe4db6690d4e0f40d3b0db6397ab842d/
4 KB
4 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/75fa14cdbe4db6690d4e0f40d3b0db6397ab842d/2.png?auto=compress,format&fit=scale&w=130&h=130
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
cf2da14b9f3d6641ceaf7899e6d9562624241784d5df51aae9aa3cb3e6f0d38c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 14 Jun 2021 00:58:50 GMT
server
imgix
age
896467
vary
Accept, User-Agent
x-cache
HIT, MISS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-imgix-id
f1c68bf5fb7f76eb41162e6759f2e53c2766eb1f
accept-ranges
bytes
content-length
3786
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10062-SJC, cache-fra19180-FRA
3.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/b1b6acf489829939944656cf89a147847da792de/
5 KB
5 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/b1b6acf489829939944656cf89a147847da792de/3.png?auto=compress,format&fit=scale&w=130&h=130
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
03a6d740bfbc5e92723fcf620bd83ae1a37a862b8cd00c45e2b58a9e42e64b75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 09:54:45 GMT
server
imgix
age
1382711
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-imgix-id
cf073c4cb35fba086d82661f67267f14f3f6e037
accept-ranges
bytes
content-length
5014
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10083-SJC, cache-fra19180-FRA
4.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/00f8c37290bce7c7f80387d8841dbfce62a538a7/
3 KB
4 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/00f8c37290bce7c7f80387d8841dbfce62a538a7/4.png?auto=compress,format&fit=scale&w=130&h=130
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1d0a9d9becf1979c25f4b7bde914f757c0c50dd7bb737596d9bd6630bf02296b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 09:54:45 GMT
server
imgix
age
1382711
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-imgix-id
6b0690a2df2abc4e8e5da467c92e2f33e98cc4d9
accept-ranges
bytes
content-length
3398
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10024-SJC, cache-fra19180-FRA
productx2.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/032185e8b6729d028980886707fe5c6c19b4d8ab/
23 KB
23 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/032185e8b6729d028980886707fe5c6c19b4d8ab/productx2.png?auto=compress,format&fit=scale&w=480&h=480
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
f36f4ba78ee770460d6fa7a8a6ec2095a10ba5ac2327a0396a154c8d6e4b7900
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
age
331387
x-cache
MISS, HIT, MISS
x-imgix-id
401e97e9842b51be2e2888266099a89eb0173654
fastly-restarts
1
x-served-by
cache-sjc10055-SJC, cache-sjc10068-SJC, cache-fra19180-FRA
accept-ranges
bytes
last-modified
Sun, 20 Jun 2021 13:56:49 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
content-length
23066
cross-origin-resource-policy
cross-origin
P1.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/a5dbacfe7fe5001b93553afd734e1986ffd008ce/
20 KB
20 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/a5dbacfe7fe5001b93553afd734e1986ffd008ce/P1.png?auto=compress,format&fit=scale&w=480&h=480
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
cae985cc76ad274a650649b7833b62c0f3443b329bf0b5af77325367b5a12cbd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 16 Jun 2021 15:19:27 GMT
server
imgix
age
672030
vary
Accept, User-Agent
x-cache
HIT, MISS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-imgix-id
b7adaeee6b5474f6d8ab429c58f4952ac16c41a4
accept-ranges
bytes
content-length
20366
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10043-SJC, cache-fra19180-FRA
chem_icon.svg
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/9e7b10205d5d61e5849f25c7428774ef8111a1c2/
10 KB
4 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/9e7b10205d5d61e5849f25c7428774ef8111a1c2/chem_icon.svg
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
148abecbf3b544a983f5d24940c3674f7ca05ff632e61fdf91a32659b373dbbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1382084
x-cache
HIT, HIT
x-imgix-id
191d214694923cb75580080f08df13c1e3352af1
content-length
4094
x-served-by
cache-sjc10043-SJC, cache-fra19180-FRA
last-modified
Thu, 22 Oct 2020 12:53:55 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
ID.svg
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/d6eea6c5bfb5dcb597569b315df6f766e2fc07ad/
5 KB
2 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/d6eea6c5bfb5dcb597569b315df6f766e2fc07ad/ID.svg
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
b925c859a368ae57603af8b70bdbabf3f723b67e0f19019d048a340da5325036
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1382712
x-cache
HIT, HIT
x-imgix-id
f804e9f28e9992f68d8cf8ce514cc4f5948f15e2
content-length
1814
x-served-by
cache-sjc10055-SJC, cache-fra19180-FRA
last-modified
Thu, 22 Oct 2020 13:50:56 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
5.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/f02b77fc829132bdf22c50dd4708da444c3862a7/
3 KB
3 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/f02b77fc829132bdf22c50dd4708da444c3862a7/5.png?auto=compress,format&fit=scale&w=130&h=130
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
1474a0c2ada2d04853fe3fd39294d7ddd21910a109df84daa621637cf8c7b21e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 10:44:57 GMT
server
imgix
age
1379700
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-imgix-id
08f25de29af9b30386d6da7ac3e458a2915e7708
accept-ranges
bytes
content-length
3040
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10061-SJC, cache-fra19180-FRA
6.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/32795b0cd4d9cd5fce8791a6c79b2bd7579fdade/
6 KB
6 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/32795b0cd4d9cd5fce8791a6c79b2bd7579fdade/6.png?auto=compress,format&fit=scale&w=130&h=130
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
8b8f338432e419ddc4c0136ca65dc694d1a37ca9cf8adcca7d4838361f0c28f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Jun 2021 09:09:14 GMT
server
imgix
age
1212643
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-imgix-id
66698305998546d3aa3516cf64f95a22906c79c2
accept-ranges
bytes
content-length
6046
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10030-SJC, cache-fra19180-FRA
7.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/0882a0cdee2dcf0444c197e9b6b306cf8290c5e5/
4 KB
4 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/0882a0cdee2dcf0444c197e9b6b306cf8290c5e5/7.png?auto=compress,format&fit=scale&w=130&h=130
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
df3227b3b6cf1680d8a7204854ff60d4c0bae887ae44c30f6487553219b30713
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 09:54:47 GMT
server
imgix
age
1382709
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-imgix-id
94e7f7cac73a5b2989902e488cdd9204a028a302
accept-ranges
bytes
content-length
3676
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10070-SJC, cache-fra19180-FRA
8.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/3b0eeb7b08628670634f2afbcbc27abf6eb3f878/
2 KB
3 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/3b0eeb7b08628670634f2afbcbc27abf6eb3f878/8.png?auto=compress,format&fit=scale&w=130&h=130
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
0a9776238d06de1d5acde794b0b859fbc4399e2a3819f8c7a4f3a747b297761d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 10:07:14 GMT
server
imgix
age
1381963
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-imgix-id
0f1f36b3e9e9d14b68871b2edb841a23582be5ca
accept-ranges
bytes
content-length
2490
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10029-SJC, cache-fra19180-FRA
P4.png
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/e7c6d7757476917df909ec8c848f6f9d33acc4c9/
26 KB
26 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/e7c6d7757476917df909ec8c848f6f9d33acc4c9/P4.png?auto=compress,format&fit=scale&w=480&h=480
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
857e2aa239412b72b5030e4126b560a15b71834106e2a72f221f29fbd3c7215f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 10:02:24 GMT
server
imgix
age
1382252
vary
Accept, User-Agent
x-cache
HIT, HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
x-imgix-id
71b26ba85fe67a87ec0925c5ad143256846d03de
accept-ranges
bytes
content-length
26356
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10058-SJC, cache-fra19180-FRA
gtm.js
www.googletagmanager.com/
155 KB
54 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M7F54HJ
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d290164885121f4569810f34602db5b84cf1fcb39da12318ee4227e83005c75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54999
x-xss-protection
0
last-modified
Thu, 24 Jun 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Jun 2021 09:59:57 GMT
ok%20icon.svg
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/42c135524f75e16e937a9e2134597f718c90a1c5/
952 B
693 B
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/42c135524f75e16e937a9e2134597f718c90a1c5/ok%20icon.svg
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
8173c0230c9cf0ae2c22ce6f9e7b56d668476458ccc6f444c86cc717c0891e95
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1382712
x-cache
HIT, HIT
x-imgix-id
f6c57b5d0cd5b70fba14bc2906e9e15d2595a620
content-length
442
x-served-by
cache-sjc10054-SJC, cache-fra19180-FRA
last-modified
Thu, 22 Oct 2020 18:07:47 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
moneyback.svg
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/20b5a7f4039c5476adc888e86a802cba68bf45cf/
113 KB
31 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/20b5a7f4039c5476adc888e86a802cba68bf45cf/moneyback.svg
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
edaf6e65b40c99603ffde4743a2893502fab3fbdab16166d6a7facdab4d20967
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1382084
x-cache
HIT, HIT
x-imgix-id
2644e9e4c0a7b475f0f596c7e162e2201257e1c3
content-length
31466
x-served-by
cache-sjc10029-SJC, cache-fra19180-FRA
last-modified
Sun, 25 Oct 2020 18:07:48 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
ID_white.svg
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/4708172de9d807f1c7fe95cf951fb6aeba690f4b/
5 KB
2 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/4708172de9d807f1c7fe95cf951fb6aeba690f4b/ID_white.svg
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
9478a4df25f038c8b3860939f7becdf472e7d6f26b93bfa1f39e77d05ee62b55
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1382084
x-cache
HIT, HIT
x-imgix-id
95cf62c45aab6d840dd1dcf92b599f8cfd550986
content-length
1885
x-served-by
cache-sjc10048-SJC, cache-fra19180-FRA
last-modified
Sat, 24 Oct 2020 10:33:37 GMT
server
imgix
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2419200
accept-ranges
bytes
cross-origin-resource-policy
cross-origin
jquery-1.12.2.min.js
cdn.convertri.com/
314 KB
85 KB
Script
General
Full URL
https://cdn.convertri.com/jquery-1.12.2.min.js?v=2021-05-18-07-58-18
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5277581963354e92212c3318ad1d57a8da3b695a87cc2938409ef37dccd2baa

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 08:37:54 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 08:37:45 GMT
server
AmazonS3
age
177724
etag
W/"a6ad98de88498561c519124ac0cd4c3b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
L_G7I6GIfKOEqsiR1BjSYQFjw52Nj-WALf4xE8ayzxbqrya8oQ0UNw==
truncated
/
171 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15222d11812980b9eec975d2ee224fc5924a0080ea8cc4a4887c82f4cf60404b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93f57b8958c377861c27d6b7f55d3036a4e603df0a293e80e4700034c4d83bb1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
open-sans-700.ttf
cdn.convertri.com/font/
35 KB
36 KB
Font
General
Full URL
https://cdn.convertri.com/font/open-sans-700.ttf
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79431c33f2330eccac17fdd2aa229c0ce43b9db9c7bec3031178e68a004331e2

Request headers

Origin
https://start.herbaly.com
Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 20:21:36 GMT
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
age
4455502
x-cache
Hit from cloudfront
content-length
35924
last-modified
Sat, 23 Jul 2016 08:57:46 GMT
server
AmazonS3
etag
"bdafb9df42d16395dd5d87d12a74ea3f"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
kEn5ZxsrOeb-lcf0YEtneZ6zxNF6Ig-jX-8I1FYHGW1rgyZhkBSyJQ==
open-sans-400.ttf
cdn.convertri.com/font/
33 KB
34 KB
Font
General
Full URL
https://cdn.convertri.com/font/open-sans-400.ttf
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24b337181983cb1cff33d2bacf608a0568be59b83e505e26c8597cea5d2171c4

Request headers

Origin
https://start.herbaly.com
Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 20:21:36 GMT
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
age
4455502
x-cache
Hit from cloudfront
content-length
34156
last-modified
Sat, 23 Jul 2016 08:57:13 GMT
server
AmazonS3
etag
"953de7bafd9fdbf41ea443aacabe2706"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
kphhS5vRiFZo4IDqO_7I5wYeE-PteFxUEP_VMvgRWLv1qEeW-ZDMug==
KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v27/
35 KB
36 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxP.ttf
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52e0349a641604d5204952039bfac8acde78242227defae8864d1caa48b8c5c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://start.herbaly.com
Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 01:50:34 GMT
x-content-type-options
nosniff
age
29363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36216
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jun 2022 01:50:34 GMT
KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v27/
35 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc9.ttf
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52dc362cae7e441a98741305a38b045859ac60e99377d9d88922ec32cb944cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://start.herbaly.com
Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 14:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20778
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:45 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Jun 2022 14:41:13 GMT
cdn.min.css
cdn.convertri.com/
64 KB
7 KB
Stylesheet
General
Full URL
https://cdn.convertri.com/cdn.min.css?v=2021-05-18-07-58-18
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c9005f820b70376ccde98ea2b3b749973c429cff4c7d4d293db470da143a8a1

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 08:37:52 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 08:37:47 GMT
server
AmazonS3
age
177726
etag
W/"71389decce366f056cc4738a1c47789a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Wiw7zh1yDhtOnW5Twy4y0ZH4YjoNbEd96pmZvd57OoEvYsZ90B1azQ==
cookie-bite-solid.svg
cdn.convertri.com/img/script-consent/v1/
908 B
1 KB
Image
General
Full URL
https://cdn.convertri.com/img/script-consent/v1/cookie-bite-solid.svg
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-91.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b315619c16af1d094dbf9d77f4ff685639c2c856dad115bdda3cf29a33123b46

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Jun 2021 08:31:12 GMT
via
1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 14:38:53 GMT
server
AmazonS3
age
523726
etag
"87a38f9df4a93c94e844c5f549b6a491"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
908
x-amz-cf-id
kmKrFjMt9d5RaQ_9Dql6kQhk09Azwm4pF8EHT6WbM1fZGnz847oqDg==
dNNwk0TitPMBc2ayqxrdBlDS86PbYC8DpaKcEB3VTmCFE54m5kxwILtxH-efcNUuCRErSMJN_vGFIHsF_rmJxzbttz0ESCT_UgR9--2ID2Q~
www.day-sugar-useful.com/
97 KB
34 KB
Script
General
Full URL
https://www.day-sugar-useful.com/dNNwk0TitPMBc2ayqxrdBlDS86PbYC8DpaKcEB3VTmCFE54m5kxwILtxH-efcNUuCRErSMJN_vGFIHsF_rmJxzbttz0ESCT_UgR9--2ID2Q~?hid=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F&uid=&v=3.2.1
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ac2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dee0808efec2180c2914203d9b40b706e38971d80f705de94fb727c93fb3f593
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-backend-connect-time
0.000
x-backend-status
200
x-backend-server
hydra-hydra1
cf-request-id
0adf0f571100004e56cd29f000000001
pragma
no-cache
referrer-policy
never, no-referrer
x-robots-tag
none
x-backend-response-time
0.049
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript; charset=utf-8
x-xss-protection
0
cache-control
no-cache
content-security-policy
upgrade-insecure-requests
cf-ray
66451b381e6b4e56-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/
225 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6ceac7c9256818063558b075838ecf9d1aba24437fb0bef38b11c7c64914e6f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
532 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdb606af80827609406c3e38feec29b3163532f5bd9253eefbee50925f87f1d3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
299 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8bc0f5a38e5948cfe0bf3bf5ff850d294f1924e87626ae51710be3f69cc7dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
hotjar-1067214.js
static.hotjar.com/c/
5 KB
3 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1067214.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7F54HJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7e0c2c713d34470d7302e5239ecdabd70573106b63f957ff41392b85f446a122
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
AMS1-C1
etag
W/6065d77b6db4ee10b3aed24d943f5e3b
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
UJ6WCpeUdG21cyPvlmYzlgHstTv5KuplEjNVrH6iN1NiBvWqx-wfrA==
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
conversion_async.js
www.googleadservices.com/pagead/
36 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7F54HJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
835a3f9f16d6b865bc47f8955aa45da0adb979b89d4880fe69c90497dcac46c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13980
x-xss-protection
0
server
cafe
etag
15164145023890173193
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 24 Jun 2021 09:59:57 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7F54HJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
1692
date
Thu, 24 Jun 2021 09:31:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 24 Jun 2021 11:31:45 GMT
bat.js
bat.bing.com/
30 KB
9 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7F54HJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 20:25:24 GMT
x-msedge-ref
Ref A: 085FD7DCB2AC47F9A458323D86114248 Ref B: FRAEDGE1513 Ref C: 2021-06-24T09:59:57Z
etag
"0d2a696ff53d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9008
fbevents.js
connect.facebook.net/en_US/
103 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/herbaly005he/her4474nfrh11.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1d7ec022c03f680ee0030df9213ff142f43f9159ccf9b283aba1273dda485e20
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
22474
x-xss-protection
0
pragma
public
x-fb-debug
/04By7Bx/d07wwcCE8CqVSsIK5/7Vuv6bcRn9Vc5qR2ffzb6wra0JxJnCK1oJji5DQwCU+PgEWfXKKsnjGRXLQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Thu, 24 Jun 2021 09:59:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
core.js
s.pinimg.com/ct/
1 KB
1 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/herbaly005he/her4474nfrh11.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
503f17f1ead39e733bbf304e686d367d5c7051a5df079f15b7e251b479959b13

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
fastly-restarts
1
x-cdn
fastly
etag
"57947439b864e017feed0d94316d5a8c"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
obtp.js
amplify.outbrain.com/cp/
7 KB
3 KB
Script
General
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/herbaly005he/her4474nfrh11.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 09:59:57 GMT
Content-Encoding
gzip
X-Check-Cacheable
YES
Server
AkamaiNetStorage
X-Akamai-Pragma-Client-IP
10.53.140.30, 37.46.199.188
ETag
"c43e7f1b0459d05cce32768dd16af59b:1616414624.063318"
X-Serial
1
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Last-Modified
Mon, 22 Mar 2021 12:03:44 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2864
Expires
Thu, 24 Jun 2021 10:19:57 GMT
klaviyo.js
static.klaviyo.com/onsite/js/
2 KB
1 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KAk96T
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M7F54HJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0fbbb7b42c2f2a6cb81eb93cbd2adb6e18031d1bbd2b2abb088ba0d8859bb407

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
age
42418
x-cache
HIT, MISS
access-control-max-age
86400
content-length
860
x-served-by
cache-lga21936-LGA, cache-hhn4030-HHN
access-control-allow-origin
*
allow
OPTIONS, GET
server
nginx
x-timer
S1624528798.549422,VS0,VE82
etag
W/"16e0140a1ec0753d960b82f53a425d3c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1, 0
i
snowplow.convertri.com/
43 B
338 B
Image
General
Full URL
https://snowplow.convertri.com/i?stm=1624528797473&e=pv&url=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&page=Herbaly%20Tea%20-%20Control%20Your%20Blood%20Sugar&refr=http%3A%2F%2Fprofessionmedia.com%2F&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=c0b36d8e-3943-49be-b812-3ca1a1a693fd&dtm=1624528797467&vp=1600x1200&ds=1600x7124&vid=1&sid=62cdc94a-6d26-4fb5-ae0f-d02be86f418d&duid=165f90de-8185-4204-8a96-7b99677c8fc2&fp=1072425006
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.86.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
spray-can/1.3.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 24 Jun 2021 09:59:57 GMT
access-control-allow-credentials
true
server
spray-can/1.3.3
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
playlist.m3u8
video.cvtdn.com/69b382d3-15ef-11eb-abef-0697e5ca793e/
227 B
487 B
XHR
General
Full URL
https://video.cvtdn.com/69b382d3-15ef-11eb-abef-0697e5ca793e/playlist.m3u8
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.14.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
1f73473782ee4af26fc73da25ccf634e54743510da6b15afb3b723ef6b894a75

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-guploader-uploadid
ABg5-UyBmWHmhorfy-UVHqiJfBh-waAS0B2qQW9Ek5Nqom4LfkbgUq2DHm30uT6juO7ctIxc3vs5XdEUTog2ViZhRmrTrbhh8A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
227
last-modified
Sat, 24 Oct 2020 11:54:03 GMT
server
UploadServer
etag
"ca7c8a26dd2e8ca12b6e75564e3c91c2"
x-goog-hash
crc32c=84nxPA==, md5=ynyKJt0ujKErbnVWTjyRwg==
x-goog-generation
1603540443932793
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
227
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 24 Jun 2021 10:59:57 GMT
playlist.m3u8
video.cvtdn.com/bcf15b01-15ef-11eb-abef-0697e5ca793e/
127 B
695 B
XHR
General
Full URL
https://video.cvtdn.com/bcf15b01-15ef-11eb-abef-0697e5ca793e/playlist.m3u8
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.14.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a71636b2eaccf7e106424ec74d72fc51e4defa29b3a597ef557022282268c312

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-guploader-uploadid
ABg5-UyEk3j1G2GdiCr1QusXy0r00qiIFpjcZOKzdm9Sw2sTLkss1YxMfTLqeb8zXqkvu8Aa-90n3pd_pLIoB338aEQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
127
last-modified
Sat, 24 Oct 2020 11:56:32 GMT
server
UploadServer
etag
"9ef57a49c66bbaa77d800c8c0ef1c75d"
x-goog-hash
crc32c=IefuLQ==, md5=nvV6ScZruqd9gAyMDvHHXQ==
x-goog-generation
1603540592302493
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
127
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 24 Jun 2021 10:59:57 GMT
playlist.m3u8
video.cvtdn.com/1367b16a-15f0-11eb-abef-0697e5ca793e/
226 B
482 B
XHR
General
Full URL
https://video.cvtdn.com/1367b16a-15f0-11eb-abef-0697e5ca793e/playlist.m3u8
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.14.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5a3080bbc09c76f49ee1350118fc3022eb48db105d66f78602aa6d407466fcda

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-guploader-uploadid
ABg5-UzLsltSFL6sg9UCwYrFE6ydLVWhkfQoYx_FyK9KzSofUen6BIWSVFRPm0h-VbGGAlMHw5iskgf8QMdSev6_Tn0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
226
last-modified
Sat, 24 Oct 2020 11:59:36 GMT
server
UploadServer
etag
"f462cfa230575db10933859ac45996d4"
x-goog-hash
crc32c=iH8/Pg==, md5=9GLPojBXXbEJM4WaxFmW1A==
x-goog-generation
1603540776717678
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
226
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 24 Jun 2021 10:59:57 GMT
playlist.m3u8
video.cvtdn.com/7bb14e9b-15ed-11eb-abef-0697e5ca793e/
227 B
475 B
XHR
General
Full URL
https://video.cvtdn.com/7bb14e9b-15ed-11eb-abef-0697e5ca793e/playlist.m3u8
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.14.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
887823af2cf6b4b80c929647b782a1a66573f5717e7e74aa9a37a923d652ce1a

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-guploader-uploadid
ABg5-UyrvAYyWV9tGPh39ohPpZZvyTDS_8_z0h1AKzTOxss4dgtTTHXfVwXjSLPHlKq795LdUDsz8GIS3DbxuNsBTgU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
227
last-modified
Sat, 24 Oct 2020 11:41:04 GMT
server
UploadServer
etag
"d88501f321c8bbcd04727eb9f2c707b1"
x-goog-hash
crc32c=S1Gsng==, md5=2IUB8yHIu80Ecn658scHsQ==
x-goog-generation
1603539664493571
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
227
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 24 Jun 2021 10:59:57 GMT
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:37:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1363
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Thu, 24 Jun 2021 10:37:14 GMT
js
www.google-analytics.com/gtm/
118 KB
40 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-M5XXR2Z&t=gtm4&cid=718582575.1624528798
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e724e2c84bc956d0154980a78be9865cbee5653438395438ffab272f4f84499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40835
x-xss-protection
0
expires
Thu, 24 Jun 2021 09:59:57 GMT
1932379350399629
connect.facebook.net/signals/config/
355 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1932379350399629?v=2.9.5&r=c2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8e6fe907e05707b6eef1f44abb4f3e9c6eacbd9dc4d229e076378584fc63797
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
N64XfGQCw+bZ/jq7ORkbexxE1DB/vD4oSbTkjG+eGH9hFwaEQdk2T8VKPw7lFCAWRInwfg+uXVAItGWxF8JBxA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 24 Jun 2021 09:59:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
26018916.js
bat.bing.com/p/action/
0
128 B
Script
General
Full URL
https://bat.bing.com/p/action/26018916.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 24 Jun 2021 09:59:57 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 96DF7294BF80428BB5EDBDC5A1755178 Ref B: FRAEDGE1513 Ref C: 2021-06-24T09:59:57Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
149 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=26018916&tm=gtm001&Ver=2&mid=640f4149-9e2e-4682-9857-fd436124f60f&sid=ee8f72a0d4d211ebbc05b5dbfdca38ad&vid=ee8f8b00d4d211eba01b9f54caed7cee&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Herbaly%20Tea%20-%20Control%20Your%20Blood%20Sugar&p=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&r=http%3A%2F%2Fprofessionmedia.com%2F&lt=336&evt=pageLoad&msclkid=N&sv=1&rn=615619
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 084BE51CDAC540089976C80A6BB61095 Ref B: FRAEDGE1513 Ref C: 2021-06-24T09:59:57Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/793798373/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/793798373/?random=1624528797559&cv=9&fst=1624528797559&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&ref=http%3A%2F%2Fprofessionmedia.com%2F&tiba=Herbaly%20Tea%20-%20Control%20Your%20Blood%20Sugar&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da572feb66bed7998092375acea933db0b85f436388a2dc5ac7c6c359cec9905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1226
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
header.jpg
convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/bd1f6e8092ebd1e5fa8b088b773e4c27b2c92666/
61 KB
61 KB
Image
General
Full URL
https://convertri.imgix.net/ed9e4f3d-286a-11ea-99fe-0697e5ca793e/bd1f6e8092ebd1e5fa8b088b773e4c27b2c92666/header.jpg?auto=compress,format&fit=clip&w=1600
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
3acf244aa6cc3f8f5ae2f82baaf745a6592af1ffc94f9b5ae8ec2503f02b1b2f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
age
583839
x-cache
MISS, HIT, MISS
x-imgix-id
df309347f8b90cb28e2605418283be4032c7e1d0
fastly-restarts
1
x-served-by
cache-sjc10069-SJC, cache-sjc10079-SJC, cache-fra19180-FRA
accept-ranges
bytes
last-modified
Thu, 17 Jun 2021 15:49:19 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2419200
content-length
62492
cross-origin-resource-policy
cross-origin
modules.1b9e3db873e774f8aa4f.js
script.hotjar.com/
219 KB
58 KB
Script
General
Full URL
https://script.hotjar.com/modules.1b9e3db873e774f8aa4f.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1067214.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.77.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d124233dd510f9b5bfe1a1d5c7114be3f549d55ab17e4126377d6abf341b722d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
412
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59004
access-control-allow-origin
*
last-modified
Thu, 24 Jun 2021 09:52:18 GMT
etag
"25e61257d01cfa3f1f4d0b0a6a78d5c7"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
lauMoLp-hanyQqhL9IrrKQKRr4vFZU3TZNCmDzVW5eqmRowNeNDbiw==
main.c6ca189a.js
s.pinimg.com/ct/lib/
50 KB
17 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.c6ca189a.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1f::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e68c7f596671913cde21ea0a5c4367b743a79422d87b0659e22f00673c5aeb8

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
fastly-restarts
1
x-cdn
fastly
etag
"6ed3b8d9c0f104e8bf55431013d34078"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
17534
access-control-expose-headers
X-CDN
collect
stats.g.doubleclick.net/j/
4 B
90 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-126168373-1&cid=718582575.1624528798&jid=1470416599&gjid=894601417&_gid=818116126.1624528798&_u=aGDAgEALQAAAAE~&z=1692354572
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 24 Jun 2021 09:59:57 GMT
content-type
text/plain
access-control-allow-origin
https://start.herbaly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
71 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-126168373-4&cid=718582575.1624528798&jid=2062646434&gjid=771385648&_gid=818116126.1624528798&_u=aGDAgEALQAAAAE~&z=1281522230
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 24 Jun 2021 09:59:57 GMT
content-type
text/plain
access-control-allow-origin
https://start.herbaly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=844622672&t=pageview&_s=1&dl=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&dr=http%3A%2F%2Fprofessionmedia.com%2F&ul=en-us&de=UTF-8&dt=Herbaly%20Tea%20-%20Control%20Your%20Blood%20Sugar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEALQ~&jid=1470416599&gjid=894601417&cid=718582575.1624528798&tid=UA-126168373-1&_gid=818116126.1624528798&gtm=2wg6g0M7F54HJ&cd5=http%3A%2F%2Fprofessionmedia.com%2F&cd6=utm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&z=584651278
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 07:10:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
10149
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=844622672&t=pageview&_s=1&dl=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&dr=http%3A%2F%2Fprofessionmedia.com%2F&ul=en-us&de=UTF-8&dt=Herbaly%20Tea%20-%20Control%20Your%20Blood%20Sugar&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEALQAAAAE~&jid=2062646434&gjid=771385648&cid=718582575.1624528798&tid=UA-126168373-4&_gid=818116126.1624528798&gtm=2wg6g0M7F54HJ&z=1790733780
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 07:10:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
10149
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cachedClickId
tr.outbrain.com/
35 B
239 B
Script
General
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00eb2631c9eb654fb0281ceb23c132db3e
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
X-TraceId
69dfaec7e2bc519614f6acfa5eff6075
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/
43 B
256 B
Image
General
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00eb2631c9eb654fb0281ceb23c132db3e&obApiVersion=1.1&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&optOut=false&bust=04298168855271973
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 09:59:57 GMT
Cache-Control
no-cache
X-TraceId
709292d81eb3ff3aaefb5d4b5bd760c4
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
/
www.google.com/pagead/1p-user-list/793798373/
42 B
139 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/793798373/?random=1624528797559&cv=9&fst=1624525200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&frm=0&url=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&ref=http%3A%2F%2Fprofessionmedia.com%2F&tiba=Herbaly%20Tea%20-%20Control%20Your%20Blood%20Sugar&async=1&fmt=3&is_vtc=1&random=1050881250&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/793798373/
42 B
155 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/793798373/?random=1624528797559&cv=9&fst=1624525200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6g0&sendb=1&frm=0&url=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&ref=http%3A%2F%2Fprofessionmedia.com%2F&tiba=Herbaly%20Tea%20-%20Control%20Your%20Blood%20Sugar&async=1&fmt=3&is_vtc=1&random=1050881250&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
108 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-126168373-1&cid=718582575.1624528798&jid=1470416599&_u=aGDAgEALQAAAAE~&z=1331051837
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
108 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-126168373-1&cid=718582575.1624528798&jid=1470416599&_u=aGDAgEALQAAAAE~&z=1331051837
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-126168373-4&cid=718582575.1624528798&jid=2062646434&_u=aGDAgEALQAAAAE~&z=641510543
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-126168373-4&cid=718582575.1624528798&jid=2062646434&_u=aGDAgEALQAAAAE~&z=641510543
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
299 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1932379350399629&ev=PageView&dl=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&rl=http%3A%2F%2Fprofessionmedia.com%2F&if=false&ts=1624528797624&sw=1600&sh=1200&v=2.9.5&r=c2&ec=0&o=30&fbp=fb.1.1624528797623.1671822783&it=1624528797539&coo=false&rqm=GET
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 24 Jun 2021 09:59:57 GMT
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 0E95
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1067214.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-73.fra2.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.herbaly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.herbaly.com/

Response headers

content-type
text/html
content-length
1044
date
Thu, 03 Jun 2021 10:15:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 03 Jun 2021 10:14:54 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
S9dJ5U30LXt7eaXY70ln0Ehzf-P1v_2ThDN7O5IgcpKrbcG_a-J5ew==
age
1813492
/
ct.pinterest.com/user/
337 B
532 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2613997848747&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1624528797635
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.c6ca189a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4186cb82046abff174718350bb4493c13e32ee4e53f5b0783a2142599feb1a69

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
referrer-policy
origin
x-cdn
fastly
content-type
application/json; charset=utf-8
access-control-allow-origin
https://start.herbaly.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
pin-unauth
dWlkPU9XRXhOakZoTTJJdE16UTROeTAwTXpFeUxXRTJNRGd0TXpBeE5HWTBNakl5T1RZMQ
x-pinterest-rid
7048219471547742
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
content-length
300
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
146 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2613997848747&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F%22%2C%22ref%22%3A%22http%3A%2F%2Fprofessionmedia.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c6ca189a%22%2C%22floc_enabled%22%3Afalse%2C%22ecm_enabled%22%3Afalse%7D&cb=1624528797637
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
x-pinterest-rid
8212003626186682
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
fender_analytics.8f3296b478a8d6079405.js
static.klaviyo.com/onsite/js/
20 KB
7 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/fender_analytics.8f3296b478a8d6079405.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KAk96T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c7dae61fcb392e31f039dadf2588fa6fff6ab2a68bf7c0ea085ed820bc192a5

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8D0ia3AuZsU3kWdPnbUM4eOKYBslQOUQ
content-encoding
gzip
etag
"3bb447375636c68cce8cc227188340f0"
age
42430
x-cache
HIT
fastly-restarts
1
x-amz-id-2
8F6eZrwNaBlk1df6Elzn3g+DSFFdwoVzuDMed8cXtghUsDwT4vf2FQdlwo0QJXX3gS2bXxc27DE=
x-served-by
cache-hhn4030-HHN
accept-ranges
bytes
last-modified
Wed, 23 Jun 2021 22:11:26 GMT
server
AmazonS3
date
Thu, 24 Jun 2021 09:59:57 GMT
vary
Accept-Encoding
x-amz-request-id
J4YT2111VWD3GQCP
via
1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
content-length
6923
content-type
application/x-javascript
x-cache-hits
24741
sharedUtils.ff79bf923e79d7911102.js
static.klaviyo.com/onsite/js/
72 KB
18 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.ff79bf923e79d7911102.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KAk96T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f69169f5e6d4cbc91f140c53b2a18e2731847e36b3c0da15b51a14c748355d5

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1NcGdUfyQA_fYTsnKBmI5URJU1Lc_.dp
content-encoding
gzip
etag
"502f6b9a0f69a084385147fb98ba3702"
age
42430
x-cache
HIT
fastly-restarts
1
x-amz-id-2
NmMJW1mNRnlcWZ5K4ArPsh68NocXl8h1+XA2ZJkwdkhUokHvFgC0rGDLbDFUzeoEc9D7SnXuQfM=
x-served-by
cache-hhn4030-HHN
accept-ranges
bytes
last-modified
Wed, 23 Jun 2021 22:11:26 GMT
server
AmazonS3
date
Thu, 24 Jun 2021 09:59:57 GMT
vary
Accept-Encoding
x-amz-request-id
J4YPR257S449V0D0
via
1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
content-length
18588
content-type
application/x-javascript
x-cache-hits
26858
static.fb1b261918648fbbf840.js
static.klaviyo.com/onsite/js/
12 KB
5 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/static.fb1b261918648fbbf840.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KAk96T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fe80bb5514ab6917a6a0c356e822c37782cdfacc2f6d83ccdf187edb7ffdbe2c

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
LIs5FTsa.CB0QjFS6dQS0zzjlfYjPz0e
content-encoding
gzip
etag
"e79795eb4ef2d53ac7dcd40eb33ecec9"
age
42430
x-cache
HIT
fastly-restarts
1
x-amz-id-2
0/GzMT1Jb0WbRLvYNY5oNxa58BhMPnjOPvJskbu68REbZng91XjJt++br8m1rUvo48CkbZQyDVc=
x-served-by
cache-hhn4030-HHN
accept-ranges
bytes
last-modified
Wed, 23 Jun 2021 22:11:26 GMT
server
AmazonS3
date
Thu, 24 Jun 2021 09:59:57 GMT
vary
Accept-Encoding
x-amz-request-id
J4YX9GEAT8WNM36J
via
1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
content-length
5006
content-type
application/x-javascript
x-cache-hits
25035
styles.e4cca842c10ad5df6926.js
static.klaviyo.com/onsite/js/
239 B
354 B
Script
General
Full URL
https://static.klaviyo.com/onsite/js/styles.e4cca842c10ad5df6926.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KAk96T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22ed99ec8e4851160f11f8dcf462c43a1ff343793d2521be5256958bdeb19ced

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iHQOGtMOuYKRmsOZ9Bdp9EQ4foUojX6Z
content-encoding
gzip
etag
"fe134dc7e5f049d83248ee479726b02d"
age
42431
x-cache
HIT
fastly-restarts
1
x-amz-id-2
vxGEPL8jVUpaBBI0wy0UMtMgOWhPcrfzSqZRKCfvHgwI3++3a3PasaHZI+vQpxHxDl+vqtHhfsg=
x-served-by
cache-hhn4030-HHN
accept-ranges
bytes
last-modified
Wed, 23 Jun 2021 22:11:26 GMT
server
AmazonS3
date
Thu, 24 Jun 2021 09:59:57 GMT
vary
Accept-Encoding
x-amz-request-id
J4YHZQM0R1X4V1SR
via
1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
content-length
163
content-type
application/x-javascript
x-cache-hits
17825
sentry.e9c13b4f41b96aec7b8a.js
static.klaviyo.com/onsite/js/
40 KB
14 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/sentry.e9c13b4f41b96aec7b8a.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KAk96T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb816046f2eeabf435bf4702316a76a4705514a0a67154d293148fb9f6d97a57

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ZFLKqCc2LYQQU2g1DGcstj8ZfzbYtYxx
content-encoding
gzip
etag
"c35b07d5b5ba2091dde78dcd3a319c09"
age
42435
x-cache
HIT
fastly-restarts
1
x-amz-id-2
kzKbY8dt/I/ojYvAij8G7IMIhgjNeqS4DYpx7KiqFWix0RWqvyqnUtCShPMyNbA1CFau8f6g+N8=
x-served-by
cache-hhn4030-HHN
accept-ranges
bytes
last-modified
Wed, 23 Jun 2021 22:11:26 GMT
server
AmazonS3
date
Thu, 24 Jun 2021 09:59:57 GMT
vary
Accept-Encoding
x-amz-request-id
85DJFD31E201W2X6
via
1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
content-length
13798
content-type
application/x-javascript
x-cache-hits
18567
vendors~signup_forms.eee1e0d5709263053b9f.js
static.klaviyo.com/onsite/js/
209 KB
61 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms.eee1e0d5709263053b9f.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KAk96T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e7079c87c4789b9c5007b0e400216c6463b13ef623f4c47e08fa667ba0fd22a

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
G.R2OcGdO8P3cXCcaCcbAnFWuEkfVccU
content-encoding
gzip
etag
"520553c2faa55a5aedc6513207576352"
age
42429
x-cache
HIT
fastly-restarts
1
x-amz-id-2
Xx8A3PWhiAgZuXomRpQsnlp1kIrIypI6YU7ALsU7MAjEX4wticlVO1TE5vsU9kh7Lgo0aUzqhYk=
x-served-by
cache-hhn4030-HHN
accept-ranges
bytes
last-modified
Wed, 23 Jun 2021 22:11:27 GMT
server
AmazonS3
date
Thu, 24 Jun 2021 09:59:57 GMT
vary
Accept-Encoding
x-amz-request-id
8G01F9QY6TX83GTT
via
1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
content-length
62255
content-type
application/x-javascript
x-cache-hits
16127
signup_forms.de6253e15a0da2e5118f.js
static.klaviyo.com/onsite/js/
183 KB
41 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/signup_forms.de6253e15a0da2e5118f.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KAk96T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1464b7f00bd790ef315be74d4e7603ccc93ff39f38c90d80826e4bf8c20fe86

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
bdGBe6E47pLa9wLdaPw6UMxEDMz9uhk4
content-encoding
gzip
etag
"9ff63e0a2c41ee26824062e7d6a7ebeb"
age
42432
x-cache
HIT
fastly-restarts
1
x-amz-id-2
S79pVtPL5aXPHSZTeFhmEvEJXUydSoAoQyykaAdZ7VMZtxpG9Itdttbh+hjOpH6oUV3GFejsvUk=
x-served-by
cache-hhn4030-HHN
accept-ranges
bytes
last-modified
Wed, 23 Jun 2021 22:11:26 GMT
server
AmazonS3
date
Thu, 24 Jun 2021 09:59:57 GMT
vary
Accept-Encoding
x-amz-request-id
YY5MXA5KJ07N9V9T
via
1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
content-length
41551
content-type
application/x-javascript
x-cache-hits
19337
1.f492a3d1ada3f6002e9a.css
static.klaviyo.com/onsite/js/
65 KB
6 KB
Stylesheet
General
Full URL
https://static.klaviyo.com/onsite/js/1.f492a3d1ada3f6002e9a.css
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KAk96T
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a630ce79186c69f2f0d1406f523cf4a4f5406677ea7a3ce0a87e007251ef178

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AcP3ITS.5awCaZiMq9.zcwRJwEom6hRr
content-encoding
gzip
etag
"5e4123e6002c2e8305a442b64af5b874"
age
42435
x-cache
HIT
fastly-restarts
1
x-amz-id-2
SQHNz+DjaKiCsqfSCz3nwqGeP9COuk4HhifHf82FaRJyzuWX8c6rWASP6e8gqo/cRu6lJ/125EY=
x-served-by
cache-hhn4030-HHN
accept-ranges
bytes
last-modified
Wed, 23 Jun 2021 22:11:27 GMT
server
AmazonS3
date
Thu, 24 Jun 2021 09:59:57 GMT
vary
Accept-Encoding
x-amz-request-id
CAHY2JP4M5TCVKG4
via
1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
content-length
5462
content-type
text/css
x-cache-hits
17845
collect
www.google-analytics.com/mp/
0
18 B
XHR
General
Full URL
https://www.google-analytics.com/mp/collect?api_secret=KnOOVCHJRZKT-RHKfH9GVA&measurement_id=G-D7TT63EPCE
Requested by
Host: www.day-sugar-useful.com
URL: https://www.day-sugar-useful.com/dNNwk0TitPMBc2ayqxrdBlDS86PbYC8DpaKcEB3VTmCFE54m5kxwILtxH-efcNUuCRErSMJN_vGFIHsF_rmJxzbttz0ESCT_UgR9--2ID2Q~?hid=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F&uid=&v=3.2.1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://start.herbaly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dNNwk0TitPMBc2ayqxrdBlDS86PbYC8DpaKcEB3VTmCFE54m5kxwILtxH-efcNUuCRErSMJN_vGFIHsF_rmJxzbttz0ESCT_UgR9--2ID2Q~
users.day-sugar-useful.com/ Frame 6331
7 KB
6 KB
Document
General
Full URL
https://users.day-sugar-useful.com/dNNwk0TitPMBc2ayqxrdBlDS86PbYC8DpaKcEB3VTmCFE54m5kxwILtxH-efcNUuCRErSMJN_vGFIHsF_rmJxzbttz0ESCT_UgR9--2ID2Q~?stm=1624528797718&e=pv&url=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&page=Engagement&refr=http%3A%2F%2Fprofessionmedia.com%2F&tv=js-3.2.1&tna=3dd7d393-d698-4379-9286-b0a694d7ce89&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=f75164e6-0319-435b-ade6-32908a9f7e3e&dtm=1624528797711&vp=1600x1200&ds=1600x7124&vid=1&sid=6c735d5d-dbeb-4549-bf98-ead8baa60394&duid=3dd7d393-d698-4379-9286-b0a694d7ce89&fp=1072425006&jb=Engagement&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaHR0cHM6Ly9zY2hlbWFzLm1heGVwdi5jb20vSnVtYmxlYmVycnkvc25vd3Bsb3ctc2NoZW1hcy9tYXN0ZXIvZW5nYWdlbWVudC9qc29uc2NoZW1hLzEtMC0wLmpzb24iLCJkYXRhIjp7ImhpZF9wYXJhbSI6ImNsaWNrX2lkIn19LHsic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiJmZGIxNzJjMS1hM2MyLTQ4ZWMtYWRiZi0yZTBkYmI1ZTlkMWIifX0seyJzY2hlbWEiOiJpZ2x1Om9yZy53My9QZXJmb3JtYW5jZVRpbWluZy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJuYXZpZ2F0aW9uU3RhcnQiOjE2MjQ1Mjg3OTcxMzksInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjoxNjI0NTI4Nzk3MTM5LCJyZWRpcmVjdEVuZCI6MTYyNDUyODc5NzIzMywiZmV0Y2hTdGFydCI6MTYyNDUyODc5NzIzMywiZG9tYWluTG9va3VwU3RhcnQiOjE2MjQ1Mjg3OTcyMzMsImRvbWFpbkxvb2t1cEVuZCI6MTYyNDUyODc5NzIzMywiY29ubmVjdFN0YXJ0IjoxNjI0NTI4Nzk3MjMzLCJjb25uZWN0RW5kIjoxNjI0NTI4Nzk3MjMzLCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTYyNDUyODc5NzIzMywicmVzcG9uc2VTdGFydCI6MTYyNDUyODc5NzI2MiwicmVzcG9uc2VFbmQiOjE2MjQ1Mjg3OTczMjAsImRvbUxvYWRpbmciOjE2MjQ1Mjg3OTcyNjUsImRvbUludGVyYWN0aXZlIjoxNjI0NTI4Nzk3NDE1LCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MTYyNDUyODc5NzQ3NSwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjoxNjI0NTI4Nzk3NDc1LCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH19XX0
Requested by
Host: www.day-sugar-useful.com
URL: https://www.day-sugar-useful.com/dNNwk0TitPMBc2ayqxrdBlDS86PbYC8DpaKcEB3VTmCFE54m5kxwILtxH-efcNUuCRErSMJN_vGFIHsF_rmJxzbttz0ESCT_UgR9--2ID2Q~?hid=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F&uid=&v=3.2.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ac2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b589749efa7ee3e7ba9f06939d4f6a1d674a26f1914501a6b33093ff8383a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
users.day-sugar-useful.com
:scheme
https
:path
/dNNwk0TitPMBc2ayqxrdBlDS86PbYC8DpaKcEB3VTmCFE54m5kxwILtxH-efcNUuCRErSMJN_vGFIHsF_rmJxzbttz0ESCT_UgR9--2ID2Q~?stm=1624528797718&e=pv&url=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&page=Engagement&refr=http%3A%2F%2Fprofessionmedia.com%2F&tv=js-3.2.1&tna=3dd7d393-d698-4379-9286-b0a694d7ce89&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=f75164e6-0319-435b-ade6-32908a9f7e3e&dtm=1624528797711&vp=1600x1200&ds=1600x7124&vid=1&sid=6c735d5d-dbeb-4549-bf98-ead8baa60394&duid=3dd7d393-d698-4379-9286-b0a694d7ce89&fp=1072425006&jb=Engagement&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaHR0cHM6Ly9zY2hlbWFzLm1heGVwdi5jb20vSnVtYmxlYmVycnkvc25vd3Bsb3ctc2NoZW1hcy9tYXN0ZXIvZW5nYWdlbWVudC9qc29uc2NoZW1hLzEtMC0wLmpzb24iLCJkYXRhIjp7ImhpZF9wYXJhbSI6ImNsaWNrX2lkIn19LHsic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiJmZGIxNzJjMS1hM2MyLTQ4ZWMtYWRiZi0yZTBkYmI1ZTlkMWIifX0seyJzY2hlbWEiOiJpZ2x1Om9yZy53My9QZXJmb3JtYW5jZVRpbWluZy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJuYXZpZ2F0aW9uU3RhcnQiOjE2MjQ1Mjg3OTcxMzksInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjoxNjI0NTI4Nzk3MTM5LCJyZWRpcmVjdEVuZCI6MTYyNDUyODc5NzIzMywiZmV0Y2hTdGFydCI6MTYyNDUyODc5NzIzMywiZG9tYWluTG9va3VwU3RhcnQiOjE2MjQ1Mjg3OTcyMzMsImRvbWFpbkxvb2t1cEVuZCI6MTYyNDUyODc5NzIzMywiY29ubmVjdFN0YXJ0IjoxNjI0NTI4Nzk3MjMzLCJjb25uZWN0RW5kIjoxNjI0NTI4Nzk3MjMzLCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTYyNDUyODc5NzIzMywicmVzcG9uc2VTdGFydCI6MTYyNDUyODc5NzI2MiwicmVzcG9uc2VFbmQiOjE2MjQ1Mjg3OTczMjAsImRvbUxvYWRpbmciOjE2MjQ1Mjg3OTcyNjUsImRvbUludGVyYWN0aXZlIjoxNjI0NTI4Nzk3NDE1LCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MTYyNDUyODc5NzQ3NSwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjoxNjI0NTI4Nzk3NDc1LCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH19XX0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://start.herbaly.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
s5827=3dd7d393-d698-4379-9286-b0a694d7ce89
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://start.herbaly.com/

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-type
text/html; charset=utf-8
cf-ray
66451b39fb234e56-FRA
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:01 GMT
refresh
1;URL=https://users.good-watch-candle.com/1KUr6oKcAA_nTZyrqW4DheOTW8u4iHtc151O54BWv0ADcvkQ5HrDkJ5L-Qp_qJmRHDfPJAA6BR-x_VfIJETcz5k0nKR4pXmQCBimLpBNx4U_Q3M0EqiST_nyolFS9sxos2h-X06G0LaT7dBxNY3B6UZ5ie0oZG3XHy-9kyhC3F5Je_mTE5n16FLhi-2dpidFoqvOcmwih3S416_E1bOUEVzcVpZekgb40hat0BAPaQQBCc0JU0o0-liFZ47_NzDRqq9vHkQP9Wv3I7R-voEHkmRAX02uPwFfNjd9jdYT4ACYO6ds6Q5LmSxWDMAxxlbUJIAl3O6040QfJQ1JwJ8VYpWu8w3RVjjlQjIzdlGMgz08JnFb4QksXXX8jRM6BaMUtppHkwCNZC3j1bFvUhb-Zltar5vZiaQ432Z12M9zQ6jn4HUuWoHdA3zfbbuZ2l0YDTo8tKTpnKkv3zRC051nb9hix43XbTIkDPhxsLpYF_XMgzjpCoHmvg7_52bvIA_1VQoam-GQhN1TIdM4VZrTpwguVBpMQsbtUu7_c0pQo4o-bNvlRHxTRic6QUa7Qm429cGjCJF9OXZJSJseMsVhUsw0CqNtNzRZwI4H5TKxMREr7pwNM-m1tcb0JvBBNgWFOkDIQkSY4u5APRwkJJr_ZSP2gysz860Bz9jjEOMFzTS_jr-goFt1xBdrRrR_WcYoXF4XJjQ3PmdE0PrEcNYja-io5OUhiXXxJpaa54DnR8NmpSi77XuDeZyR8v_4BlCbZk1NN-iz1Qo2U9wAxqadIzoRXZWyQdW3_d03o3bco6MCHINLpAwarDJaBY8Hp0cA5PS7WBCBdKSiij2DzcDrCIpcUO6LE7480z2HfDCFAQyr7OkGD0JQZDMYk3n1K5AMfNDVkVUPvCoB8Pqq8bs9YS3Wa6rGtWyGFS90PNGrXyfrxlyuKg1GK8mXBRi7w485noWGZDNM3X_sb1ZrUGh8CAvsvemZIcReIJyi9nCpypcPYj4moZXYI_RtR7l_ToqSexPV616xQambdcrXueiOY7oVsQ8eaHTyOOI2WUrTii54hh5dMQM5Pt9tQ6vvAV8EvmHncrHUA5GBut8WU6lbTtqTxrut3L9VvFFSBidp420pYWv47BB5yaW2p4Fft67-luKR398ldXJGYXbYnd1gYDdBxWVb1kVaqe1nF51RTzIxbDAmoFrP0YYtE7JT7s5IkGF_lU49LZs7VOyvINIHPc-nOlajdn52-h8q8PcBfT5mKnn6jUP2REV1nZKMiM3Xr05t5u6adXextKbA4NTadIQDxCH7iPzeS0g28NF0YlsyZj47kIzPwWu1alMwYbCzRYoUAwqwDfH8TI9tmsCLl8Sorifha_0-BhN9Rin53kheORAmlLg7m64aGXEINA-WaZGWlyKDrE0ZRW6v_e9In6REc6l0LJDeQGhc8tHWGHU2QQRIDjgoa31jX3zoBv30eEKr0yHmVXoHB80aPetFdLkU6B9oZYL2BiHScjq59V25pglKxXNv84SR6Ka-aWuoSYuD9NJQwc5wGhvT2kk1Yi2SVEFjHGMaDMs_NTS1Qkl3DTtTnAAcfMhF5vMPvwvZK7P95mTZQ5v-ZGxM_P5a2-9IAip2UlyrTqAA8ah-0fFTReXKejtYWBjutKxmtkkhtQ9jEeQyKZ33FYdgvPlZSh65FHonN1E46Yc3wxjllWI0yC2i1qLJxzMoGxNhSVppFgXFDFBBUTEqZlVE25zDCr6yEYwdNkimzSEK3SXkOK9kM-Tc6pdVA3nFMgaA6LGNjWyDwnzlPSrj5IlSPRdYUTynanfaa8uWytu9g3-q6oBeA6u4rvGv7BWVRWtYvN1lvgH3LC0QUOu6MGe5R7CAXtYQyUgaaX0f44YMbkYehyAYPFGPxn6BCzJ-vNTWroF3aELAcePpk_no1VZW2P520rcHo4hWx7erkJmE9H17Cci2WujeaecwhCEmBXkdXEfKxUwnRLnpyVOEcVw3ytlfoxN2UcSUd9ra1qILI2lThQDz3WaqQ1_lOxxT5ALKKHyaAX4cm4q3jOTOmX3gIipALDW6CyTrmjQEY62XeJ6ezbbWpQQT82lsE2MIEsayuIxkFjeucjPIbJtUIfqbTE50C9bEmHjuZsVfIBhVQK6Lf-vPphTgUpTcRHdBczYH4LZQ7RbWJNxWD_I6qGu56LV7XvUhuckW_WpDAlTq2xl4C0CtQ9otOWcEYeY9ypr92v_LXGoyno1IkjLSBRwqDhI0KZ4BzPIoFZ-mBrHNMcw0mqmaOZ78JOdgxtVIo0wKPAk-hVaMWqZ2m-y199OPBrIL_Dv8OeiMWw9sKPy3E1EoymJhoyvaUBMRPtizkic9arBo-QrlVT9F3RJMKnqsadVkkRlwvaptGzcGJs1JUfsT4YNjxsjvYGcksnXhgpcm-k6XFWjUB34kk7C3FUUtiE4FowLogIjoMFjtC65KqUr9LSE51PgKJpxixvOLlM7wLtDALjy4CXcXvkYgmqD6eyPeZa5Y3AYh9vzF0RaoRyO66muiZoUp2RPGS49m5NNr6njcLdU-v3lZrGn7OeWWTm5No2fkvWsMZYOF1VfXz7u1X4aE6nwGF95PryubL8FddkLqxjc3svuu3NgDLBFlGIcoIKVLZ8gJGjR7N_fGsL_Lrhg5cdZVXSUvmex70LRW7pDrQiNoLt2kJduDE71Yrwt3AaFZUDr1yEeLWh6W4vnLu45FU5oq9atj4EtKlzYzI--UQeDZFOI1GqCBT-vLGaIxnqSHSmNRDyPrsXNw1c8mNXj4ntlkIWHUIe_UWeYlhb8S3kPeH2BLGPU1PCBvnjNYydu75IrLxSdAp--Z7OniJrz379tl9aF2lFXU10PTtpZdObtHLpOCoBHKw2rD5nhChM_2d6aAR4HcxjVBOOGaF5wdJ4GVitvzPJvBcHthS4WFtztehbhSa_vvcXa0gGsusDrgLf262kY8H3fYrgKIZIa0EPq8DHsMYPi_i3VF42o2wAY2atUs8XgR1tBHHNG4U1tiLDe4Qrjks-yfTyor1mbiOvSeaQXRri07OzZDVc9YamoQX89KFDh36SoVlgINJQjTGnu2kYZZt-Zwc0eGfEhuScnZgrxX2bVHUs9JGobZ9wWuRccitOhbo7_mNrggADw26Nh1DRPuX3B0rJ0nBG46WWTIhJzNbiaUF1rpaYs61wNJH_deItz811C8X0S-zqIQspLkyYbuBbZzvPB2hITntXq-bxCiVzi8_X0vp264Wfx6CMBqHAUvKz1nzFmW85o6c1wZcefJado8TukHGJjwZnJEqJ36D1x3nt_7dw0cm0pnsX4Pjvr_sk4B9qRSKw~~
set-cookie
s5827=3dd7d393-d698-4379-9286-b0a694d7ce89; expires=Thu, 01-Jul-2021 09:59:57 GMT; Max-Age=604800; path=/; domain=.day-sugar-useful.com; SameSite=None; secure
cf-cache-status
DYNAMIC
cf-request-id
0adf0f583700004e56f2a66000000001
content-security-policy
upgrade-insecure-requests
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
referrer-policy
never, no-referrer
x-backend-connect-time
0.000
x-backend-response-time
0.039
x-backend-server
hydra-hydra1
x-backend-status
200
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
0
vary
Accept-Encoding
server
cloudflare
content-encoding
gzip
/
ct.pinterest.com/md/
0
198 B
XHR
General
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.c6ca189a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:57 GMT
referrer-policy
origin
x-cdn
fastly
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
x-pinterest-rid
7130119228422999
expires
Sat, 01 Jan 2000 00:00:00 GMT
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/
43 B
370 B
XHR
General
Full URL
https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=KAk96T
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.eee1e0d5709263053b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
53a85651866852f33fcaf1ee1eff6e5002e8dfe32e4dd49187007b3a7c1367ea
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
via
1.1 varnish, 1.1 varnish
age
1380047
x-cache
HIT, HIT
access-control-max-age
86400
strict-transport-security
max-age=900
content-length
43
x-served-by
cache-bos4660-BOS, cache-hhn4062-HHN
allow
GET, HEAD, OPTIONS
server
nginx
vary
Cookie
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1, 1
vendors~View.5549aaf66ccf134e4d03.js
static.klaviyo.com/onsite/js/
0
34 KB
Other
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~View.5549aaf66ccf134e4d03.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.de6253e15a0da2e5118f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PAjA3sKHoi0X..HLU1X1afXvFAKPwUYa
content-encoding
gzip
etag
"fd3b48cd7f02fd9d8fcb6703ed46fd6b"
age
42435
x-cache
HIT
fastly-restarts
1
x-amz-id-2
f01bTyy/pxvSR5ny0ZjnHooevelP337decTt91BUg9e6O8Zqj3HwGHIt/LtQRd1OTLwNudwKpNM=
x-served-by
cache-hhn4030-HHN
accept-ranges
bytes
last-modified
Wed, 23 Jun 2021 22:11:27 GMT
server
AmazonS3
date
Thu, 24 Jun 2021 09:59:57 GMT
vary
Accept-Encoding
x-amz-request-id
CAHWH236GK3QCX1M
via
1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
content-length
34870
content-type
application/x-javascript
x-cache-hits
16201
View.d64ff21e21e71bcff58b.js
static.klaviyo.com/onsite/js/
0
18 KB
Other
General
Full URL
https://static.klaviyo.com/onsite/js/View.d64ff21e21e71bcff58b.js
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.de6253e15a0da2e5118f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bi6GWjLPfxuk3tO5jxNztSXJdFu8w.3X
content-encoding
gzip
etag
"ff80206431ffd9a81be72868c2994f1b"
age
42435
x-cache
HIT
fastly-restarts
1
x-amz-id-2
IA0541WVj512JHWmoRQdRmUxlsknxIgvgOkogMcQWZkr4Z8zf88OZEgcMAferrE31p/m9BeDEbI=
x-served-by
cache-hhn4030-HHN
accept-ranges
bytes
last-modified
Wed, 23 Jun 2021 22:11:25 GMT
server
AmazonS3
date
Thu, 24 Jun 2021 09:59:57 GMT
vary
Accept-Encoding
x-amz-request-id
85DTVADF8K6M2E9V
via
1.1 varnish
cache-control
max-age=2592000, stale-while-revalidate=10800
content-length
18547
content-type
application/x-javascript
x-cache-hits
16981
full-forms
static-forms.klaviyo.com/forms/api/v4/KAk96T/
74 KB
9 KB
XHR
General
Full URL
https://static-forms.klaviyo.com/forms/api/v4/KAk96T/full-forms
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.eee1e0d5709263053b9f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31627410ec455eef2075de973db2cdeaddddd44d630236d53486783e6ed3d9b3

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
content-encoding
gzip
age
1232192
via
1.1 varnish
x-cache
HIT
client-geo-continent
EU
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
full-forms/shared full-forms/KAk96T custom-fonts/KAk96T
content-length
8312
x-amz-id-2
x97A/qrqMoL10Z02REews0COgHS/ZtXDwWM8jAi6zSaacR+ZWQ8oS2WrOY8CvezIEPiSvN04RmE=
x-served-by
cache-hhn4046-HHN
client-geo-country
FR
last-modified
Wed, 09 Jun 2021 22:02:57 GMT
server
AmazonS3
x-timer
S1624528798.947576,VS0,VE0
etag
"709368ed85f12516f4af62b6dee31a51"
vary
Accept-Encoding
x-amz-request-id
BWKY3JCH9151DGST
access-control-allow-origin
*
access-control-expose-headers
client-geo-continent, client-geo-country
cache-control
max-age=5
accept-ranges
bytes
content-type
application/json
x-cache-hits
12
video_1.m3u8
video.cvtdn.com/bcf15b01-15ef-11eb-abef-0697e5ca793e/
737 B
996 B
XHR
General
Full URL
https://video.cvtdn.com/bcf15b01-15ef-11eb-abef-0697e5ca793e/video_1.m3u8
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.14.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5f6689d12530a53d482da5e7bd406b50a318fa40bf5aa5448197de21e6f8e73a

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-guploader-uploadid
ABg5-UyyaPLptsy6NDtIC9hq5xO_959XVuJWRwB6Wef7vCWqwTYdR_X4quAlPlzIFU1XcZbW-aOK0Fn4Pbk5FAG2xI0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
737
last-modified
Sat, 24 Oct 2020 11:56:33 GMT
server
UploadServer
etag
"70c14b629f4f09fb827198c9e7977b55"
x-goog-hash
crc32c=houwEA==, md5=cMFLYp9PCfuCcZjJ55d7VQ==
x-goog-generation
1603540593995825
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
737
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 24 Jun 2021 10:59:57 GMT
video_1.m3u8
video.cvtdn.com/1367b16a-15f0-11eb-abef-0697e5ca793e/
3 KB
3 KB
XHR
General
Full URL
https://video.cvtdn.com/1367b16a-15f0-11eb-abef-0697e5ca793e/video_1.m3u8
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.14.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2695d9b3ce47e4571e4259db8d254d7ce18acf98c28e7804fe4f3a57a368e294

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:57 GMT
x-guploader-uploadid
ABg5-UwH1TiMBfYSVBQ7IduGx6MwiMtdrZ3D5gQl_sSDzNKVBcajhTlPByrbHN5VOPVMYb1iJkurVoBLjtcLoRkoYpM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
2913
last-modified
Sat, 24 Oct 2020 11:59:38 GMT
server
UploadServer
etag
"39198c09e1fb307e6b8801b1d1a7eeb9"
x-goog-hash
crc32c=P/uBtg==, md5=ORmMCeH7MH5riAGx0afuuQ==
x-goog-generation
1603540778431589
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
2913
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 24 Jun 2021 10:59:57 GMT
video_1.m3u8
video.cvtdn.com/69b382d3-15ef-11eb-abef-0697e5ca793e/
1 KB
1 KB
XHR
General
Full URL
https://video.cvtdn.com/69b382d3-15ef-11eb-abef-0697e5ca793e/video_1.m3u8
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.14.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7e899db027e8ad6dd9430428072c60bf2ca69c2833adcbff1bf598385b78c497

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:58 GMT
x-guploader-uploadid
ABg5-Uz3RGISD2Qc6aGtifffFF6MWneusawp5khCgDex6j8A6W8OtNX2ZoEFroAFnC9Wgug2eHkAUMQKOGl_gDk3m54HX_sl2A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
1169
last-modified
Sat, 24 Oct 2020 11:54:05 GMT
server
UploadServer
etag
"34c89330027e28dc5693ed61eb22f06a"
x-goog-hash
crc32c=kZK4jQ==, md5=NMiTMAJ+KNxWk+1h6yLwag==
x-goog-generation
1603540445490216
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
1169
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 24 Jun 2021 10:59:58 GMT
video_1.m3u8
video.cvtdn.com/7bb14e9b-15ed-11eb-abef-0697e5ca793e/
3 KB
3 KB
XHR
General
Full URL
https://video.cvtdn.com/7bb14e9b-15ed-11eb-abef-0697e5ca793e/video_1.m3u8
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.14.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
809ddc5981ee90efb37c4a73aecffa4408233d5f831b3164e2b203c8ef276a0e

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:58 GMT
x-guploader-uploadid
ABg5-UxErv9JGzpRdQ1mx-y4RXn73xiJOjbUJ_tee2mUyZ527A83vnx4wBZGwWo6U1M1GW6qzMPiWWK8WAmivy-UrIw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
3131
last-modified
Sat, 24 Oct 2020 11:41:06 GMT
server
UploadServer
etag
"ff25562eb96c7e0f075f633df8dc8922"
x-goog-hash
crc32c=NJJl8g==, md5=/yVWLrlsfg8HX2M9+NyJIg==
x-goog-generation
1603539666004478
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
3131
accept-ranges
bytes
content-type
application/octet-stream
expires
Thu, 24 Jun 2021 10:59:58 GMT
1KUr6oKcAA_nTZyrqW4DheOTW8u4iHtc151O54BWv0ADcvkQ5HrDkJ5L-Qp_qJmRHDfPJAA6BR-x_VfIJETcz5k0nKR4pXmQCBimLpBNx4U_Q3M0EqiST_nyolFS9sxos2h-X06G0LaT7dBxNY3B6UZ5ie0oZG3XHy-9kyhC3F5Je_mTE5n16FLhi-2dpidFoqvOc...
users.good-watch-candle.com/ Frame 6331
541 B
1 KB
Document
General
Full URL
https://users.good-watch-candle.com/1KUr6oKcAA_nTZyrqW4DheOTW8u4iHtc151O54BWv0ADcvkQ5HrDkJ5L-Qp_qJmRHDfPJAA6BR-x_VfIJETcz5k0nKR4pXmQCBimLpBNx4U_Q3M0EqiST_nyolFS9sxos2h-X06G0LaT7dBxNY3B6UZ5ie0oZG3XHy-9kyhC3F5Je_mTE5n16FLhi-2dpidFoqvOcmwih3S416_E1bOUEVzcVpZekgb40hat0BAPaQQBCc0JU0o0-liFZ47_NzDRqq9vHkQP9Wv3I7R-voEHkmRAX02uPwFfNjd9jdYT4ACYO6ds6Q5LmSxWDMAxxlbUJIAl3O6040QfJQ1JwJ8VYpWu8w3RVjjlQjIzdlGMgz08JnFb4QksXXX8jRM6BaMUtppHkwCNZC3j1bFvUhb-Zltar5vZiaQ432Z12M9zQ6jn4HUuWoHdA3zfbbuZ2l0YDTo8tKTpnKkv3zRC051nb9hix43XbTIkDPhxsLpYF_XMgzjpCoHmvg7_52bvIA_1VQoam-GQhN1TIdM4VZrTpwguVBpMQsbtUu7_c0pQo4o-bNvlRHxTRic6QUa7Qm429cGjCJF9OXZJSJseMsVhUsw0CqNtNzRZwI4H5TKxMREr7pwNM-m1tcb0JvBBNgWFOkDIQkSY4u5APRwkJJr_ZSP2gysz860Bz9jjEOMFzTS_jr-goFt1xBdrRrR_WcYoXF4XJjQ3PmdE0PrEcNYja-io5OUhiXXxJpaa54DnR8NmpSi77XuDeZyR8v_4BlCbZk1NN-iz1Qo2U9wAxqadIzoRXZWyQdW3_d03o3bco6MCHINLpAwarDJaBY8Hp0cA5PS7WBCBdKSiij2DzcDrCIpcUO6LE7480z2HfDCFAQyr7OkGD0JQZDMYk3n1K5AMfNDVkVUPvCoB8Pqq8bs9YS3Wa6rGtWyGFS90PNGrXyfrxlyuKg1GK8mXBRi7w485noWGZDNM3X_sb1ZrUGh8CAvsvemZIcReIJyi9nCpypcPYj4moZXYI_RtR7l_ToqSexPV616xQambdcrXueiOY7oVsQ8eaHTyOOI2WUrTii54hh5dMQM5Pt9tQ6vvAV8EvmHncrHUA5GBut8WU6lbTtqTxrut3L9VvFFSBidp420pYWv47BB5yaW2p4Fft67-luKR398ldXJGYXbYnd1gYDdBxWVb1kVaqe1nF51RTzIxbDAmoFrP0YYtE7JT7s5IkGF_lU49LZs7VOyvINIHPc-nOlajdn52-h8q8PcBfT5mKnn6jUP2REV1nZKMiM3Xr05t5u6adXextKbA4NTadIQDxCH7iPzeS0g28NF0YlsyZj47kIzPwWu1alMwYbCzRYoUAwqwDfH8TI9tmsCLl8Sorifha_0-BhN9Rin53kheORAmlLg7m64aGXEINA-WaZGWlyKDrE0ZRW6v_e9In6REc6l0LJDeQGhc8tHWGHU2QQRIDjgoa31jX3zoBv30eEKr0yHmVXoHB80aPetFdLkU6B9oZYL2BiHScjq59V25pglKxXNv84SR6Ka-aWuoSYuD9NJQwc5wGhvT2kk1Yi2SVEFjHGMaDMs_NTS1Qkl3DTtTnAAcfMhF5vMPvwvZK7P95mTZQ5v-ZGxM_P5a2-9IAip2UlyrTqAA8ah-0fFTReXKejtYWBjutKxmtkkhtQ9jEeQyKZ33FYdgvPlZSh65FHonN1E46Yc3wxjllWI0yC2i1qLJxzMoGxNhSVppFgXFDFBBUTEqZlVE25zDCr6yEYwdNkimzSEK3SXkOK9kM-Tc6pdVA3nFMgaA6LGNjWyDwnzlPSrj5IlSPRdYUTynanfaa8uWytu9g3-q6oBeA6u4rvGv7BWVRWtYvN1lvgH3LC0QUOu6MGe5R7CAXtYQyUgaaX0f44YMbkYehyAYPFGPxn6BCzJ-vNTWroF3aELAcePpk_no1VZW2P520rcHo4hWx7erkJmE9H17Cci2WujeaecwhCEmBXkdXEfKxUwnRLnpyVOEcVw3ytlfoxN2UcSUd9ra1qILI2lThQDz3WaqQ1_lOxxT5ALKKHyaAX4cm4q3jOTOmX3gIipALDW6CyTrmjQEY62XeJ6ezbbWpQQT82lsE2MIEsayuIxkFjeucjPIbJtUIfqbTE50C9bEmHjuZsVfIBhVQK6Lf-vPphTgUpTcRHdBczYH4LZQ7RbWJNxWD_I6qGu56LV7XvUhuckW_WpDAlTq2xl4C0CtQ9otOWcEYeY9ypr92v_LXGoyno1IkjLSBRwqDhI0KZ4BzPIoFZ-mBrHNMcw0mqmaOZ78JOdgxtVIo0wKPAk-hVaMWqZ2m-y199OPBrIL_Dv8OeiMWw9sKPy3E1EoymJhoyvaUBMRPtizkic9arBo-QrlVT9F3RJMKnqsadVkkRlwvaptGzcGJs1JUfsT4YNjxsjvYGcksnXhgpcm-k6XFWjUB34kk7C3FUUtiE4FowLogIjoMFjtC65KqUr9LSE51PgKJpxixvOLlM7wLtDALjy4CXcXvkYgmqD6eyPeZa5Y3AYh9vzF0RaoRyO66muiZoUp2RPGS49m5NNr6njcLdU-v3lZrGn7OeWWTm5No2fkvWsMZYOF1VfXz7u1X4aE6nwGF95PryubL8FddkLqxjc3svuu3NgDLBFlGIcoIKVLZ8gJGjR7N_fGsL_Lrhg5cdZVXSUvmex70LRW7pDrQiNoLt2kJduDE71Yrwt3AaFZUDr1yEeLWh6W4vnLu45FU5oq9atj4EtKlzYzI--UQeDZFOI1GqCBT-vLGaIxnqSHSmNRDyPrsXNw1c8mNXj4ntlkIWHUIe_UWeYlhb8S3kPeH2BLGPU1PCBvnjNYydu75IrLxSdAp--Z7OniJrz379tl9aF2lFXU10PTtpZdObtHLpOCoBHKw2rD5nhChM_2d6aAR4HcxjVBOOGaF5wdJ4GVitvzPJvBcHthS4WFtztehbhSa_vvcXa0gGsusDrgLf262kY8H3fYrgKIZIa0EPq8DHsMYPi_i3VF42o2wAY2atUs8XgR1tBHHNG4U1tiLDe4Qrjks-yfTyor1mbiOvSeaQXRri07OzZDVc9YamoQX89KFDh36SoVlgINJQjTGnu2kYZZt-Zwc0eGfEhuScnZgrxX2bVHUs9JGobZ9wWuRccitOhbo7_mNrggADw26Nh1DRPuX3B0rJ0nBG46WWTIhJzNbiaUF1rpaYs61wNJH_deItz811C8X0S-zqIQspLkyYbuBbZzvPB2hITntXq-bxCiVzi8_X0vp264Wfx6CMBqHAUvKz1nzFmW85o6c1wZcefJado8TukHGJjwZnJEqJ36D1x3nt_7dw0cm0pnsX4Pjvr_sk4B9qRSKw~~
Requested by
Host: users.day-sugar-useful.com
URL: https://users.day-sugar-useful.com/dNNwk0TitPMBc2ayqxrdBlDS86PbYC8DpaKcEB3VTmCFE54m5kxwILtxH-efcNUuCRErSMJN_vGFIHsF_rmJxzbttz0ESCT_UgR9--2ID2Q~?stm=1624528797718&e=pv&url=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&page=Engagement&refr=http%3A%2F%2Fprofessionmedia.com%2F&tv=js-3.2.1&tna=3dd7d393-d698-4379-9286-b0a694d7ce89&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=f75164e6-0319-435b-ade6-32908a9f7e3e&dtm=1624528797711&vp=1600x1200&ds=1600x7124&vid=1&sid=6c735d5d-dbeb-4549-bf98-ead8baa60394&duid=3dd7d393-d698-4379-9286-b0a694d7ce89&fp=1072425006&jb=Engagement&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaHR0cHM6Ly9zY2hlbWFzLm1heGVwdi5jb20vSnVtYmxlYmVycnkvc25vd3Bsb3ctc2NoZW1hcy9tYXN0ZXIvZW5nYWdlbWVudC9qc29uc2NoZW1hLzEtMC0wLmpzb24iLCJkYXRhIjp7ImhpZF9wYXJhbSI6ImNsaWNrX2lkIn19LHsic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiJmZGIxNzJjMS1hM2MyLTQ4ZWMtYWRiZi0yZTBkYmI1ZTlkMWIifX0seyJzY2hlbWEiOiJpZ2x1Om9yZy53My9QZXJmb3JtYW5jZVRpbWluZy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJuYXZpZ2F0aW9uU3RhcnQiOjE2MjQ1Mjg3OTcxMzksInVubG9hZEV2ZW50U3RhcnQiOjAsInVubG9hZEV2ZW50RW5kIjowLCJyZWRpcmVjdFN0YXJ0IjoxNjI0NTI4Nzk3MTM5LCJyZWRpcmVjdEVuZCI6MTYyNDUyODc5NzIzMywiZmV0Y2hTdGFydCI6MTYyNDUyODc5NzIzMywiZG9tYWluTG9va3VwU3RhcnQiOjE2MjQ1Mjg3OTcyMzMsImRvbWFpbkxvb2t1cEVuZCI6MTYyNDUyODc5NzIzMywiY29ubmVjdFN0YXJ0IjoxNjI0NTI4Nzk3MjMzLCJjb25uZWN0RW5kIjoxNjI0NTI4Nzk3MjMzLCJzZWN1cmVDb25uZWN0aW9uU3RhcnQiOjAsInJlcXVlc3RTdGFydCI6MTYyNDUyODc5NzIzMywicmVzcG9uc2VTdGFydCI6MTYyNDUyODc5NzI2MiwicmVzcG9uc2VFbmQiOjE2MjQ1Mjg3OTczMjAsImRvbUxvYWRpbmciOjE2MjQ1Mjg3OTcyNjUsImRvbUludGVyYWN0aXZlIjoxNjI0NTI4Nzk3NDE1LCJkb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCI6MTYyNDUyODc5NzQ3NSwiZG9tQ29udGVudExvYWRlZEV2ZW50RW5kIjoxNjI0NTI4Nzk3NDc1LCJkb21Db21wbGV0ZSI6MCwibG9hZEV2ZW50U3RhcnQiOjAsImxvYWRFdmVudEVuZCI6MH19XX0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8d0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b47aa78422dc2360ea6ff32eaf1744ce40eca791e024cbb0893570113eacf779
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
users.good-watch-candle.com
:scheme
https
:path
/1KUr6oKcAA_nTZyrqW4DheOTW8u4iHtc151O54BWv0ADcvkQ5HrDkJ5L-Qp_qJmRHDfPJAA6BR-x_VfIJETcz5k0nKR4pXmQCBimLpBNx4U_Q3M0EqiST_nyolFS9sxos2h-X06G0LaT7dBxNY3B6UZ5ie0oZG3XHy-9kyhC3F5Je_mTE5n16FLhi-2dpidFoqvOcmwih3S416_E1bOUEVzcVpZekgb40hat0BAPaQQBCc0JU0o0-liFZ47_NzDRqq9vHkQP9Wv3I7R-voEHkmRAX02uPwFfNjd9jdYT4ACYO6ds6Q5LmSxWDMAxxlbUJIAl3O6040QfJQ1JwJ8VYpWu8w3RVjjlQjIzdlGMgz08JnFb4QksXXX8jRM6BaMUtppHkwCNZC3j1bFvUhb-Zltar5vZiaQ432Z12M9zQ6jn4HUuWoHdA3zfbbuZ2l0YDTo8tKTpnKkv3zRC051nb9hix43XbTIkDPhxsLpYF_XMgzjpCoHmvg7_52bvIA_1VQoam-GQhN1TIdM4VZrTpwguVBpMQsbtUu7_c0pQo4o-bNvlRHxTRic6QUa7Qm429cGjCJF9OXZJSJseMsVhUsw0CqNtNzRZwI4H5TKxMREr7pwNM-m1tcb0JvBBNgWFOkDIQkSY4u5APRwkJJr_ZSP2gysz860Bz9jjEOMFzTS_jr-goFt1xBdrRrR_WcYoXF4XJjQ3PmdE0PrEcNYja-io5OUhiXXxJpaa54DnR8NmpSi77XuDeZyR8v_4BlCbZk1NN-iz1Qo2U9wAxqadIzoRXZWyQdW3_d03o3bco6MCHINLpAwarDJaBY8Hp0cA5PS7WBCBdKSiij2DzcDrCIpcUO6LE7480z2HfDCFAQyr7OkGD0JQZDMYk3n1K5AMfNDVkVUPvCoB8Pqq8bs9YS3Wa6rGtWyGFS90PNGrXyfrxlyuKg1GK8mXBRi7w485noWGZDNM3X_sb1ZrUGh8CAvsvemZIcReIJyi9nCpypcPYj4moZXYI_RtR7l_ToqSexPV616xQambdcrXueiOY7oVsQ8eaHTyOOI2WUrTii54hh5dMQM5Pt9tQ6vvAV8EvmHncrHUA5GBut8WU6lbTtqTxrut3L9VvFFSBidp420pYWv47BB5yaW2p4Fft67-luKR398ldXJGYXbYnd1gYDdBxWVb1kVaqe1nF51RTzIxbDAmoFrP0YYtE7JT7s5IkGF_lU49LZs7VOyvINIHPc-nOlajdn52-h8q8PcBfT5mKnn6jUP2REV1nZKMiM3Xr05t5u6adXextKbA4NTadIQDxCH7iPzeS0g28NF0YlsyZj47kIzPwWu1alMwYbCzRYoUAwqwDfH8TI9tmsCLl8Sorifha_0-BhN9Rin53kheORAmlLg7m64aGXEINA-WaZGWlyKDrE0ZRW6v_e9In6REc6l0LJDeQGhc8tHWGHU2QQRIDjgoa31jX3zoBv30eEKr0yHmVXoHB80aPetFdLkU6B9oZYL2BiHScjq59V25pglKxXNv84SR6Ka-aWuoSYuD9NJQwc5wGhvT2kk1Yi2SVEFjHGMaDMs_NTS1Qkl3DTtTnAAcfMhF5vMPvwvZK7P95mTZQ5v-ZGxM_P5a2-9IAip2UlyrTqAA8ah-0fFTReXKejtYWBjutKxmtkkhtQ9jEeQyKZ33FYdgvPlZSh65FHonN1E46Yc3wxjllWI0yC2i1qLJxzMoGxNhSVppFgXFDFBBUTEqZlVE25zDCr6yEYwdNkimzSEK3SXkOK9kM-Tc6pdVA3nFMgaA6LGNjWyDwnzlPSrj5IlSPRdYUTynanfaa8uWytu9g3-q6oBeA6u4rvGv7BWVRWtYvN1lvgH3LC0QUOu6MGe5R7CAXtYQyUgaaX0f44YMbkYehyAYPFGPxn6BCzJ-vNTWroF3aELAcePpk_no1VZW2P520rcHo4hWx7erkJmE9H17Cci2WujeaecwhCEmBXkdXEfKxUwnRLnpyVOEcVw3ytlfoxN2UcSUd9ra1qILI2lThQDz3WaqQ1_lOxxT5ALKKHyaAX4cm4q3jOTOmX3gIipALDW6CyTrmjQEY62XeJ6ezbbWpQQT82lsE2MIEsayuIxkFjeucjPIbJtUIfqbTE50C9bEmHjuZsVfIBhVQK6Lf-vPphTgUpTcRHdBczYH4LZQ7RbWJNxWD_I6qGu56LV7XvUhuckW_WpDAlTq2xl4C0CtQ9otOWcEYeY9ypr92v_LXGoyno1IkjLSBRwqDhI0KZ4BzPIoFZ-mBrHNMcw0mqmaOZ78JOdgxtVIo0wKPAk-hVaMWqZ2m-y199OPBrIL_Dv8OeiMWw9sKPy3E1EoymJhoyvaUBMRPtizkic9arBo-QrlVT9F3RJMKnqsadVkkRlwvaptGzcGJs1JUfsT4YNjxsjvYGcksnXhgpcm-k6XFWjUB34kk7C3FUUtiE4FowLogIjoMFjtC65KqUr9LSE51PgKJpxixvOLlM7wLtDALjy4CXcXvkYgmqD6eyPeZa5Y3AYh9vzF0RaoRyO66muiZoUp2RPGS49m5NNr6njcLdU-v3lZrGn7OeWWTm5No2fkvWsMZYOF1VfXz7u1X4aE6nwGF95PryubL8FddkLqxjc3svuu3NgDLBFlGIcoIKVLZ8gJGjR7N_fGsL_Lrhg5cdZVXSUvmex70LRW7pDrQiNoLt2kJduDE71Yrwt3AaFZUDr1yEeLWh6W4vnLu45FU5oq9atj4EtKlzYzI--UQeDZFOI1GqCBT-vLGaIxnqSHSmNRDyPrsXNw1c8mNXj4ntlkIWHUIe_UWeYlhb8S3kPeH2BLGPU1PCBvnjNYydu75IrLxSdAp--Z7OniJrz379tl9aF2lFXU10PTtpZdObtHLpOCoBHKw2rD5nhChM_2d6aAR4HcxjVBOOGaF5wdJ4GVitvzPJvBcHthS4WFtztehbhSa_vvcXa0gGsusDrgLf262kY8H3fYrgKIZIa0EPq8DHsMYPi_i3VF42o2wAY2atUs8XgR1tBHHNG4U1tiLDe4Qrjks-yfTyor1mbiOvSeaQXRri07OzZDVc9YamoQX89KFDh36SoVlgINJQjTGnu2kYZZt-Zwc0eGfEhuScnZgrxX2bVHUs9JGobZ9wWuRccitOhbo7_mNrggADw26Nh1DRPuX3B0rJ0nBG46WWTIhJzNbiaUF1rpaYs61wNJH_deItz811C8X0S-zqIQspLkyYbuBbZzvPB2hITntXq-bxCiVzi8_X0vp264Wfx6CMBqHAUvKz1nzFmW85o6c1wZcefJado8TukHGJjwZnJEqJ36D1x3nt_7dw0cm0pnsX4Pjvr_sk4B9qRSKw~~
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:58 GMT
content-type
text/html; charset=utf-8
cf-ray
66451b3bee3f1f29-FRA
cache-control
no-cache
expires
Thu, 01 Jan 1970 00:00:01 GMT
set-cookie
s5827=3dd7d393-d698-4379-9286-b0a694d7ce89; expires=Thu, 01-Jul-2021 09:59:58 GMT; Max-Age=604800; path=/; domain=.good-watch-candle.com; SameSite=None; secure
cf-cache-status
DYNAMIC
cf-request-id
0adf0f597300001f29d71c2000000001
content-security-policy
upgrade-insecure-requests
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
referrer-policy
never, no-referrer
x-backend-connect-time
0.000
x-backend-response-time
0.099
x-backend-server
hydra-hydra1
x-backend-status
200
x-content-type-options
nosniff
x-event-accepted
true
x-robots-tag
none
x-xss-protection
0
vary
Accept-Encoding
server
cloudflare
content-encoding
gzip
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1932379350399629&ev=Microdata&dl=https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%3Futm_source%3Djumbleberry%26utm_medium%3D384101%26utm_campaign%3DJB-New%26click_id%3DWiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%252F%252F9f2ffa958420d945b4dcc0a2eb151874%252F&rl=http%3A%2F%2Fprofessionmedia.com%2F&if=false&ts=1624528798126&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Herbaly%20Tea%20-%20Control%20Your%20Blood%20Sugar%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fstart.herbaly.com%2Fen%2Ftea%2Fwellness-collection%2Fpre%2Fa21v02%2F%22%2C%22og%3Atitle%22%3A%22Herbaly%20Tea%20-%20Control%20Your%20Blood%20Sugar%22%2C%22og%3Adescription%22%3A%22%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.5&r=c2&ec=1&o=30&fbp=fb.1.1624528797623.1671822783&it=1624528797539&coo=false&es=automatic&rqm=GET
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 24 Jun 2021 09:59:58 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 24 Jun 2021 09:59:58 GMT
segment-0.ts
f002.backblazeb2.com/file/convertri-video-prod/bcf15b01-15ef-11eb-abef-0697e5ca793e/video_1/
Redirect Chain
  • https://chunks.convertri.com/chunk/bcf15b01-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
  • https://f002.backblazeb2.com/file/convertri-video-prod/bcf15b01-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
202 KB
202 KB
XHR
General
Full URL
https://f002.backblazeb2.com/file/convertri-video-prod/bcf15b01-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.190.215.16 , United States, ASN32354 (UNWIRED, US),
Reverse DNS
Software
/
Resource Hash
aa7712f27c6a449e061a10d44bd31df22458af891565fa483cc02c1c949d54b4

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 09:59:59 GMT
X-Bz-Upload-Timestamp
1603540578000
x-bz-file-id
4_z85a1b81794c383fb65ce0d1a_f1177b574b763d892_d20201024_m115618_c002_v0001143_t0034
x-bz-content-sha1
b1c591380d240b236cdb9fbee9f386a4abf81580
Content-Type
text/plain
access-control-allow-origin
null
x-bz-file-name
bcf15b01-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
Connection
keep-alive
Accept-Ranges
bytes
vary
origin, access-control-request-method, access-control-request-headers
Content-Length
206612
Keep-Alive
timeout=5

Redirect headers

Date
Thu, 24 Jun 2021 09:59:58 GMT
Server
Apache/2.4.29 (Ubuntu)
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://f002.backblazeb2.com/file/convertri-video-prod/bcf15b01-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Cache-Control
no-cache, private
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
05e1a7c2-9b95-4c97-bdcb-5e4d500d15d0
https://start.herbaly.com/
63 KB
0
Other
General
Full URL
blob:https://start.herbaly.com/05e1a7c2-9b95-4c97-bdcb-5e4d500d15d0
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5eb5805b34e0093bef8f4d7f6393b91f9c96e33188a8d12ef3d2c16534c1fcd1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
64476
Content-Type
text/javascript
segment-0.ts
f002.backblazeb2.com/file/convertri-video-prod/1367b16a-15f0-11eb-abef-0697e5ca793e/video_1/
Redirect Chain
  • https://chunks.convertri.com/chunk/1367b16a-15f0-11eb-abef-0697e5ca793e/video_1/segment-0.ts
  • https://f002.backblazeb2.com/file/convertri-video-prod/1367b16a-15f0-11eb-abef-0697e5ca793e/video_1/segment-0.ts
242 KB
242 KB
XHR
General
Full URL
https://f002.backblazeb2.com/file/convertri-video-prod/1367b16a-15f0-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.190.215.16 , United States, ASN32354 (UNWIRED, US),
Reverse DNS
Software
/
Resource Hash
af30e828275e40572e937d171644cc84e8adcb5b180fc8f520ac14f3eaa22f6d

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 09:59:58 GMT
X-Bz-Upload-Timestamp
1603540692000
x-bz-file-id
4_z85a1b81794c383fb65ce0d1a_f107fb3ea87c9dde7_d20201024_m115812_c002_v0001143_t0018
x-bz-content-sha1
0fd41c3f1594a3c11930daf9aeae2498d67a6c3a
Content-Type
text/plain
access-control-allow-origin
null
x-bz-file-name
1367b16a-15f0-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
Connection
keep-alive
Accept-Ranges
bytes
vary
origin, access-control-request-method, access-control-request-headers
Content-Length
247408
Keep-Alive
timeout=5

Redirect headers

Date
Thu, 24 Jun 2021 09:59:58 GMT
Server
Apache/2.4.29 (Ubuntu)
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://f002.backblazeb2.com/file/convertri-video-prod/1367b16a-15f0-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Cache-Control
no-cache, private
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
d9895a4a-573b-4c32-809d-c02c36a1c4a8
https://start.herbaly.com/
63 KB
0
Other
General
Full URL
blob:https://start.herbaly.com/d9895a4a-573b-4c32-809d-c02c36a1c4a8
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5eb5805b34e0093bef8f4d7f6393b91f9c96e33188a8d12ef3d2c16534c1fcd1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
64476
Content-Type
text/javascript
segment-0.ts
f002.backblazeb2.com/file/convertri-video-prod/69b382d3-15ef-11eb-abef-0697e5ca793e/video_1/
Redirect Chain
  • https://chunks.convertri.com/chunk/69b382d3-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
  • https://f002.backblazeb2.com/file/convertri-video-prod/69b382d3-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
559 KB
560 KB
XHR
General
Full URL
https://f002.backblazeb2.com/file/convertri-video-prod/69b382d3-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.190.215.16 , United States, ASN32354 (UNWIRED, US),
Reverse DNS
Software
/
Resource Hash
1d906e8e16b4310c4d118d7a3e7541fded2fe48b7d5da1f6e4ec9cd6f17bc0e9

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 09:59:58 GMT
X-Bz-Upload-Timestamp
1603540411000
x-bz-file-id
4_z85a1b81794c383fb65ce0d1a_f117d383c7031987a_d20201024_m115331_c002_v0001133_t0014
x-bz-content-sha1
ebcec2857d9240e6d7c9bf06d07a2a047bb8f07d
Content-Type
text/plain
access-control-allow-origin
null
x-bz-file-name
69b382d3-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
Connection
keep-alive
Accept-Ranges
bytes
vary
origin, access-control-request-method, access-control-request-headers
Content-Length
572648
Keep-Alive
timeout=5

Redirect headers

Date
Thu, 24 Jun 2021 09:59:58 GMT
Server
Apache/2.4.29 (Ubuntu)
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://f002.backblazeb2.com/file/convertri-video-prod/69b382d3-15ef-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Cache-Control
no-cache, private
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
8b44d9ba-16f7-4b15-82b2-b884df14bafd
https://start.herbaly.com/
63 KB
0
Other
General
Full URL
blob:https://start.herbaly.com/8b44d9ba-16f7-4b15-82b2-b884df14bafd
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5eb5805b34e0093bef8f4d7f6393b91f9c96e33188a8d12ef3d2c16534c1fcd1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
64476
Content-Type
text/javascript
segment-0.ts
f002.backblazeb2.com/file/convertri-video-prod/7bb14e9b-15ed-11eb-abef-0697e5ca793e/video_1/
Redirect Chain
  • https://chunks.convertri.com/chunk/7bb14e9b-15ed-11eb-abef-0697e5ca793e/video_1/segment-0.ts
  • https://f002.backblazeb2.com/file/convertri-video-prod/7bb14e9b-15ed-11eb-abef-0697e5ca793e/video_1/segment-0.ts
542 KB
542 KB
XHR
General
Full URL
https://f002.backblazeb2.com/file/convertri-video-prod/7bb14e9b-15ed-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.190.215.16 , United States, ASN32354 (UNWIRED, US),
Reverse DNS
Software
/
Resource Hash
eb12f772c941d81bc8c97aae5bb2ab6853b384f7c63edde5b25ba8c2bf587562

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 24 Jun 2021 09:59:58 GMT
X-Bz-Upload-Timestamp
1603539589000
x-bz-file-id
4_z85a1b81794c383fb65ce0d1a_f111d36d48b9e54d6_d20201024_m113949_c002_v0001135_t0028
x-bz-content-sha1
7a694e410a9b03cf4bff3e9b0936bb37f86149cb
Content-Type
text/plain
access-control-allow-origin
null
x-bz-file-name
7bb14e9b-15ed-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
Connection
keep-alive
Accept-Ranges
bytes
vary
origin, access-control-request-method, access-control-request-headers
Content-Length
554600
Keep-Alive
timeout=5

Redirect headers

Date
Thu, 24 Jun 2021 09:59:58 GMT
Server
Apache/2.4.29 (Ubuntu)
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
https://f002.backblazeb2.com/file/convertri-video-prod/7bb14e9b-15ed-11eb-abef-0697e5ca793e/video_1/segment-0.ts
Cache-Control
no-cache, private
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
af04fade-8c3f-43b4-9b3c-49859997ca73
https://start.herbaly.com/
63 KB
0
Other
General
Full URL
blob:https://start.herbaly.com/af04fade-8c3f-43b4-9b3c-49859997ca73
Requested by
Host: start.herbaly.com
URL: https://start.herbaly.com/en/tea/wellness-collection/pre/a21v02/?utm_source=jumbleberry&utm_medium=384101&utm_campaign=JB-New&click_id=WiG7XTX-Nao_qRY_ptpMs4oINTcKIkIPwh1hKAbzKmIMklsgxkJmpYmDdXBqb3oG%2F%2F9f2ffa958420d945b4dcc0a2eb151874%2F
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5eb5805b34e0093bef8f4d7f6393b91f9c96e33188a8d12ef3d2c16534c1fcd1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
64476
Content-Type
text/javascript
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-M5XXR2Z&cv=22&t=ol&g=61&p=gtm&l=284&q=262&f=43&e=8&i=41&d=107&c=5&hc=0&sr=0.050000&ps=0.04910028174538983&cb=202362322
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.herbaly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Jun 2021 09:59:58 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.traversedlp.com
URL
https://api.traversedlp.com/retargeting/v1/cookie

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| documentClassList object| CONVERTRI_CONSTANTS object| convertriParameters object| ConvertriScriptConsent object| dataLayer string| _cvt_gsi function| needsJQuery function| convertriLoadDeferredStyles function| raf function| ViewportResizer function| visibilityChanged object| MobileDetector function| yall function| uniqueSelector object| QueryArgBag object| UrlUtils function| managePrestoVideosPlayback function| applyIePrestoFix function| isIeOrEdge function| applyIeCoverTweak function| resizeContainer function| resizeIeVideo function| throttle function| stickySelector function| Cookies object| match function| Hls string| url function| jumbleberry object| google_tag_manager object| google_tag_data function| hj object| _hjSettings string| GoogleAnalyticsObject function| ga object| uetq function| fbq function| _fbq function| pintrk function| obApi undefined| pvc function| CheckoutValidationErrorRenderer function| convertriCheckoutApiFactory function| convertriFormApiFactory function| convertriCheckoutFormApiFactory function| convertriCheckoutFormValidatorFactory function| jQueryToPromise function| orderDataFactory function| PaypalBasePaymentButton function| PaypalException function| PaypalOneTimePaymentButtonConfigFactory function| PaypalOneTimePaymentButton function| convertToPaypalOrder function| PaypalButtonConfigFactory function| PaypalSubscriptionButtonConfigFactory function| PaypalSubscriptionButton function| ShippingZonesHelper function| StripeElements function| CheckoutModalCustomValidatorFactory object| ConvertriCheckoutCurrencies object| ConvertriCheckoutEvents object| ConvertriCheckoutModalEvents object| ConvertriProductSelectionModalEvents function| ConvertriAnalytics object| CheckoutCoupons object| ConvertriAbandonedCartHandler object| ConvertriCheckoutController object| BlankFormValidator object| CheckoutHelpers object| PromiseHelpers object| ConvertriCheckoutPaymentDetailsForm object| ConvertriCheckoutModal object| ConvertriPreCheckoutProductSelection object| ConvertriCheckoutModalRenderer object| GlobalSnowplowNamespace function| ConvertriAnalyticsSnowplow object| doT function| ES6Promise function| $ function| jQuery object| Snowplow function| getPresentCoupon function| handleCheckoutResponse object| jQuery11220007639378740276204 object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_optimize object| _learnq string| __klKey object| klaviyoOnsiteJSONP object| jumbleberryCache object| jumbleberryParams string| previousCookieDomain string| domainHash object| idCookieComponents object| SENTRY_RELEASE object| core object| regeneratorRuntime

20 Cookies

Domain/Path Name / Value
.good-watch-candle.com/ Name: s5827
Value: 3dd7d393-d698-4379-9286-b0a694d7ce89
start.herbaly.com/ Name: outbrain_cid_fetch
Value: true
.herbaly.com/ Name: _hjid
Value: 76959d2b-7db8-4fc1-a7ff-db92547244f0
start.herbaly.com/ Name: __kla_id
Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2MjQ1Mjg3OTgsInZhbHVlIjoiaHR0cDovL3Byb2Zlc3Npb25tZWRpYS5jb20vIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vc3RhcnQuaGVyYmFseS5jb20vZW4vdGVhL3dlbGxuZXNzLWNvbGxlY3Rpb24vcHJlL2EyMXYwMi8/dXRtX3NvdXJjZT1qdW1ibGViZXJyeSZ1dG1fbWVkaXVtPTM4NDEwMSZ1dG1fY2FtcGFpZ249SkItTmV3JmNsaWNrX2lkPVdpRzdYVFgtTmFvX3FSWV9wdHBNczRvSU5UY0tJa0lQd2gxaEtBYnpLbUlNa2xzZ3hrSm1wWW1EZFhCcWIzb0clMkYlMkY5ZjJmZmE5NTg0MjBkOTQ1YjRkY2MwYTJlYjE1MTg3NCUyRiJ9LCIkbGFzdF9yZWZlcnJlciI6eyJ0cyI6MTYyNDUyODc5OCwidmFsdWUiOiJodHRwOi8vcHJvZmVzc2lvbm1lZGlhLmNvbS8iLCJmaXJzdF9wYWdlIjoiaHR0cHM6Ly9zdGFydC5oZXJiYWx5LmNvbS9lbi90ZWEvd2VsbG5lc3MtY29sbGVjdGlvbi9wcmUvYTIxdjAyLz91dG1fc291cmNlPWp1bWJsZWJlcnJ5JnV0bV9tZWRpdW09Mzg0MTAxJnV0bV9jYW1wYWlnbj1KQi1OZXcmY2xpY2tfaWQ9V2lHN1hUWC1OYW9fcVJZX3B0cE1zNG9JTlRjS0lrSVB3aDFoS0FiekttSU1rbHNneGtKbXBZbURkWEJxYjNvRyUyRiUyRjlmMmZmYTk1ODQyMGQ5NDViNGRjYzBhMmViMTUxODc0JTJGIn19
.start.herbaly.com/ Name: _pin_unauth
Value: dWlkPU9XRXhOakZoTTJJdE16UTROeTAwTXpFeUxXRTJNRGd0TXpBeE5HWTBNakl5T1RZMQ
.herbaly.com/ Name: dNNwk0TitPMBc2ayqxrdBpi
Value: 3dd7d393-d698-4379-9286-b0a694d7ce89
.herbaly.com/ Name: dNNwk0TitPMBc2ayqxrdBid
Value: 3dd7d393-d698-4379-9286-b0a694d7ce89.1624528798.1.1624528798.1624528798.6c735d5d-dbeb-4549-bf98-ead8baa60394
.herbaly.com/ Name: _uetvid
Value: ee8f8b00d4d211eba01b9f54caed7cee
.herbaly.com/ Name: dNNwk0TitPMBc2ayqxrdBses
Value: *
.herbaly.com/ Name: _gid
Value: GA1.2.818116126.1624528798
.herbaly.com/ Name: _dc_gtm_UA-126168373-1
Value: 1
.herbaly.com/ Name: _uetsid
Value: ee8f72a0d4d211ebbc05b5dbfdca38ad
.herbaly.com/ Name: _fbp
Value: fb.1.1624528797623.1671822783
.herbaly.com/ Name: _ga
Value: GA1.2.718582575.1624528798
.herbaly.com/ Name: _dc_gtm_UA-126168373-4
Value: 1
.herbaly.com/ Name: _hjTLDTest
Value: 1
.herbaly.com/ Name: _gcl_au
Value: 1.1.1282553640.1624528797
.herbaly.com/ Name: _hjFirstSeen
Value: 1
start.herbaly.com/ Name: _sp_id.56b7
Value: 165f90de-8185-4204-8a96-7b99677c8fc2.1624528797.1.1624528797.1624528797.62cdc94a-6d26-4fb5-ae0f-d02be86f418d
start.herbaly.com/ Name: _sp_ses.56b7
Value: *

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
api.traversedlp.com
bat.bing.com
cdn.convertri.com
chunks.convertri.com
connect.facebook.net
convertri.imgix.net
ct.pinterest.com
f002.backblazeb2.com
fast.a.klaviyo.com
fonts.gstatic.com
googleads.g.doubleclick.net
liallocart.com
professionmedia.com
s.pinimg.com
script.hotjar.com
snowplow.convertri.com
start.herbaly.com
static-forms.klaviyo.com
static.bouncepilot.com
static.hotjar.com
static.klaviyo.com
static.traversedlp.com
stats.g.doubleclick.net
storage.googleapis.com
tr.outbrain.com
users.day-sugar-useful.com
users.good-watch-candle.com
vars.hotjar.com
video.cvtdn.com
www.day-sugar-useful.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
api.traversedlp.com
13.224.193.73
13.224.193.91
138.128.118.50
142.250.185.98
151.101.114.133
199.232.80.84
2.18.234.190
206.190.215.16
2600:9000:21f3:1400:10:b308:84c0:93a1
2606:4700::6810:8d0c
2606:4700::6811:ac2a
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2008
2a00:1450:4001:829::2010
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2008
2a00:1450:400c:c08::9d
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:1f::84
2a04:4e42:3::720
3.211.43.92
35.240.1.10
35.241.14.198
52.86.86.252
65.9.77.119
65.9.77.23
65.9.77.5
70.42.32.159
72.9.145.115
03a6d740bfbc5e92723fcf620bd83ae1a37a862b8cd00c45e2b58a9e42e64b75
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
08c9cfc2e1525f062399b97c5eef0222ddffb765108a71db342efc6072c0acab
0a9776238d06de1d5acde794b0b859fbc4399e2a3819f8c7a4f3a747b297761d
0fbbb7b42c2f2a6cb81eb93cbd2adb6e18031d1bbd2b2abb088ba0d8859bb407
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1474a0c2ada2d04853fe3fd39294d7ddd21910a109df84daa621637cf8c7b21e
148abecbf3b544a983f5d24940c3674f7ca05ff632e61fdf91a32659b373dbbe
15222d11812980b9eec975d2ee224fc5924a0080ea8cc4a4887c82f4cf60404b
18b589749efa7ee3e7ba9f06939d4f6a1d674a26f1914501a6b33093ff8383a2
1a6d47fc8e727903a830206d220aa3fd50772801e5521ae4e6edf4eaef8fb7e6
1d0a9d9becf1979c25f4b7bde914f757c0c50dd7bb737596d9bd6630bf02296b
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d7ec022c03f680ee0030df9213ff142f43f9159ccf9b283aba1273dda485e20
1d906e8e16b4310c4d118d7a3e7541fded2fe48b7d5da1f6e4ec9cd6f17bc0e9
1f73473782ee4af26fc73da25ccf634e54743510da6b15afb3b723ef6b894a75
22ed99ec8e4851160f11f8dcf462c43a1ff343793d2521be5256958bdeb19ced
23097de592b3f09a8d453f47acc4794c0cbd6b996ecad64da6f1a076735c59af
24b337181983cb1cff33d2bacf608a0568be59b83e505e26c8597cea5d2171c4
2695d9b3ce47e4571e4259db8d254d7ce18acf98c28e7804fe4f3a57a368e294
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31627410ec455eef2075de973db2cdeaddddd44d630236d53486783e6ed3d9b3
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3acf244aa6cc3f8f5ae2f82baaf745a6592af1ffc94f9b5ae8ec2503f02b1b2f
3ad3fefdb207753cf1f7f14c610030fd6b00660db09420776630d056c35a2c58
3c7dae61fcb392e31f039dadf2588fa6fff6ab2a68bf7c0ea085ed820bc192a5
4186cb82046abff174718350bb4493c13e32ee4e53f5b0783a2142599feb1a69
4a630ce79186c69f2f0d1406f523cf4a4f5406677ea7a3ce0a87e007251ef178
4e724e2c84bc956d0154980a78be9865cbee5653438395438ffab272f4f84499
4efca0a720e890c77896398917cd1556c30bbaeb2355bf2dcbae2684b14ae84f
503f17f1ead39e733bbf304e686d367d5c7051a5df079f15b7e251b479959b13
52dc362cae7e441a98741305a38b045859ac60e99377d9d88922ec32cb944cfa
52e0349a641604d5204952039bfac8acde78242227defae8864d1caa48b8c5c1
53a85651866852f33fcaf1ee1eff6e5002e8dfe32e4dd49187007b3a7c1367ea
5a3063851ebafc217b4476666bee22260400c58d0a4f5bdc618a988759f10e9e
5a3080bbc09c76f49ee1350118fc3022eb48db105d66f78602aa6d407466fcda
5eb5805b34e0093bef8f4d7f6393b91f9c96e33188a8d12ef3d2c16534c1fcd1
5f6689d12530a53d482da5e7bd406b50a318fa40bf5aa5448197de21e6f8e73a
5f69169f5e6d4cbc91f140c53b2a18e2731847e36b3c0da15b51a14c748355d5
6e68c7f596671913cde21ea0a5c4367b743a79422d87b0659e22f00673c5aeb8
6e7079c87c4789b9c5007b0e400216c6463b13ef623f4c47e08fa667ba0fd22a
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73e2e5173ed0d5a77b02914fa0ef1f67bb53143da75f0348f558f95565220ca1
79431c33f2330eccac17fdd2aa229c0ce43b9db9c7bec3031178e68a004331e2
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7e0c2c713d34470d7302e5239ecdabd70573106b63f957ff41392b85f446a122
7e899db027e8ad6dd9430428072c60bf2ca69c2833adcbff1bf598385b78c497
809ddc5981ee90efb37c4a73aecffa4408233d5f831b3164e2b203c8ef276a0e
8173c0230c9cf0ae2c22ce6f9e7b56d668476458ccc6f444c86cc717c0891e95
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835a3f9f16d6b865bc47f8955aa45da0adb979b89d4880fe69c90497dcac46c2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
857e2aa239412b72b5030e4126b560a15b71834106e2a72f221f29fbd3c7215f
887823af2cf6b4b80c929647b782a1a66573f5717e7e74aa9a37a923d652ce1a
8b8f338432e419ddc4c0136ca65dc694d1a37ca9cf8adcca7d4838361f0c28f5
93f57b8958c377861c27d6b7f55d3036a4e603df0a293e80e4700034c4d83bb1
9478a4df25f038c8b3860939f7becdf472e7d6f26b93bfa1f39e77d05ee62b55
9c9005f820b70376ccde98ea2b3b749973c429cff4c7d4d293db470da143a8a1
9d290164885121f4569810f34602db5b84cf1fcb39da12318ee4227e83005c75
a71636b2eaccf7e106424ec74d72fc51e4defa29b3a597ef557022282268c312
a8e6fe907e05707b6eef1f44abb4f3e9c6eacbd9dc4d229e076378584fc63797
aa7712f27c6a449e061a10d44bd31df22458af891565fa483cc02c1c949d54b4
af30e828275e40572e937d171644cc84e8adcb5b180fc8f520ac14f3eaa22f6d
b315619c16af1d094dbf9d77f4ff685639c2c856dad115bdda3cf29a33123b46
b47aa78422dc2360ea6ff32eaf1744ce40eca791e024cbb0893570113eacf779
b6ceac7c9256818063558b075838ecf9d1aba24437fb0bef38b11c7c64914e6f
b925c859a368ae57603af8b70bdbabf3f723b67e0f19019d048a340da5325036
bb816046f2eeabf435bf4702316a76a4705514a0a67154d293148fb9f6d97a57
bdb606af80827609406c3e38feec29b3163532f5bd9253eefbee50925f87f1d3
c1464b7f00bd790ef315be74d4e7603ccc93ff39f38c90d80826e4bf8c20fe86
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cae985cc76ad274a650649b7833b62c0f3443b329bf0b5af77325367b5a12cbd
cf2da14b9f3d6641ceaf7899e6d9562624241784d5df51aae9aa3cb3e6f0d38c
d124233dd510f9b5bfe1a1d5c7114be3f549d55ab17e4126377d6abf341b722d
da572feb66bed7998092375acea933db0b85f436388a2dc5ac7c6c359cec9905
dee0808efec2180c2914203d9b40b706e38971d80f705de94fb727c93fb3f593
df3227b3b6cf1680d8a7204854ff60d4c0bae887ae44c30f6487553219b30713
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61357f90c697f10c90ec9140ad77b04da9b8c38be42c958e1951ac3ece0c0c7
e8bc0f5a38e5948cfe0bf3bf5ff850d294f1924e87626ae51710be3f69cc7dcd
eb12f772c941d81bc8c97aae5bb2ab6853b384f7c63edde5b25ba8c2bf587562
edaf6e65b40c99603ffde4743a2893502fab3fbdab16166d6a7facdab4d20967
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36f4ba78ee770460d6fa7a8a6ec2095a10ba5ac2327a0396a154c8d6e4b7900
f5277581963354e92212c3318ad1d57a8da3b695a87cc2938409ef37dccd2baa
f86453511fa7d8d1d0d1a8c13ce10e499dfd1aeb4969354b52ef0309a51da6ac
fe80bb5514ab6917a6a0c356e822c37782cdfacc2f6d83ccdf187edb7ffdbe2c