urlscan.io logo urlscan.io
SecurityTrails logo

www.herbalfun.net Open in urlscan Pro
66.254.104.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://signup.herbalfun.net/
Effective URL: https://www.herbalfun.net/signup
Submission: On December 15 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 66.254.104.1, located in Waltham, United States and belongs to REFLECTED, US. The main domain is www.herbalfun.net.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on November 27th 2020. Valid for: a year.
This is the only time www.herbalfun.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 151.139.128.11 20446 (HIGHWINDS3)
1 8 66.254.104.1 29789 (REFLECTED)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.9.73.55 16509 (AMAZON-02)
2 13.226.155.95 16509 (AMAZON-02)
19 9
2    151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
signup.herbalfun.net
8    66.254.104.1 (Waltham, United States)

ASN29789 (REFLECTED, US)
www2.herbalfun.net
www.herbalfun.net
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    65.9.73.55 (Seattle, United States)

ASN16509 (AMAZON-02, US)
prod-csx-static-assets.infoserv.systems
2    13.226.155.95 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-95.dus51.r.cloudfront.net
prod-support-process.infoserv.systems
Domain Requested by
7 www.herbalfun.net signup.herbalfun.net
www.herbalfun.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 prod-support-process.infoserv.systems prod-csx-static-assets.infoserv.systems
2 fonts.gstatic.com fonts.googleapis.com
2 signup.herbalfun.net 1 redirects
1 prod-csx-static-assets.infoserv.systems signup.herbalfun.net
1 www.googletagmanager.com www.herbalfun.net
1 fonts.googleapis.com www.herbalfun.net
1 www2.herbalfun.net 1 redirects
19 9

This site contains links to these domains. Also see Links.

Domain
personal.natwest.com
Subject Issuer Validity Valid
signup.herbalfun.net
Sectigo ECC Domain Validation Secure Server CA		 2020-11-17 -
2021-02-15		 3 months crt.sh
*.herbalfun.net
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2020-11-27 -
2021-11-27		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
*.infoserv.systems
Amazon		 2020-02-19 -
2021-03-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.herbalfun.net/signup
Frame ID: 79E447BB948276653DD97172A504C9AC
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://signup.herbalfun.net/ HTTP 301
    https://signup.herbalfun.net/ Page URL
  2. https://www2.herbalfun.net/signup HTTP 301
    https://www.herbalfun.net/signup Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Microsoft-HTTPAPI(?:\/([\d.]+))?/i

Page Statistics

19
Requests

100 %
HTTPS

56 %
IPv6

6
Domains

9
Subdomains

9
IPs

2
Countries

357 kB
Transfer

895 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://signup.herbalfun.net/ HTTP 301
    https://signup.herbalfun.net/ Page URL
  2. https://www2.herbalfun.net/signup HTTP 301
    https://www.herbalfun.net/signup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://signup.herbalfun.net/ HTTP 301
  • https://signup.herbalfun.net/

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
signup.herbalfun.net/
Redirect Chain
  • http://signup.herbalfun.net/
  • https://signup.herbalfun.net/
47 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signup.herbalfun.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
347dc6eff3b0859b5dd1557b6ebaea8bba839f1341c4fd9a77eaefaa90d26fb7

Request headers

:method
GET
:authority
signup.herbalfun.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:33:48 GMT
cache-control
max-age=3600
content-encoding
gzip
content-length
7952
content-type
text/html
last-modified
Mon, 14 Dec 2020 10:28:12 GMT
accept-ranges
bytes
content-md5
Q2NCuRrELDyy34WEQUTOEg==
etag
"0x8D8A01AF59FF32E"
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-error-code
ConditionNotMet
x-ms-request-id
6e27f61a-101e-0113-7708-d382a2000000
x-ms-version
2018-03-28
x-hw
1608053628.cds042.pa1.hn,1608053628.cds013.pa1.sc,1608053628.cds013.pa1.pr
access-control-allow-origin
*

Redirect headers

Date
Tue, 15 Dec 2020 17:33:47 GMT
Accept-Ranges
bytes
Cache-Control
max-age=0
Location
https://signup.herbalfun.net/
X-HW
1608053627.cds024.pa1.h2,1608053627.cds037.pa1.c
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Primary Request Cookie set signup
www.herbalfun.net/
Redirect Chain
  • https://www2.herbalfun.net/signup
  • https://www.herbalfun.net/signup
21 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.herbalfun.net/signup
Requested by
Host: signup.herbalfun.net
URL: https://signup.herbalfun.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
Apache /
Resource Hash
cde1739d437ede73bbfeaca44ac40455c119d0ec0732652513001a6b99a4218f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Host
www.herbalfun.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://signup.herbalfun.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://signup.herbalfun.net/

Response headers

Date
Tue, 15 Dec 2020 17:33:49 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000;includeSubDomains
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
Set-Cookie
PHPSESSID=j4qf1t7f65v3r3hur81l2b4pb7; path=/;Secure;SameSite=strict studcat=1; expires=Thu, 14-Jan-2021 17:33:49 GMT; Max-Age=2592000;Secure;SameSite=strict hide_browse_library=1; expires=Wed, 15-Dec-2021 17:33:49 GMT; Max-Age=31536000; path=/;Secure;SameSite=strict visitidwww_security_key=c50d6e5b8f04d0ad2511158276711c6b; expires=Wed, 16-Dec-2020 17:33:49 GMT; Max-Age=86400; path=/; domain=.herbalfun.net;Secure;SameSite=strict visitidwww=1608053629; expires=Wed, 16-Dec-2020 17:33:49 GMT; Max-Age=86400; path=/; domain=.herbalfun.net;Secure;SameSite=strict ref_security_key=37e7f188aba042eecc6e7db5388384e5; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.herbalfun.net;Secure;SameSite=strict campaign_id_security_key=2f92027f6cfc679a3f6c4ceeb0217845; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict campaign_id=0; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict program_id_security_key=a20f7091a46f5de361f76fc7432a6b2f; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict program_id=0; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict affiliate_id_security_key=6843f28cae738ea2eb0b703ff98c6958; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict affiliate_id=0; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict sub_campaign_security_key=cca2f3d8dcc7becded50060d46961321; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict sub_campaign=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.herbalfun.net;Secure;SameSite=strict site_id_security_key=1d8d8f96a36fc5d665c556bc1e87ede7; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict site_id=544; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict 9863b848cec66f078b6cc5aa1d65fbef_security_key=30b9f1952abc81e26457304c19e6c23f; expires=Tue, 15-Dec-2020 21:33:49 GMT; Max-Age=14400; path=/; domain=.herbalfun.net;Secure;SameSite=strict 9863b848cec66f078b6cc5aa1d65fbef=1; expires=Tue, 15-Dec-2020 21:33:49 GMT; Max-Age=14400; path=/; domain=.herbalfun.net;Secure;SameSite=strict product_id_security_key=9188cdff75e39c867c3d28603e9bbb7e; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict product_id=0; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict adserver_security_key=ae754a6a600d72f0bc7f317f7a22cd2f; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict adserver=non-adserving; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict c_group_security_key=7050189be1d5137fcf13ffef6b245e46; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict c_group=0; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict segment_id_security_key=732d1141f4afbcb1dfc689dada820e1f; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict segment_id=0; expires=Tue, 15-Dec-2020 18:33:49 GMT; Max-Age=3600; path=/; domain=.herbalfun.net;Secure;SameSite=strict track_dimensions_security_key=3aeeacb17dda106db2498df934671dbe; expires=Mon, 15-Mar-2021 17:33:49 GMT; Max-Age=7776000; path=/; domain=.herbalfun.net;Secure;SameSite=strict track_dimensions=eJxtVE2PmzAQ%2FSsR91BDIEm9p2rb46qHqlJv1sQY4i7YyDakUdX%2F3jEY4qA9Yb358Lw3DwMtjvSvpRmhSQVOMKgqUSUviHymSU5yss%2FyfVbusoweCCVkCuU0aUFVUjWsh0Z4LC9ocrvd0qswF2jrQaVKuE9WNmroffyI%2FXUHUk0NTh8kTwHsYkQtjDDskZ7jcHOnDyryR0UP7uoxTPcfJABV1CbApwne5M7goKSLQOSccOh6wLuZRFUkJS%2BzVr3RjYEuRnEQqGvZSi%2FjAy9pUhsrmqjvAemQOr4Ia%2B1wYctlUQgj2vrDmSZvwHfff%2Bx%2BJWEIbdkojJVaha5vX14DmYvRNytMUP71anQ3rSkr11hci1KdDylJi4wcpjQ%2FogDDr0yoRirxLGvfAhedUG7DwRmvAGfu3osw87QbEyyFKVwPypk747oSgd%2FXb4vf6hbsdZmLdfBbm1Xewya8BJBeD3c9uDUzW5B1jmVEsm45Xhzm2w6MQ%2B9vYG4EODnG6%2FQCxt7fVPRgrajYBfj7Ap%2B8eVdLlEWx3Dk5mtWtvsUkxZ9eGOnFjVrnz4ERDLrMa%2FTsyk5UElbWWANtuxBHx1YDj5se%2FXaa4IAg0dkrhOYYZ%2B%2F4gZRW%2BxlDzsFenDVG%2Bx873H1eIYZW3wyfHR%2BeQ%2BmaITwZ2Oenelf6ttjX1uPTUqYxmILZujkqj29TSYoyxW%2BKzmoFd3gKT0Hh%2FzQ2bjy58H7ywr%2F%2FCz6QXw%3D%3D; expires=Mon, 15-Mar-2021 17:33:49 GMT; Max-Age=7776000; path=/; domain=.herbalfun.net;Secure;SameSite=strict RNLBSERVERID=ded5045cmBVjRCJfk3WucReo0xUI44L; path=/; Secure
Content-Length
5186
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 15 Dec 2020 17:33:48 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000;includeSubDomains
Location
https://www.herbalfun.net/signup
Content-Length
240
Content-Type
text/html; charset=iso-8859-1
Set-Cookie
RNLBSERVERID=ded5505fFuJxDS0gwTfpSRFyaMZcGGN; path=/; Secure
Cache-control
private
css
fonts.googleapis.com/ 		2 KB
538 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oxygen:400,300,700
Requested by
Host: www.herbalfun.net
URL: https://www.herbalfun.net/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
846c368e0ddf8a012965eb146041936ec86aaa04e652c7eed20a1c3117d75509
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Dec 2020 17:31:50 GMT
server
ESF
date
Tue, 15 Dec 2020 17:33:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Dec 2020 17:33:50 GMT
main.php
www.herbalfun.net/css/ 		114 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.herbalfun.net/css/main.php
Requested by
Host: www.herbalfun.net
URL: https://www.herbalfun.net/signup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
Apache /
Resource Hash
74037a3b6d506e6e0ea7d5f755cc5deab80766d040f6c8e14514cf05a63360bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Tue, 15 Dec 2020 17:33:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
sameorigin
Content-Type
text/css;charset=UTF-8
Cache-Control
31536000
Strict-Transport-Security
max-age=63072000;includeSubDomains
Vary
Accept-Encoding
Content-Length
21169
X-XSS-Protection
1; mode=block
Expires
Wed, 15 Dec 2021 17:33:50 GMT
logo_h.png
www.herbalfun.net/uploads/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herbalfun.net/uploads/logo_h.png
Requested by
Host: www.herbalfun.net
URL: https://www.herbalfun.net/signup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
Apache /
Resource Hash
6219f84c766da9eb12c31eb5cce8737b4d86df0c1cf7fa5d04f2778bb35111d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Dec 2020 17:33:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 15 Sep 2016 16:36:06 GMT
Server
Apache
ETag
"52a2-53c8e7136e980"
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
max-age=31536000
Strict-Transport-Security
max-age=63072000;includeSubDomains
Accept-Ranges
bytes
Content-Length
21154
X-XSS-Protection
1; mode=block
Expires
Wed, 15 Dec 2021 17:33:50 GMT
ico-visa.png
www.herbalfun.net/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herbalfun.net/images/ico-visa.png
Requested by
Host: www.herbalfun.net
URL: https://www.herbalfun.net/signup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
Apache /
Resource Hash
80df0b531b8da755214383f80763adc2a7908d684a420999b4b25421807c4bc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Dec 2020 17:33:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 24 Sep 2020 13:44:18 GMT
Server
Apache
ETag
"14c3-5b00f65889080"
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
max-age=31536000
Strict-Transport-Security
max-age=63072000;includeSubDomains
Accept-Ranges
bytes
Content-Length
5315
X-XSS-Protection
1; mode=block
Expires
Wed, 15 Dec 2021 17:33:50 GMT
ico-mastercard.png
www.herbalfun.net/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herbalfun.net/images/ico-mastercard.png
Requested by
Host: www.herbalfun.net
URL: https://www.herbalfun.net/signup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
Apache /
Resource Hash
e40b8971fdedd8241bdf074717685d9604888461b1581281121140757e45a002
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Dec 2020 17:33:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 24 Sep 2020 13:44:18 GMT
Server
Apache
ETag
"1556-5b00f65889080"
X-Frame-Options
sameorigin
Content-Type
image/png
Cache-Control
max-age=31536000
Strict-Transport-Security
max-age=63072000;includeSubDomains
Accept-Ranges
bytes
Content-Length
5462
X-XSS-Protection
1; mode=block
Expires
Wed, 15 Dec 2021 17:33:50 GMT
main_silveris_2.php
www.herbalfun.net/js/ 		208 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.herbalfun.net/js/main_silveris_2.php?ver=1.0.0
Requested by
Host: www.herbalfun.net
URL: https://www.herbalfun.net/signup
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
Apache /
Resource Hash
6930c09e2f4348e67159b3ba7ebcd80bcd37cff0cc52e175d7f6e787a1b8f6c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
public
Date
Tue, 15 Dec 2020 17:33:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
X-Frame-Options
sameorigin
Content-Type
application/javascript
Cache-Control
31536000
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000;includeSubDomains
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Wed, 15 Dec 2021 17:33:50 GMT
gtm.js
www.googletagmanager.com/ 		191 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTC28N5
Requested by
Host: www.herbalfun.net
URL: https://www.herbalfun.net/signup
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e865ef5ea747cc92987174afa5d9cd655ac5640f39556ad4445cfd39b597c151
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:33:50 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60789
x-xss-protection
0
last-modified
Tue, 15 Dec 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Dec 2020 17:33:50 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTC28N5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6195
date
Tue, 15 Dec 2020 15:50:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 15 Dec 2020 17:50:35 GMT
collect
www.google-analytics.com/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=187727131&t=pageview&_s=1&dl=https%3A%2F%2Fwww.herbalfun.net%2Fsignup&dr=https%3A%2F%2Fsignup.herbalfun.net%2F&dp=%2Fsignup&ul=en-us&de=UTF-8&dt=Upgrade&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1120270341&gjid=463764&cid=1164662364.1608053630&tid=UA-160266386-1&_gid=1126825910.1608053630&_r=1&gtm=2wgbu0NTC28N5&z=2040416898
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Dec 2020 17:33:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.herbalfun.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2
fonts.gstatic.com/s/oxygen/v10/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oxygen/v10/2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.herbalfun.net
Referer
https://fonts.googleapis.com/css?family=Oxygen:400,300,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 01:08:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:02:47 GMT
server
sffe
age
59112
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10332
x-xss-protection
0
expires
Wed, 15 Dec 2021 01:08:38 GMT
background_signup.jpg
www.herbalfun.net/images/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.herbalfun.net/images/background_signup.jpg
Requested by
Host: www.herbalfun.net
URL: https://www.herbalfun.net/css/main.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US),
Reverse DNS
Software
Apache /
Resource Hash
0845fbb7ec028ac51901a709c871124a1b87043348d379bd68d93442df2282ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.herbalfun.net/css/main.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 15 Dec 2020 17:33:50 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 30 Jan 2017 14:27:20 GMT
Server
Apache
ETag
"10069-547509cf7e200"
X-Frame-Options
sameorigin
Content-Type
image/jpeg
Cache-Control
max-age=31536000
Strict-Transport-Security
max-age=63072000;includeSubDomains
Accept-Ranges
bytes
Content-Length
65641
X-XSS-Protection
1; mode=block
Expires
Wed, 15 Dec 2021 17:33:50 GMT
2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2
fonts.gstatic.com/s/oxygen/v10/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oxygen/v10/2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.herbalfun.net
Referer
https://fonts.googleapis.com/css?family=Oxygen:400,300,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 14:44:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:03:12 GMT
server
sffe
age
182977
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10280
x-xss-protection
0
expires
Mon, 13 Dec 2021 14:44:13 GMT
index.js
prod-csx-static-assets.infoserv.systems/csx-trk-client/2.1.6/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-csx-static-assets.infoserv.systems/csx-trk-client/2.1.6/index.js
Requested by
Host: signup.herbalfun.net
URL: https://signup.herbalfun.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41c43b7c645ea0bb73afde86129182d18543ac7415381f4e4346225d29787040

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 16:38:16 GMT
content-encoding
gzip
last-modified
Tue, 06 Aug 2019 20:24:27 GMT
server
AmazonS3
age
3335
etag
"462d9d3545a1a4bdf8fe7e8255247509"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8e4700eb43d0f5579f360cfc02e71fad.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
jg7w-kcKDfiRuL7uZVTQ7f8-Nnno0qTx7basH6gKLTau2Z7kHTMeFg==
js
www.google-analytics.com/gtm/ 		95 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-KW55NQN&t=gtm9&cid=1164662364.1608053630
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1d1bc522d650a8511afaa71a0430cd9a5bede14363197908afdb165e05121c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 17:33:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36697
x-xss-protection
0
expires
Tue, 15 Dec 2020 17:33:51 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTC28N5
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5338
date
Tue, 15 Dec 2020 16:04:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 15 Dec 2020 18:04:53 GMT
track_tag
prod-support-process.infoserv.systems/process/ 		74 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod-support-process.infoserv.systems/process/track_tag
Requested by
Host: prod-csx-static-assets.infoserv.systems
URL: https://prod-csx-static-assets.infoserv.systems/csx-trk-client/2.1.6/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-95.dus51.r.cloudfront.net
Software
/
Resource Hash
29ca79e7afd68b192f486ec058989064f80bfe6f33cea76babb59796916143d0

Request headers

Referer
https://www.herbalfun.net/signup
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json

Response headers

date
Tue, 15 Dec 2020 17:33:51 GMT
via
1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amzn-requestid
abe6bbfd-b0b8-45b5-9a73-88a772676886
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.herbalfun.net
x-amzn-trace-id
Root=1-5fd8f37f-718579841eae1d944b2b52f7;Sampled=0
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-credentials
true
x-amz-apigw-id
Xmr7-E7koAMFk0Q=
content-length
74
x-amz-cf-id
1Q5TmrizRFVoAK6kzkDcAwYbRC47WAAp1rkfs2dRM2EqkPd3JNcp4A==
track_tag
prod-support-process.infoserv.systems/process/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://prod-support-process.infoserv.systems/process/track_tag
Protocol
H2
Server
13.226.155.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-95.dus51.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.herbalfun.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/plain
content-length
2
date
Tue, 15 Dec 2020 17:33:51 GMT
x-amzn-requestid
59bf5939-ed15-47a2-be11-813226d43ffb
access-control-allow-origin
https://www.herbalfun.net
access-control-allow-headers
X-Requested-With, Content-Type
x-amz-apigw-id
Xmr76HyDoAMFm-w=
x-amzn-trace-id
Root=1-5fd8f37f-4f3a84705e1f378574be6935;Sampled=0
access-control-allow-credentials
true
x-cache
Miss from cloudfront
via
1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
pX9LvjdR6lVnA8qH7OXKSXekGAfeknrDxITtrQio8YENcrI3JXbhUQ==

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| google_tag_manager function| postscribe object| google_tag_data string| GoogleAnalyticsObject function| ga function| getCookieValue object| gaplugins object| gaGlobal object| gaData object| silverisApp function| doForgotPassword function| validate_login function| appendOverlay function| showLoginForm function| $ function| jQuery object| Foundation function| include string| env object| urls object| csx_exp object| google_optimize object| expClient function| parcelRequire

31 Cookies

Domain/Path Name / Value
.herbalfun.net/ Name: _gat_UA-160266386-1
Value: 1
www.herbalfun.net/ Name: RNLBSERVERID
Value: ded5045cmBVjRCJfk3WucReo0xUI44L
.herbalfun.net/ Name: track_dimensions
Value: eJxtVE2PmzAQ%2FSsR91BDIEm9p2rb46qHqlJv1sQY4i7YyDakUdX%2F3jEY4qA9Yb358Lw3DwMtjvSvpRmhSQVOMKgqUSUviHymSU5yss%2FyfVbusoweCCVkCuU0aUFVUjWsh0Z4LC9ocrvd0qswF2jrQaVKuE9WNmroffyI%2FXUHUk0NTh8kTwHsYkQtjDDskZ7jcHOnDyryR0UP7uoxTPcfJABV1CbApwne5M7goKSLQOSccOh6wLuZRFUkJS%2BzVr3RjYEuRnEQqGvZSi%2FjAy9pUhsrmqjvAemQOr4Ia%2B1wYctlUQgj2vrDmSZvwHfff%2Bx%2BJWEIbdkojJVaha5vX14DmYvRNytMUP71anQ3rSkr11hci1KdDylJi4wcpjQ%2FogDDr0yoRirxLGvfAhedUG7DwRmvAGfu3osw87QbEyyFKVwPypk747oSgd%2FXb4vf6hbsdZmLdfBbm1Xewya8BJBeD3c9uDUzW5B1jmVEsm45Xhzm2w6MQ%2B9vYG4EODnG6%2FQCxt7fVPRgrajYBfj7Ap%2B8eVdLlEWx3Dk5mtWtvsUkxZ9eGOnFjVrnz4ERDLrMa%2FTsyk5UElbWWANtuxBHx1YDj5se%2FXaa4IAg0dkrhOYYZ%2B%2F4gZRW%2BxlDzsFenDVG%2Bx873H1eIYZW3wyfHR%2BeQ%2BmaITwZ2Oenelf6ttjX1uPTUqYxmILZujkqj29TSYoyxW%2BKzmoFd3gKT0Hh%2FzQ2bjy58H7ywr%2F%2FCz6QXw%3D%3D
.herbalfun.net/ Name: segment_id_security_key
Value: 732d1141f4afbcb1dfc689dada820e1f
.herbalfun.net/ Name: c_group
Value: 0
www.herbalfun.net/ Name: studcat
Value: 1
.herbalfun.net/ Name: adserver
Value: non-adserving
.herbalfun.net/ Name: 9863b848cec66f078b6cc5aa1d65fbef_security_key
Value: 30b9f1952abc81e26457304c19e6c23f
.herbalfun.net/ Name: _ga
Value: GA1.2.1164662364.1608053630
.herbalfun.net/ Name: site_id
Value: 544
.herbalfun.net/ Name: 9863b848cec66f078b6cc5aa1d65fbef
Value: 1
.herbalfun.net/ Name: site_id_security_key
Value: 1d8d8f96a36fc5d665c556bc1e87ede7
.herbalfun.net/ Name: product_id
Value: 0
.herbalfun.net/ Name: affiliate_id
Value: 0
.herbalfun.net/ Name: _gid
Value: GA1.2.1126825910.1608053630
.herbalfun.net/ Name: affiliate_id_security_key
Value: 6843f28cae738ea2eb0b703ff98c6958
www.herbalfun.net/ Name: PHPSESSID
Value: j4qf1t7f65v3r3hur81l2b4pb7
.herbalfun.net/ Name: program_id
Value: 0
.herbalfun.net/ Name: campaign_id
Value: 0
.herbalfun.net/ Name: sub_campaign_security_key
Value: cca2f3d8dcc7becded50060d46961321
.herbalfun.net/ Name: adserver_security_key
Value: ae754a6a600d72f0bc7f317f7a22cd2f
.herbalfun.net/ Name: program_id_security_key
Value: a20f7091a46f5de361f76fc7432a6b2f
.herbalfun.net/ Name: ref_security_key
Value: 37e7f188aba042eecc6e7db5388384e5
.herbalfun.net/ Name: campaign_id_security_key
Value: 2f92027f6cfc679a3f6c4ceeb0217845
.herbalfun.net/ Name: product_id_security_key
Value: 9188cdff75e39c867c3d28603e9bbb7e
.herbalfun.net/ Name: visitidwww
Value: 1608053629
.herbalfun.net/ Name: visitidwww_security_key
Value: c50d6e5b8f04d0ad2511158276711c6b
.herbalfun.net/ Name: track_dimensions_security_key
Value: 3aeeacb17dda106db2498df934671dbe
.herbalfun.net/ Name: c_group_security_key
Value: 7050189be1d5137fcf13ffef6b245e46
.herbalfun.net/ Name: segment_id
Value: 0
www.herbalfun.net/ Name: hide_browse_library
Value: 1

1 Console Messages

Source Level URL
Text
console-api log URL: https://prod-csx-static-assets.infoserv.systems/csx-trk-client/2.1.6/index.js(Line 8)
Message:
null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
prod-csx-static-assets.infoserv.systems
prod-support-process.infoserv.systems
signup.herbalfun.net
www.google-analytics.com
www.googletagmanager.com
www.herbalfun.net
www2.herbalfun.net
13.226.155.95
151.139.128.11
2a00:1450:4001:802::200a
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:81e::2003
2a00:1450:4001:820::200e
65.9.73.55
66.254.104.1
0845fbb7ec028ac51901a709c871124a1b87043348d379bd68d93442df2282ec
29ca79e7afd68b192f486ec058989064f80bfe6f33cea76babb59796916143d0
347dc6eff3b0859b5dd1557b6ebaea8bba839f1341c4fd9a77eaefaa90d26fb7
41c43b7c645ea0bb73afde86129182d18543ac7415381f4e4346225d29787040
6219f84c766da9eb12c31eb5cce8737b4d86df0c1cf7fa5d04f2778bb35111d5
64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e
6930c09e2f4348e67159b3ba7ebcd80bcd37cff0cc52e175d7f6e787a1b8f6c6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74037a3b6d506e6e0ea7d5f755cc5deab80766d040f6c8e14514cf05a63360bc
80df0b531b8da755214383f80763adc2a7908d684a420999b4b25421807c4bc8
846c368e0ddf8a012965eb146041936ec86aaa04e652c7eed20a1c3117d75509
cde1739d437ede73bbfeaca44ac40455c119d0ec0732652513001a6b99a4218f
d1d1bc522d650a8511afaa71a0430cd9a5bede14363197908afdb165e05121c3
e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8
e40b8971fdedd8241bdf074717685d9604888461b1581281121140757e45a002
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e865ef5ea747cc92987174afa5d9cd655ac5640f39556ad4445cfd39b597c151