urlscan.io logo urlscan.io
SecurityTrails logo

thegreenbalm.com Open in urlscan Pro
160.153.0.21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cheapsfootballjerseysshop.com/
Effective URL: https://thegreenbalm.com/
Submission Tags: tranco_l324
Submission: On April 16 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 23 HTTP transactions. The main IP is 160.153.0.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is thegreenbalm.com.
TLS certificate: Issued by GTS CA 1P5 on April 4th 2024. Valid for: 3 months.
This is the only time thegreenbalm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.152.147 16509 (AMAZON-02)
1 13 160.153.0.21 209242 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
2 4 23.53.42.211 20940 (AKAMAI-ASN1)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
23 6
1    3.33.152.147 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
cheapsfootballjerseysshop.com
13    160.153.0.21 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
PTR: 21.0.153.160.host.secureserver.net
thegreenbalm.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
4    23.53.42.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-211.deploy.static.akamaitechnologies.com
img1.wsimg.com
2    2a02:26f0:1700:11::b856:6788 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
events.api.secureserver.net
4    2a02:26f0:3500:89a::228b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csp.secureserver.net
Apex Domain
Subdomains		 Transfer
13 thegreenbalm.com
thegreenbalm.com
75 KB
6 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 12901
csp.secureserver.net — Cisco Umbrella Rank: 12949
564 B
4 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 10190
28 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2918
pixel.wp.com — Cisco Umbrella Rank: 2883
3 KB
1 cheapsfootballjerseysshop.com
cheapsfootballjerseysshop.com
318 B
23 5
Domain Requested by
13 thegreenbalm.com 1 redirects thegreenbalm.com
4 csp.secureserver.net img1.wsimg.com
4 img1.wsimg.com 2 redirects thegreenbalm.com
2 events.api.secureserver.net img1.wsimg.com
1 pixel.wp.com thegreenbalm.com
1 stats.wp.com thegreenbalm.com
1 cheapsfootballjerseysshop.com 1 redirects
23 7

This site contains links to these domains. Also see Links.

Domain
en-gb.wordpress.org
Subject Issuer Validity Valid
thegreenbalm.com
GTS CA 1P5		 2024-04-04 -
2024-07-03		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2		 2023-07-10 -
2024-08-10		 a year crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2023-10-10 -
2024-11-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://thegreenbalm.com/
Frame ID: D0132D6E4CED8CF8C2FD49D40F648091
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Green Balm

Page URL History Show full URLs

  1. http://cheapsfootballjerseysshop.com/ HTTP 307
    https://cheapsfootballjerseysshop.com/ HTTP 307
    http://cheapsfootballjerseysshop.com/ HTTP 301
    https://thegreenbalm.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Page Statistics

23
Requests

83 %
HTTPS

33 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

107 kB
Transfer

480 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cheapsfootballjerseysshop.com/ HTTP 307
    https://cheapsfootballjerseysshop.com/ HTTP 307
    http://cheapsfootballjerseysshop.com/ HTTP 301
    https://thegreenbalm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Request Chain 11
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
Request Chain 17
  • https://thegreenbalm.com/favicon.ico HTTP 302
  • https://thegreenbalm.com/wp-includes/images/w-logo-blue-white-bg.png

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thegreenbalm.com/
Redirect Chain
  • http://cheapsfootballjerseysshop.com/
  • https://cheapsfootballjerseysshop.com/
  • http://cheapsfootballjerseysshop.com/
  • https://thegreenbalm.com/
50 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
32da9bd4c6e1c9b58e662a6a1f81f788c2561b23a1e7cdefbbb8858575d3ba40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
MISS
cf-ray
87519b7cb8786a74-TXL
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 16 Apr 2024 04:59:41 GMT
expires
Fri, 17 May 2024 04:59:41 GMT
last-modified
Tue, 16 Apr 2024 04:59:41 GMT
server
cloudflare
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
vary
Accept-Encoding, User-Agent
x-backend
varnish_ssl
x-cache
cached
x-cache-hit
HIT
x-cacheable
YES:Forced
x-cacheproxy-retries
0/2
x-content-type-options
nosniff
x-fawn-proc-count
1,0,24
x-php-version
8.0
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
59
Content-Type
text/html; charset=utf-8
Date
Tue, 16 Apr 2024 04:59:40 GMT
Location
https://thegreenbalm.com
Server
ip-100-74-4-214.eu-west-2.compute.internal
Vary
Accept-Encoding
X-Request-Id
e35601c2-7d16-4e9f-8c6f-19e587535b02
style.min.css
thegreenbalm.com/wp-includes/blocks/navigation/ 		16 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/wp-includes/blocks/navigation/style.min.css?ver=6.4.4
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:59:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2024 06:47:51 GMT
x-php-version
8.0
server
cloudflare
etag
W/"4096-615b86ae08cd5;606683d1130f8
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
87519b7e1ba56a74-TXL
expires
Fri, 17 May 2024 04:59:41 GMT
style-coblocks-extensions.css
thegreenbalm.com/wp-content/plugins/coblocks/dist/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/wp-content/plugins/coblocks/dist/style-coblocks-extensions.css?ver=3.1.8
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
a1dcac963ca923439e01b6b40cf94ba0b1f12c0a7d2fb1a7c5fe42b09bf16ebb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:59:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 03 Apr 2024 05:41:47 GMT
x-php-version
8.0
server
cloudflare
etag
W/"4c1b-6152aadb6e4cf-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
87519b7e1ba86a74-TXL
expires
Fri, 17 May 2024 04:59:41 GMT
style-coblocks-animation.css
thegreenbalm.com/wp-content/plugins/coblocks/dist/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/wp-content/plugins/coblocks/dist/style-coblocks-animation.css?ver=d9b2b27566e6a2a85d1b
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
559a8fa7fa5cb693bd3cf92d8992623527db2a54a97d86e02b998a46ad90351d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:59:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 03 Apr 2024 05:41:47 GMT
x-php-version
8.0
server
cloudflare
etag
W/"10e8-6152aadb6e4cf-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
87519b7e1baa6a74-TXL
expires
Fri, 17 May 2024 04:59:41 GMT
style.min.css
thegreenbalm.com/wp-includes/css/dist/components/ 		82 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/wp-includes/css/dist/components/style.min.css?ver=6.4.4
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
2a9c9a064a89e6c9ade1e9f3a13d0a1762ae694631fd277ebbd3da1bf858f2cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:59:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2024 06:47:51 GMT
x-php-version
8.0
server
cloudflare
etag
W/"14974-615b86adf600c;606683d1130f8
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
87519b7e1bad6a74-TXL
expires
Fri, 17 May 2024 04:59:41 GMT
latest.css
thegreenbalm.com/wp-content/mu-plugins/vendor/wpex/godaddy-launch/includes/Dependencies/GoDaddy/Styles/build/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/wp-content/mu-plugins/vendor/wpex/godaddy-launch/includes/Dependencies/GoDaddy/Styles/build/latest.css?ver=2.0.2
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:59:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2024 06:47:53 GMT
x-php-version
8.0
server
cloudflare
etag
W/"3256-615b86af93d48;606683d111d70
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
87519b7e1bb36a74-TXL
expires
Fri, 17 May 2024 04:59:41 GMT
jetpack.css
thegreenbalm.com/wp-content/plugins/jetpack/css/ 		105 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/wp-content/plugins/jetpack/css/jetpack.css?ver=13.3.1
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
2ec23484fae47980001eed8805ef2fa389d25d6b9db0a5aaeb41ecb76c411905
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:59:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 11 Apr 2024 07:43:08 GMT
x-php-version
8.0
server
cloudflare
etag
W/"1a512-615cd4e696c3a-gzip"
vary
Accept-Encoding
content-type
text/css
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
87519b7e1bb56a74-TXL
expires
Fri, 17 May 2024 04:59:41 GMT
interactivity.min.js
thegreenbalm.com/wp-includes/js/dist/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/wp-includes/js/dist/interactivity.min.js?ver=6.4.4
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
34019d3364166a309440c0b3e94391105694660f5ed76dc836eed8e4aedc1fb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:59:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2024 06:47:51 GMT
x-php-version
8.0
server
cloudflare
etag
W/"7e7a-615b86ae48093;606683d1130f8
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
87519b7e2bc16a74-TXL
expires
Fri, 17 May 2024 04:59:41 GMT
view.min.js
thegreenbalm.com/wp-includes/blocks/navigation/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/wp-includes/blocks/navigation/view.min.js?ver=e3d6f3216904b5b42831
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:59:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2024 06:47:51 GMT
x-php-version
8.0
server
cloudflare
etag
W/"e02-615b86ae090bd;606683d1130f8
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
87519b7e2bc36a74-TXL
expires
Fri, 17 May 2024 04:59:41 GMT
coblocks-animation.js
thegreenbalm.com/wp-content/plugins/coblocks/dist/js/ 		412 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=3.1.8
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:59:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 03 Apr 2024 05:41:47 GMT
x-php-version
8.0
server
cloudflare
etag
W/"19c-6152aadb6bdbe-gzip"
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
87519b7e1bbb6a74-TXL
expires
Fri, 17 May 2024 04:59:41 GMT
e-202416.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202416.js
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Tue, 16 Apr 2024 04:59:41 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402358485.9985
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Sun, 13 Apr 2025 23:08:20 GMT
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain
  • https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
103 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Server
23.53.42.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e301943f5f3cb3486ab3f4c75c0315e96891268a76b8663b6a490324e39d1664

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thegreenbalm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

x-amz-version-id
NUbpk_ypfZoRQFFJE7rB4qpj7fMsB7r1
content-encoding
gzip
date
Tue, 16 Apr 2024 04:59:41 GMT
x-amz-request-id
KGBBKJ60APFZWQCD
x-amz-server-side-encryption
AES256
x-amz-meta-version
0.2.5
content-length
20488
x-amz-id-2
3XXBOmyb3VFdaDs8RNEVM7rupm3lz6CzqYwVPaMjFjDep+0AtrhNs90mjDVdyUcTmVPUfHEs5DE=
last-modified
Fri, 22 Mar 2024 13:06:20 GMT
etag
"fdf3f3c180ae2aa6864f9c46a83a37a9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Apr 2024 05:29:41 GMT

Redirect headers

location
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
access-control-allow-origin
*
date
Tue, 16 Apr 2024 04:59:41 GMT
cache-control
max-age=31536000
timing-allow-origin
*
content-length
0
expires
Wed, 16 Apr 2025 04:59:41 GMT
tti.min.js
img1.wsimg.com/signals/js/clients/tti/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
  • https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Server
23.53.42.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c37a4aa3cf6aaae6921a4b750c0e4f81fd338d6878be90b0faf2f921039cb23

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thegreenbalm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

x-amz-version-id
7jzjltvngWPxR10aGBgezMSyuI8q8r0u
content-encoding
gzip
date
Tue, 16 Apr 2024 04:59:41 GMT
x-amz-request-id
P3DMSWCK0PV0R46J
x-amz-server-side-encryption
AES256
x-amz-meta-version
0.2.1
content-length
7570
x-amz-id-2
8R0Mi1l0d7utlnaSbuD7vk00m+WeGOh+ugQSNlaZ3sZyDXeaBXFQ49Dh2ipS67TPJPooKbDtGjiL4tGTLC7uTg==
last-modified
Wed, 18 Oct 2023 13:46:08 GMT
etag
"1c56940a864f144fae2eb40ee952cb94"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Apr 2024 05:29:41 GMT

Redirect headers

location
https://img1.wsimg.com/signals/js/clients/tti/tti.min.js
access-control-allow-origin
*
date
Tue, 16 Apr 2024 04:59:41 GMT
cache-control
max-age=31536000
timing-allow-origin
*
content-length
0
expires
Wed, 16 Apr 2025 04:59:41 GMT
ccf87d49-8e91-4fb8-b599-94efce13b608
https://thegreenbalm.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://thegreenbalm.com/ccf87d49-8e91-4fb8-b599-94efce13b608
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=195171709&post=0&tz=0&srv=thegreenbalm.com&j=1%3A13.3.1&host=thegreenbalm.com&ref=&fcp=0&rand=0.3251758939047029
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 16 Apr 2024 04:59:41 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
thegreenbalm.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.4
Requested by
Host: thegreenbalm.com
URL: https://thegreenbalm.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 04:59:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
content-encoding
br
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2024 06:47:51 GMT
x-php-version
8.0
server
cloudflare
etag
W/"4904-615b86ae7821f;606683d1130f8
vary
Accept-Encoding
content-type
text/javascript
x-cache-hit
HIT
cache-control
public, max-age=2678400
cf-ray
87519b809b564516-TXL
expires
Fri, 17 May 2024 04:59:41 GMT
event
events.api.secureserver.net/t/1/tl/ 		43 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=thegreenbalm.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.2.5&vg=832b6f35-2118-4e0e-81e9-f7d4a3a32216&vtg=832b6f35-2118-4e0e-81e9-f7d4a3a32216&dp=%2F&trace_id=b3db05ff8cfe44b7a11700095b6eff57&cts=2024-04-16T04%3A59%3A41.513Z&hit_id=0ce0800a-e11b-4127-b7ea-a8d3ee1bcd67&ht=pageview&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22d850e52d-7a91-a21f-1a52-e70db4246f75.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD12%22%2C%22storage%22%3A%22p3cephmah006pod12_data02%22%2C%22xid%22%3A%2245240927%22%2C%22wp%22%3A%226.4.4%22%2C%22php%22%3A%228.0.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22%22%2C%22theme%22%3A%22twentytwentythree%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22269%22%2C%22wp_alloptions_bytes%22%3A%2291371%22%7D&ap=wpaas&vci=880493676&z=377356610
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:11::b856:6788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Tue, 16 Apr 2024 04:59:41 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://thegreenbalm.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
event
events.api.secureserver.net/t/1/tl/ 		43 B
282 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=thegreenbalm.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F123.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.2.5&vg=832b6f35-2118-4e0e-81e9-f7d4a3a32216&vtg=832b6f35-2118-4e0e-81e9-f7d4a3a32216&dp=%2F&trace_id=b3db05ff8cfe44b7a11700095b6eff57&cts=2024-04-16T04%3A59%3A41.755Z&hit_id=43789f53-dd58-4f3d-8010-5c6eaaf0c18d&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22d850e52d-7a91-a21f-1a52-e70db4246f75.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD12%22%2C%22storage%22%3A%22p3cephmah006pod12_data02%22%2C%22xid%22%3A%2245240927%22%2C%22wp%22%3A%226.4.4%22%2C%22php%22%3A%228.0.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22%22%2C%22theme%22%3A%22twentytwentythree%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22269%22%2C%22wp_alloptions_bytes%22%3A%2291371%22%7D&ap=wpaas&vci=880493676&z=902401808&tce=1713243580899&tcs=1713243580831&tdc=1713243581753&tdclee=1713243581520&tdcles=1713243581516&tdi=1713243581515&tdl=1713243581120&tdle=1713243580831&tdls=1713243580831&tfs=1713243580815&tns=1713243577764&trqs=1713243580900&tre=1713243581119&trps=1713243581117&tles=1713243581753&tlee=0&nt=navigate&LCP=3745&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:1700:11::b856:6788 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://thegreenbalm.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
date
Tue, 16 Apr 2024 04:59:42 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
access-control-allow-origin
https://thegreenbalm.com
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
43
x-xss-protection
1; mode=block
w-logo-blue-white-bg.png
thegreenbalm.com/wp-includes/images/
Redirect Chain
  • https://thegreenbalm.com/favicon.ico
  • https://thegreenbalm.com/wp-includes/images/w-logo-blue-white-bg.png
4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thegreenbalm.com/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H3
Server
160.153.0.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
21.0.153.160.host.secureserver.net
Software
cloudflare /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://thegreenbalm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Apr 2024 04:59:42 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES
x-backend
varnish_ssl
cf-cache-status
MISS
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
content-length
4119
x-xss-protection
1; mode=block
last-modified
Wed, 10 Apr 2024 06:47:51 GMT
x-php-version
8.0
server
cloudflare
etag
"1017-615b86ade71c2;606683d1130f8
vary
Accept-Encoding
content-type
image/png
x-cache-hit
HIT
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
87519b8369df4516-TXL
expires
Fri, 17 May 2024 04:59:42 GMT

Redirect headers

date
Tue, 16 Apr 2024 04:59:41 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
x-cacheable
YES:Forced
x-backend
varnish_ssl
cf-cache-status
MISS
x-redirect-by
WordPress
x-cache
cached
x-cacheproxy-retries
0/2
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-php-version
8.0
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://thegreenbalm.com/wp-includes/images/w-logo-blue-white-bg.png
x-cache-hit
HIT
cache-control
public, max-age=2678400
x-fawn-proc-count
1,0,24
cf-ray
87519b821ee64516-TXL
expires
Fri, 17 May 2024 04:59:41 GMT
eventbus
csp.secureserver.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89a::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thegreenbalm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Tue, 16 Apr 2024 04:59:42 GMT
Expires
Tue, 16 Apr 2024 04:59:42 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
WTXVxFGxoAMEc4w=
x-amzn-requestid
766ad12a-5cc7-44ab-9a98-0f6e1f60477b
x-amzn-trace-id
Root=1-661e05be-6f8d802f19a6f43d785e9dc0
x-envoy-upstream-service-time
5
eventbus
csp.secureserver.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89a::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
api-key b18ef4f046435b64a469b32c3c1c20a3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://thegreenbalm.com/
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 16 Apr 2024 04:59:42 GMT
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id
Root=1-661e05be-48aaa2a8436211ad3d7196e8
x-amzn-requestid
b61bce9d-b5a0-46ec-99ad-f7cce6d4a0ea
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
102
Connection
keep-alive
x-amz-apigw-id
WTXVyEAZoAMEaRA=
Content-Length
0
Expires
Tue, 16 Apr 2024 04:59:42 GMT
eventbus
csp.secureserver.net/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89a::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://thegreenbalm.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Tue, 16 Apr 2024 04:59:42 GMT
Expires
Tue, 16 Apr 2024 04:59:42 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
WTXVxGC7oAMEQBQ=
x-amzn-requestid
2ed2ecfe-9ac0-4a92-8841-1d6c09252674
x-amzn-trace-id
Root=1-661e05be-29b620460d8ef2e22916a19c
x-envoy-upstream-service-time
6
eventbus
csp.secureserver.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:89a::228b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
api-key 8da2217409854bee82e12dc4ca0b39fb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://thegreenbalm.com/
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Tue, 16 Apr 2024 04:59:42 GMT
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amzn-trace-id
Root=1-661e05be-5762bf6203a0b7f830a8eec3
x-amzn-requestid
5d4a3720-f323-4a5c-b2f5-af3f136e8880
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
100
Connection
keep-alive
x-amz-apigw-id
WTXVyHATIAMELNA=
Content-Length
0
Expires
Tue, 16 Apr 2024 04:59:42 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings function| st_go function| linktracker_init object| wpcom object| _stq object| _trfd object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| scc-c2 object| tti object| __WordPressPrivateInteractivityAPI__ object| twemoji object| wp object| _trfq

3 Cookies

Domain/Path Name / Value
.thegreenbalm.com/ Name: _tccl_visitor
Value: 832b6f35-2118-4e0e-81e9-f7d4a3a32216
.thegreenbalm.com/ Name: _tccl_visit
Value: 832b6f35-2118-4e0e-81e9-f7d4a3a32216
.thegreenbalm.com/ Name: _scc_session
Value: pc=1&C_TOUCH=2024-04-16T04:59:41.513Z

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cheapsfootballjerseysshop.com
csp.secureserver.net
events.api.secureserver.net
img1.wsimg.com
pixel.wp.com
stats.wp.com
thegreenbalm.com
160.153.0.21
192.0.76.3
23.53.42.211
2a02:26f0:1700:11::b856:6788
2a02:26f0:3500:89a::228b
3.33.152.147
2a9c9a064a89e6c9ade1e9f3a13d0a1762ae694631fd277ebbd3da1bf858f2cf
2ec23484fae47980001eed8805ef2fa389d25d6b9db0a5aaeb41ecb76c411905
32da9bd4c6e1c9b58e662a6a1f81f788c2561b23a1e7cdefbbb8858575d3ba40
34019d3364166a309440c0b3e94391105694660f5ed76dc836eed8e4aedc1fb5
38b1136cf93f9cb1dc433fd40347fed72ebce9522a55393f95feae15a8268233
3c37a4aa3cf6aaae6921a4b750c0e4f81fd338d6878be90b0faf2f921039cb23
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
470b8fe4451dab1ff2c7edeeb3091a932188b7acaa06d7e7187f9dd90947a553
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
559a8fa7fa5cb693bd3cf92d8992623527db2a54a97d86e02b998a46ad90351d
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
a1dcac963ca923439e01b6b40cf94ba0b1f12c0a7d2fb1a7c5fe42b09bf16ebb
a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
e301943f5f3cb3486ab3f4c75c0315e96891268a76b8663b6a490324e39d1664
ecfc357ad95e64230925cfe8fc310394fe5c1b4385eb08354b8fec69af0d6966
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1