urlscan.io logo urlscan.io
SecurityTrails logo

herbalsyde.xyz Open in urlscan Pro
104.21.10.103  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://v0kjzprcxs.storage.googleapis.com/v0kjzprcxs-i#cl/8140_md/2002/4193/1779/143/70322
Effective URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Submission: On January 16 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 31 HTTP transactions. The main IP is 104.21.10.103, located in and belongs to CLOUDFLARENET, US. The main domain is herbalsyde.xyz.
TLS certificate: Issued by GTS CA 1P5 on January 15th 2024. Valid for: 3 months.
This is the only time herbalsyde.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 142.251.179.207 15169 (GOOGLE)
1 185.147.127.55 49392 (ASBAXETN)
1 1 104.21.10.120 13335 (CLOUDFLAR...)
21 104.21.10.103 13335 (CLOUDFLAR...)
5 172.67.177.226 13335 (CLOUDFLAR...)
2 142.251.16.97 15169 (GOOGLE)
1 142.251.163.102 15169 (GOOGLE)
31 6
1    142.251.179.207 (United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f207.1e100.net
v0kjzprcxs.storage.googleapis.com
1    185.147.127.55 (Warsaw, Poland)

ASN49392 (ASBAXETN, RU)
zoromangare.com
1    104.21.10.120 (None, )

ASN13335 (CLOUDFLARENET, US)
drivercage.cc
21    104.21.10.103 (None, )

ASN13335 (CLOUDFLARENET, US)
herbalsyde.xyz
5    172.67.177.226 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-adulvion.com
event.trk-adulvion.com
2    142.251.16.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f97.1e100.net
www.googletagmanager.com
1    142.251.163.102 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f102.1e100.net
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
21 herbalsyde.xyz
herbalsyde.xyz
254 KB
5 trk-adulvion.com
trk-adulvion.com — Cisco Umbrella Rank: 300281
event.trk-adulvion.com — Cisco Umbrella Rank: 317955
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
149 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
254 B
1 drivercage.cc
drivercage.cc
655 B
1 zoromangare.com
zoromangare.com
509 B
1 googleapis.com
v0kjzprcxs.storage.googleapis.com
1 KB
31 7
Domain Requested by
21 herbalsyde.xyz zoromangare.com
herbalsyde.xyz
4 event.trk-adulvion.com trk-adulvion.com
2 www.googletagmanager.com herbalsyde.xyz
www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 trk-adulvion.com herbalsyde.xyz
1 drivercage.cc 1 redirects
1 zoromangare.com v0kjzprcxs.storage.googleapis.com
1 v0kjzprcxs.storage.googleapis.com
31 8

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
zoromangare.com
R3		 2023-11-22 -
2024-02-20		 3 months crt.sh
herbalsyde.xyz
GTS CA 1P5		 2024-01-15 -
2024-04-14		 3 months crt.sh
trk-adulvion.com
GTS CA 1P5		 2023-12-17 -
2024-03-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Frame ID: 5C384DC577FCB233CC49A6B089EE44C9
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - Online Survey - We Want Your Opinion!

Page URL History Show full URLs

  1. https://v0kjzprcxs.storage.googleapis.com/v0kjzprcxs-i Page URL
  2. https://zoromangare.com/0/0/0/c1269bc2288e504dff62595d04824b05/2002/8140_2/143_70322_4193_1779_md Page URL
  3. https://drivercage.cc/?s1=351633&s2=1127402127&s3=1782&s4=3038&ow=&s10=3079 HTTP 302
    https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

408 kB
Transfer

1048 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://v0kjzprcxs.storage.googleapis.com/v0kjzprcxs-i Page URL
  2. https://zoromangare.com/0/0/0/c1269bc2288e504dff62595d04824b05/2002/8140_2/143_70322_4193_1779_md Page URL
  3. https://drivercage.cc/?s1=351633&s2=1127402127&s3=1782&s4=3038&ow=&s10=3079 HTTP 302
    https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
v0kjzprcxs-i
v0kjzprcxs.storage.googleapis.com/ 		610 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v0kjzprcxs.storage.googleapis.com/v0kjzprcxs-i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.207 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f207.1e100.net
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
610
content-type
text/html
date
Tue, 16 Jan 2024 18:15:43 GMT
etag
"f2d1db6bca6e0ca81d9bd1864fd414e0"
expires
Tue, 16 Jan 2024 19:15:43 GMT
last-modified
Mon, 08 Jan 2024 11:40:10 GMT
server
UploadServer
x-goog-generation
1704714010559119
x-goog-hash
crc32c=wNRXZg== md5=8tHba8puDKgdm9GGT9QU4A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
610
x-guploader-uploadid
ABPtcPolgd-ERNf9oELoPxT_Zg79of2mCWQ4vkn0gv8-cw7lR3OvSPT4htq_vcxJbhv19kOq0D8
143_70322_4193_1779_md
zoromangare.com/0/0/0/c1269bc2288e504dff62595d04824b05/2002/8140_2/ 		138 B
509 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zoromangare.com/0/0/0/c1269bc2288e504dff62595d04824b05/2002/8140_2/143_70322_4193_1779_md
Requested by
Host: v0kjzprcxs.storage.googleapis.com
URL: https://v0kjzprcxs.storage.googleapis.com/v0kjzprcxs-i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.147.127.55 Warsaw, Poland, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://v0kjzprcxs.storage.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
138
content-type
text/html; charset=UTF-8
date
Tue, 16 Jan 2024 18:15:44 GMT
server
Apache
strict-transport-security
max-age=16000000; includeSubDomains; preload;
Primary Request 21e7b50188a0236efbb40bd951514b97
herbalsyde.xyz/
Redirect Chain
  • https://drivercage.cc/?s1=351633&s2=1127402127&s3=1782&s4=3038&ow=&s10=3079
  • https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
19 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Requested by
Host: zoromangare.com
URL: https://zoromangare.com/0/0/0/c1269bc2288e504dff62595d04824b05/2002/8140_2/143_70322_4193_1779_md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d68a06bf91c24463d519151b0f6bdb8212ffd2ee73cdc03b2ea13d7ba17b4b8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zoromangare.com/0/0/0/c1269bc2288e504dff62595d04824b05/2002/8140_2/143_70322_4193_1779_md
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
84685882de2a39ea-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 16 Jan 2024 18:15:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMoKNvOutVcgZ3qzDFSDWrUFisYzOhdxp%2BkY8rsgsHeSvDBvmzKd6bV7949uwFdpMwgomlWCCmxJlO%2Fk8I4A6NNyWD9RwaWRxNRzXVtfCrYI3C1rdYbMaz7fLRWXXUQjrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8468587c2a1ca1f6-YYZ
content-type
text/html; charset=UTF-8
date
Tue, 16 Jan 2024 18:15:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wxd7pG5r5ueFiUWENBAPvd%2Fav3NOdk0KDrw2olv0QDU84LL9HoFv3JAU70%2Fyh1OjzXzs8xW2jVihJng68HxD5y3i%2BsgLfaGHohDMhN1okbQz%2FSDBALNYHscMW6CKRBCu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrap.min.css
herbalsyde.xyz/assets/js/vendor/bootstrap/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/assets/js/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6851
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ymOjGGuPp3kt%2B9c3AM3VjCVCxMYd%2BnTT2qroRZ5BU1%2F6BrClcTdA0XB81Gjnl1X5DUuCPojOUft%2FGMdMST8UZjwYcs0VUFp8XGDb7Nrh9LZH6DScfCusuEBVGjc9ZRDt6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
846858889f9339ea-YYZ
expires
Tue, 23 Jan 2024 16:21:36 GMT
all.css
herbalsyde.xyz/assets/vendors/fontawesome/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/assets/vendors/fontawesome/css/all.css
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6851
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsXfJ6irHvxrJYj8fQ5zG9On9PkGbyVw8SOzackD7NCsqcSsAgT4nNlTB8CLRspLCiGoUBCI9bZ6FXSjc3TAULr07zrZRJkWNQX1w0z5Kwdk87FLB9KynidwMGcqzij%2BWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
846858889f9939ea-YYZ
expires
Tue, 23 Jan 2024 16:21:36 GMT
common.css
herbalsyde.xyz/assets/css/isp/ 		40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/assets/css/isp/common.css?v=bc282b3e852be12dd690387790d4683e
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f22b9a0110776c4289baca8bf7c86d69fa3dd40e3f383135df5bcd4f41e0fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 12 Dec 2023 16:42:25 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrqZIWzSOBtGdrJ%2BIECngHKq6z4RDZH3FfMt9sRyXl4EMF7GezT%2BWHI20lvKpwIIcuLG7H30pLF9ThuBi9Cyz%2FbCYGxD2t3KY3NhrWAbW5RjGspZCTYE1FMex1NEB1mD5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
846858889f9d39ea-YYZ
expires
Tue, 23 Jan 2024 18:15:47 GMT
msg.v3.js
herbalsyde.xyz/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/inc/msg.v3.js?65a6c7d2ba40b
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 05 Dec 2023 15:48:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B13CotlOzM8dQYJJQGC31fZtnKTwnX2s8KBBZwnWJtqobws0tlvjvfMAk130KGFxgojlTNUHGmuaIlaxH%2FoDqeMKiqcWNcfi8Rs8b3DQV0InFQ6%2FtqFWzxT15eUJKdD9xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
846858889f9e39ea-YYZ
expires
Tue, 23 Jan 2024 18:15:47 GMT
onlinesurvey-color.png
herbalsyde.xyz/uploads/archive/company/175/images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalsyde.xyz/uploads/archive/company/175/images/onlinesurvey-color.png
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6835
alt-svc
h3=":443"; ma=86400
content-length
41556
x-xss-protection
1; mode=block
last-modified
Thu, 10 Mar 2022 19:58:45 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIZ70CEOka1D4K7xyHSBmPVc5%2BlL9eNHCSHpfsE4EmOgMZZ313qCGmGga1UXtcqfSDdUr8mxXOZOKx2bl%2BKzjFY9RndoUCHdsf9a4XMFToEcsKtb8jOAq1YmyNcrW9bzzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
846858889f9f39ea-YYZ
expires
Tue, 23 Jan 2024 16:21:52 GMT
9e2a199fb9945d3ad3923a854d1d04db.jpg
herbalsyde.xyz/fim/3079-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalsyde.xyz/fim/3079-CA/9e2a199fb9945d3ad3923a854d1d04db.jpg
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdbd0b5f18b8f392c2690d46eab91ad506f93a79ded7318b5cc547ed975a4529
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1519
alt-svc
h3=":443"; ma=86400
content-length
1821
x-xss-protection
1; mode=block
last-modified
Tue, 16 Jan 2024 17:50:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUEM3Cv8ejyjb4LxpCAeZn7bPlu9fNB8x5g7MhgRlmBVPJiUJ%2B%2FgguQ4gpe3am2JQd36mujVbv%2B2fWO5qKkSmnc1%2BcaDIzzRdfGMY8%2FTUeBIuCQuFTmOiGCmgh0zXWM7hA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
846858889fa139ea-YYZ
expires
Tue, 23 Jan 2024 17:50:28 GMT
d7334284b5058c45f51f55733cf3c70e.jpg
herbalsyde.xyz/fim/3079-CA/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalsyde.xyz/fim/3079-CA/d7334284b5058c45f51f55733cf3c70e.jpg
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1463
alt-svc
h3=":443"; ma=86400
content-length
2066
x-xss-protection
1; mode=block
last-modified
Tue, 16 Jan 2024 17:50:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2BLBQDqT87IuEWSh6158zlamcR%2B0bGlMHjTCtPI7%2FP2Fn7lYWLyxr15qMthYdaMBEBGsWbt1fY8QadbPhmnK53DJD%2FP0ZdrV8xkktCCpceALQMljTS8wVT5iyT9IgUBLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
846858899b84543d-YYZ
expires
Tue, 23 Jan 2024 17:51:24 GMT
7da6c57d3e76a253b0c139821df4f4ad.jpg
herbalsyde.xyz/fim/3079-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalsyde.xyz/fim/3079-CA/7da6c57d3e76a253b0c139821df4f4ad.jpg
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e061934e3e59bb4572a66216f0474b7cf744596985c83893ab7146cb4b76292f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1348
alt-svc
h3=":443"; ma=86400
content-length
1998
x-xss-protection
1; mode=block
last-modified
Tue, 16 Jan 2024 17:50:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fut%2FGJG54o%2Fz4xU8wYmhB1QA%2FbMYCZDS3GtNqKMfowHM23eetgauJgw97%2Bv3a8YTOywvCcu8lU9F50udq5Kh729PGgL6nBCb2ZiFFDfWtApL31GGGTcWHp8olJnYbX7UQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
846858899b88543d-YYZ
expires
Tue, 23 Jan 2024 17:53:19 GMT
65b53a01bdc37bd748597d6032ebfbb0.jpg
herbalsyde.xyz/fim/3079-CA/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalsyde.xyz/fim/3079-CA/65b53a01bdc37bd748597d6032ebfbb0.jpg
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1463
alt-svc
h3=":443"; ma=86400
content-length
2069
x-xss-protection
1; mode=block
last-modified
Tue, 16 Jan 2024 17:50:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDulz%2FtZ4H6AJpLAUjIjA8GacnMKcVKc63cDvB6rx%2BmKTKGjBcbTFv4rsZ2mjqXm8i4jHVewfmf1KOgRgtPuQnek%2BMRye0HwE2pDRtyjEPGSsbfBtkH%2FrsiET08HFq60bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8468588a1c36543d-YYZ
expires
Tue, 23 Jan 2024 17:51:24 GMT
13f48aa3bc17b4a1adaaad91b7544681.jpg
herbalsyde.xyz/fim/3079-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalsyde.xyz/fim/3079-CA/13f48aa3bc17b4a1adaaad91b7544681.jpg
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5157378a4441bc07c005f21b99d77d0c6406d86a2a55eeca84304941f8645182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1348
alt-svc
h3=":443"; ma=86400
content-length
2003
x-xss-protection
1; mode=block
last-modified
Tue, 16 Jan 2024 17:50:28 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcKF9dtfQpAV74%2Fgr8NUiQeUOFBv%2FWmY%2F6UNIQApQhnAOfr9YV%2Fea3tqkBg%2FdsjFE0AZIjplNEhQjV7Qgykbqi9LJXSTu77Vwl%2FwtWOOSJ%2B4MMxvogZdMtndaEbXlIld5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8468588a1c49543d-YYZ
expires
Tue, 23 Jan 2024 17:53:19 GMT
d170142160df539b1b968e5e57bc0ac5.jpg
herbalsyde.xyz/fim/3079-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalsyde.xyz/fim/3079-CA/d170142160df539b1b968e5e57bc0ac5.jpg
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2db4a30686167f451311bbf0791f3b0224c03ee161e82354c760fa5bb0cb4dfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1463
alt-svc
h3=":443"; ma=86400
content-length
1971
x-xss-protection
1; mode=block
last-modified
Tue, 16 Jan 2024 17:51:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cu96MT9WRZGQSDF%2FfayDaUFIx2DjJZuKXfuJfAiscWVApxfdmCKg5qSbulfpW6gv%2FJLqaDzjkWNtoSf%2FZsLbl%2FAVM%2Fr6aefk6EPn1f73MdKfcnyBrIl4LwJyC17v9Kf3vA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8468588a1c4a543d-YYZ
expires
Tue, 23 Jan 2024 17:51:24 GMT
c2de502053c7a6364a041f8a932a894e.jpg
herbalsyde.xyz/fim/3079-CA/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalsyde.xyz/fim/3079-CA/c2de502053c7a6364a041f8a932a894e.jpg
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1463
alt-svc
h3=":443"; ma=86400
content-length
1855
x-xss-protection
1; mode=block
last-modified
Tue, 16 Jan 2024 17:51:24 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vncf15vY3%2BY9na51t1aMfmZSPSk0%2BYvfcOcU3oD1drwwCokShl5%2BgyeKR3YwDw5CcJGZWM2r7PZyKN4FUjHhCbf3ZwDGyLX3Ewr3KDGwIQoCQR68HaNnyDLLvc4MixYJ5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8468588a1c4f543d-YYZ
expires
Tue, 23 Jan 2024 17:51:24 GMT
a798a673c52aa19470374759ab689288.jpg
herbalsyde.xyz/fim/3079-CA/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalsyde.xyz/fim/3079-CA/a798a673c52aa19470374759ab689288.jpg
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10ba49eb3165c20fb10cb5b2abc25543b9876aa66914075d33f2818e990b6436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1147
alt-svc
h3=":443"; ma=86400
content-length
1383
x-xss-protection
1; mode=block
last-modified
Tue, 16 Jan 2024 17:52:04 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWlAODVPkxgkPJvhVG6DO57zg%2BcrHMwkAiqfKWGawSONZ8J6zyqFPPLyapP2tHP2GhYtpys8R7z5aRo4dnOclBfkkeCneea3g3kIw2DeiotWiDCfLo%2BVhbPtFN8yKhzezg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8468588a1c51543d-YYZ
expires
Tue, 23 Jan 2024 17:56:40 GMT
jquery-3.4.1.min.js
herbalsyde.xyz/assets/js/vendor/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/assets/js/vendor/jquery-3.4.1.min.js
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6552
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBXtxbtU7eIO8XGYCiGA0q8nynDvb7s3erZscLZVgb8nxphTaZindW5DSEZHzJTRFuVx5%2FaTR6oNKP%2BRoNZX8pBXFUCEHo7y7QlzeGPtKCH%2Fr8%2FvwkreKIXD4gNWp%2FzIlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8468588a1c3c543d-YYZ
expires
Tue, 23 Jan 2024 16:26:35 GMT
bootstrap.min.js
herbalsyde.xyz/assets/js/vendor/bootstrap/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/assets/js/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6552
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eh5Y031bTel6H5Y%2FSf7Q1Fcay0Pi4PTlu29jUP4BBaOT1%2BH7URetGIthQRqU5nxrjfoLvw0bD0rgrRDwKRQqQ5bwgY4Bny3nqX6DditCyNoQcxDqbKgIvtpgFgCmusM1hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8468588a1c3d543d-YYZ
expires
Tue, 23 Jan 2024 16:26:35 GMT
functions.js
herbalsyde.xyz/assets/js/ 		814 B
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/assets/js/functions.js?v=bc282b3e852be12dd690387790d4683e
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91caebaa07e970b9566eb195570097c03616d933955113dbfb1eced337a5f8b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 25 Aug 2023 14:17:59 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puEKLk8OBnI%2BFtVD6804hZrlbRWDuz136M7y4KiXPHfysuiu2W%2BriU0nN20rXazRqNmtdBFkymmIkiaeixlzUPWnU%2FeRO11s4uB2FA378JcNq2Ysxc3ArD58QRfZwwrt9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8468588a1c40543d-YYZ
expires
Tue, 23 Jan 2024 18:15:47 GMT
intl_functions.js
herbalsyde.xyz/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/assets/js/intl_functions.js?v=bc282b3e852be12dd690387790d4683e
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9437d87812b34d91f53e5421eeed60dd3aa108b42cb34f4a8dbb855a0531a55b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Sep 2023 15:07:29 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gstLF4ooRYD2kPX9Uu2kj8eV%2FYcpIaS8dy6FDNcrOGPickyh4zjVGYoASKfi8SlOjUZQAUXCIAnTVlGcnotz08Bsv840HA70XlFf7VBdscRyfeh%2Br05fIu6vHwO%2Bm9U%2BsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8468588a1c43543d-YYZ
expires
Tue, 23 Jan 2024 18:15:47 GMT
common.js
herbalsyde.xyz/assets/js/isp/ 		71 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/assets/js/isp/common.js?v=bc282b3e852be12dd690387790d4683e
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313b92f0c5db5617258d1876189921d400d7723af07b04090ff720c2e6d39b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 09 Jan 2024 18:37:42 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5%2BrfqFM7LvdPGJkjiaxa84gvZUDusaUukv3WFVpTR9UUS6i4ITZQi2zG3KBgAAx3ePx7QyJ4MR5%2FfINauqcDouJ0zoXJlwfJ58fCM4NzDVjmudXNF2zj3s283xUuqx%2BPg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8468588a1c46543d-YYZ
expires
Tue, 23 Jan 2024 18:15:47 GMT
v9e118mez8
trk-adulvion.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-adulvion.com/scripts/push/v9e118mez8
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/inc/msg.v3.js?65a6c7d2ba40b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.177.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a4a7e1e3b6806e9eb4b719dcdd56c7f3dec5c4991bc15b56193c7e99f719f8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3857
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 16 Jan 2024 17:11:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0H2toYn9kBk5fNhQ%2F1RPuS1QEWHyLP8xsvO4wXuVDIwo%2F1%2BNPohd8Gu%2BCzoY7w8LNSjbaphqhVsmzmcQLv1MzPc6QBK%2BYCrnK%2Fix73q4h%2B%2FWeVi0E4NbeT7putkPbWz%2F3u6"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8468588aba2c7118-YYZ
expires
0
gtm.js
www.googletagmanager.com/ 		180 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
9cbbb24c773cd0e084c5962385a93f171eb55ecf1b2f18391f1f95320b31a181
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
65822
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Jan 2024 18:15:47 GMT
fa-solid-900.woff2
herbalsyde.xyz/assets/vendors/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://herbalsyde.xyz/assets/vendors/fontawesome/css/all.css
Origin
https://herbalsyde.xyz
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:47 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6386
alt-svc
h3=":443"; ma=86400
content-length
80252
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksRsazWHsL8YLEPSbsNOozb6k8Ma3JIIOpleTxezZ91MB6zospzfzGlz6aIWxi8dpvAsYOGyvax6%2FZBE%2BLsXwCylV8YhNkA7ZNU6LM5samuO81GQV5whZE9FIZ5ORmZLww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8468588a1c53543d-YYZ
expires
Tue, 23 Jan 2024 16:29:21 GMT
21e7b50188a0236efbb40bd951514b97
herbalsyde.xyz/ 		25 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Requested by
Host: herbalsyde.xyz
URL: https://herbalsyde.xyz/inc/msg.v3.js?65a6c7d2ba40b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 16 Jan 2024 18:15:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmRbMGDrjyDkKvNr%2Bh4iCIN5%2BVPpULU8REe0D%2FedrU6zgtEbfdx8auqHkZfi9D0DwIuQBreDzPF6Vtw0fDWt49fxXNkyyTpOIT3QolRlmRvi0bsP%2F6iQ7k6tFOBbO8j5IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8468588e6aac543d-YYZ
expires
Thu, 19 Nov 1981 08:52:00 GMT
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.177.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://herbalsyde.xyz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Tue, 16 Jan 2024 18:15:49 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3XRxsVqBJ9uhClxuMlHfpJ4TFcwCuTbhwNihGhcUQMrN3R9FVfXrR8tIsm3kiN%2FSH1Q5g1r9BIr2F4%2FtopXQgxTUDRx%2B%2BhRSItLz8rdeXNtsVu6erd2poJjijkvVYsO57myGeICdvC4c"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
846858949b2036cd-YYZ
x-pushplatformapp-params
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.177.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://herbalsyde.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
846858913c5536cd-YYZ
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Tue, 16 Jan 2024 18:15:48 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKKiFE1CLplOmOkL8AhtcDizBLz8auGOKGXL5dhkBm5jXeOVZUPMrQ7Jme8DnwkcncqDZ4sftjYposPfhGgKOez7InMveXI5%2FDsnHuDAuIzTX90OEAD%2F2qCStjl6TLglpxSR0ULWQgg4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.177.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://herbalsyde.xyz/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Tue, 16 Jan 2024 18:15:49 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kEhn3qSW5QocfTwMav2jhzu4cXICPYcsKi4eIrTycdkuvWhNzFSMnBIkIL%2F7uvDa40RTnU0FKI0aWCoy%2F97tzhzu2ZHdTW8%2BNdTw9BzCx7wCK6T6yzLHmM0VRarKe6UDHWLtF4WQ9b%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
846858949b2436cd-YYZ
x-pushplatformapp-params
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.177.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://herbalsyde.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
846858913c5b36cd-YYZ
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Tue, 16 Jan 2024 18:15:48 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRqoTA4x7Uixtx8l8z6ln5PJZjqWjbpXMoychlMzfyGkcq4q4x%2FMq%2F87ZrOCghLlrDMDi82yNeIiVKqUr2gTAm7TjdmD%2B9m09N%2FK7R%2FAv7Sxj%2BU%2BnmCtplN0CxpwaKexXr71KF9p0lG9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
dfbabb45d0d9e0c5967b5fcbd37b0f7ac33682ce265973b4c9d2c7d81ec68828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:15:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85862
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Jan 2024 18:15:48 GMT
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4&gtm=45je41a0v884746590z8844508622&_p=1705428947507&gcd=11l1l1l1l1&dma=0&cid=2006687032.1705428949&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705428949&sct=1&seg=0&dl=https%3A%2F%2Fherbalsyde.xyz%2F21e7b50188a0236efbb40bd951514b97&dr=https%3A%2F%2Fzoromangare.com%2F&dt=%5B1%5D%20Reward%20Pending%20-%20Online%20Survey%20-%20We%20Want%20Your%20Opinion!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4086
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://herbalsyde.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 18:15:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://herbalsyde.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint object| dataLayer function| $ function| jQuery object| bootstrap number| refresh_page function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| startTimer number| duration undefined| time undefined| refresh function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub function| callPushNotify string| LNG string| CMP string| CNT string| BID string| FNP string| CMPID string| API_URL object| currentdate object| months string| attrChoices string| domain string| pipeline string| zipcode string| state_selected boolean| skip_modal_email boolean| email_send_modal object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| showOfferWallU function| createQuestion function| sendOf function| replaceUrlParam function| startsurvey function| nextQuestion function| formatPhoneNumber function| overflowP function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| emailPixel function| startSurveyU function| switchTypeQuestionsU function| nextQuestionU function| validateData function| showStreetStateU function| showDisclaimer function| preventS function| count_p function| mfq_tags function| showEmailModal function| hideM string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| popUrl number| advEmail number| email_pixel string| prod_var number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Domain/Path Name / Value
zoromangare.com/ Name: uid1782
Value: 1127402127-20240116131544-51cd74691425c8c2de45052cead6d772-3038
drivercage.cc/ Name: PHPSESSID
Value: a30d37f106567d2f2fda1b04c1ce5bf8
herbalsyde.xyz/ Name: PHPSESSID
Value: d22ee9743609a050db2009adf21fb28c
.herbalsyde.xyz/ Name: _ga_DKB9VH2QW4
Value: GS1.1.1705428949.1.0.1705428949.0.0.0
.herbalsyde.xyz/ Name: _ga
Value: GA1.1.2006687032.1705428949

1 Console Messages

Source Level URL
Text
other error URL: https://herbalsyde.xyz/21e7b50188a0236efbb40bd951514b97
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

drivercage.cc
event.trk-adulvion.com
herbalsyde.xyz
trk-adulvion.com
v0kjzprcxs.storage.googleapis.com
www.google-analytics.com
www.googletagmanager.com
zoromangare.com
104.21.10.103
104.21.10.120
142.251.16.97
142.251.163.102
142.251.179.207
172.67.177.226
185.147.127.55
10ba49eb3165c20fb10cb5b2abc25543b9876aa66914075d33f2818e990b6436
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2db4a30686167f451311bbf0791f3b0224c03ee161e82354c760fa5bb0cb4dfc
313b92f0c5db5617258d1876189921d400d7723af07b04090ff720c2e6d39b5d
40a4a7e1e3b6806e9eb4b719dcdd56c7f3dec5c4991bc15b56193c7e99f719f8
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5157378a4441bc07c005f21b99d77d0c6406d86a2a55eeca84304941f8645182
5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad
6659b4426a9dba95133c0e3b27b5d952d6cc1e574b88640a7e7bcec354d902c1
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6f22b9a0110776c4289baca8bf7c86d69fa3dd40e3f383135df5bcd4f41e0fc9
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
91caebaa07e970b9566eb195570097c03616d933955113dbfb1eced337a5f8b5
9437d87812b34d91f53e5421eeed60dd3aa108b42cb34f4a8dbb855a0531a55b
9cbbb24c773cd0e084c5962385a93f171eb55ecf1b2f18391f1f95320b31a181
bba8f9db54ccf37520888d62fc42c11c612c45e25feac44395e9ab42b2f966b8
bdbd0b5f18b8f392c2690d46eab91ad506f93a79ded7318b5cc547ed975a4529
d68a06bf91c24463d519151b0f6bdb8212ffd2ee73cdc03b2ea13d7ba17b4b8f
dfbabb45d0d9e0c5967b5fcbd37b0f7ac33682ce265973b4c9d2c7d81ec68828
e061934e3e59bb4572a66216f0474b7cf744596985c83893ab7146cb4b76292f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b