urlscan.io logo urlscan.io
SecurityTrails logo

herbliveoffer.com Open in urlscan Pro
2606:4700:3036::6815:25d5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://state.mounajaate.com/Z3VMR2FHTEhYZmJZUGpWVURUbmpTVkpwVTY0VUVXQnc4QkY3WkVQV01KYmJpR1dPUkZkbDFaamk4RHdPSXdkR000UitUOHhM...
Effective URL: https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&click...
Submission: On March 27 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3036::6815:25d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is herbliveoffer.com.
TLS certificate: Issued by GTS CA 1P5 on February 24th 2023. Valid for: 3 months.
This is the only time herbliveoffer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.156.27.77 56971 (CLOUDBACK...)
1 1 185.197.30.21 63473 (HOSTHATCH)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
10 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2607:f8b0:400... 15169 (GOOGLE)
7 2600:9000:220... 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
24 5
1    45.156.27.77 (Russian Federation)

ASN56971 (CLOUDBACKBONE, HK)
state.mounajaate.com
1    185.197.30.21 (Los Angeles, United States)

ASN63473 (HOSTHATCH, US)
PTR: corenectria.com
www.tweeneafu.com
1    2606:4700:3031::6815:3688 (United States)

ASN13335 (CLOUDFLARENET, US)
bsttpl.com
10    2606:4700:3036::6815:25d5 (United States)

ASN13335 (CLOUDFLARENET, US)
herbliveoffer.com
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2607:f8b0:4006:80f::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2600:9000:2209:7c00:b:4623:cac0:21 (United States)

ASN16509 (AMAZON-02, US)
d3e1y4kxkqljcb.cloudfront.net
4    2607:f8b0:4006:80c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 herbliveoffer.com
herbliveoffer.com
29 KB
7 cloudfront.net
d3e1y4kxkqljcb.cloudfront.net
161 KB
4 gstatic.com
fonts.gstatic.com
49 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 673
33 KB
1 bsttpl.com
bsttpl.com — Cisco Umbrella Rank: 567116
1 KB
1 tweeneafu.com
www.tweeneafu.com
374 B
1 mounajaate.com
state.mounajaate.com
448 B
24 8
Domain Requested by
10 herbliveoffer.com herbliveoffer.com
code.jquery.com
7 d3e1y4kxkqljcb.cloudfront.net herbliveoffer.com
code.jquery.com
4 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com herbliveoffer.com
1 code.jquery.com herbliveoffer.com
1 bsttpl.com 1 redirects
1 www.tweeneafu.com 1 redirects
1 state.mounajaate.com 1 redirects
24 8

This site contains no links.

Subject Issuer Validity Valid
*.herbliveoffer.com
GTS CA 1P5		 2023-02-24 -
2023-05-25		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
Frame ID: BE2C1A0288DADDE7B08D096EA606BFDC
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending!

Page URL History Show full URLs

  1. http://state.mounajaate.com/Z3VMR2FHTEhYZmJZUGpWVURUbmpTVkpwVTY0VUVXQnc4QkY3WkVQV01KYmJpR1dPUkZkbDFaamk4... HTTP 302
    https://www.tweeneafu.com/GdBnyQt3HyfYb2OCd_prZZo6V_a4UThNwkNPubCn9WPkd2qo88B-43if-7j-cKaXl7cnAvEPGji6... HTTP 302
    https://bsttpl.com/click.php?key=2m8jz9zxtm3j1bs2lluv&clickid=720502143&subid=822982&target=sf HTTP 302
    https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&langua... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

75 %
IPv6

8
Domains

8
Subdomains

5
IPs

3
Countries

274 kB
Transfer

418 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://state.mounajaate.com/Z3VMR2FHTEhYZmJZUGpWVURUbmpTVkpwVTY0VUVXQnc4QkY3WkVQV01KYmJpR1dPUkZkbDFaamk4RHdPSXdkR000UitUOHhMTEw4MjZDUG9KaGd4N0lHd2ZMeFF6cFFCdG1yQU9YY3VLdVE9 HTTP 302
    https://www.tweeneafu.com/GdBnyQt3HyfYb2OCd_prZZo6V_a4UThNwkNPubCn9WPkd2qo88B-43if-7j-cKaXl7cnAvEPGji6HLHvzqZjW1Yzrpvi6NnaHn7RcNkAUmQ~/2/49548_24/765_3948296_1255_591601_md HTTP 302
    https://bsttpl.com/click.php?key=2m8jz9zxtm3j1bs2lluv&clickid=720502143&subid=822982&target=sf HTTP 302
    https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index_5_d.php
herbliveoffer.com/visitor_us_br_n/
Redirect Chain
  • http://state.mounajaate.com/Z3VMR2FHTEhYZmJZUGpWVURUbmpTVkpwVTY0VUVXQnc4QkY3WkVQV01KYmJpR1dPUkZkbDFaamk4RHdPSXdkR000UitUOHhMTEw4MjZDUG9KaGd4N0lHd2ZMeFF6cFFCdG1yQU9YY3VLdVE9
  • https://www.tweeneafu.com/GdBnyQt3HyfYb2OCd_prZZo6V_a4UThNwkNPubCn9WPkd2qo88B-43if-7j-cKaXl7cnAvEPGji6HLHvzqZjW1Yzrpvi6NnaHn7RcNkAUmQ~/2/49548_24/765_3948296_1255_591601_md
  • https://bsttpl.com/click.php?key=2m8jz9zxtm3j1bs2lluv&clickid=720502143&subid=822982&target=sf
  • https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=16...
25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:25d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1a2ad73e4df4d5c6e312cb726892ac5cd0096a5a57334b5848bf388c046b103

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ae3f182bb002361-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 01:43:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ax8ZI3gSxQjNvZTf32szzKqrf82wsMpockwUwdG3TquiIUSOjI2KFq65UyPI0sF9kKhF7Xg3WlTdIYVjbgxXWLGcY8kaHIOSM9scuOMV%2Fi7QKU4DfhyLoMX%2F6fvd%2B49XklnKARhTluz3dnN57PgVyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ae3f1805b2043c1-EWR
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 01:43:36 GMT
location
https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wx1GB%2B%2Bp5xo4MQ79dn1y%2BCtLQ7qT%2FlMklkvX7gbh9W6PKQkrNRKuiDsauuDeQdDyv1JAejz4x%2B72jtOwIrSogDqiXeJDHPDOaeacFJ1ZymElqaqBEwzCYV4RvsKqtWlD3OrbtiVLL%2FjP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
style_library_2.css
herbliveoffer.com/visitor_us_br_n/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herbliveoffer.com/visitor_us_br_n/css/style_library_2.css
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:25d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c518fb34724efd42bae2c47d508072bb6bdd5415dba774cd493012d49664c3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 01:43:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 13 Mar 2023 11:21:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
187826
etag
W/"640f0726-78e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjnWyH1kzU1JgnnaoiW0aNcFKcAJ%2BWhQ6IRZUvh3UnhY1g%2F0TUbhGZsEueOLmxJilJmFzEcfkOGhkEy5DldtpBpaGqs3yzlP147k7H0bMgRmo5inQXx0cwaVfUwVaGHFkMUfLxvCSABuBTPudmje7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7ae3f1844c672361-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-1.11.1.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.1.min.js
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 01:43:36 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-1762a"
vary
Accept-Encoding
x-hw
1679881416.dop051.ny3.t,1679881416.cds136.ny3.hn,1679881416.cds241.ny3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33202
script_11_d.js
herbliveoffer.com/visitor_us_br_n/js/ 		40 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herbliveoffer.com/visitor_us_br_n/js/script_11_d.js
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:25d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a5aa68aff3d03f437fc78ff8722cee7282e594ae0712a75480d3ca5bdff417

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 01:43:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Feb 2023 09:31:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
187826
etag
W/"63fdc9fd-9ea6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YMwNkYGC5Oa5uqaEhyo4Z97RhiW4gYghXDxtEyDO4EcwXsfooOwi7gM6wEOap4ejLUg55SnnRZzImaDy3MQUUcPnz%2FYp9CV6xAE1aP0rtAFoRBj3qmG5EgyfoChPDdEuETmXMigoCT9y0kVW2masfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
7ae3f1844c692361-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
redirect_bin.js
herbliveoffer.com/ 		2 KB
913 B 		Script
General
Check archive.org
Download Go to
Full URL
https://herbliveoffer.com/redirect_bin.js
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:25d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3101c0886e354e74d0e54884028f9fa47fd0f3ff4d7e78809bb54e3e051c410

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 01:43:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Mar 2023 13:37:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
187826
etag
W/"641da79d-943"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCLj73BqYRJR3AfmM0vNnq06UwEMK94Cp03nxDzfCZqZQckXtwmAGtOGheMkWLSGCXJcXkFmmCEmewel1fashUZ8s1kpeLU8X0uuDMWDEdWVIBuDrqnAg795b9A1a8nRiVHE3O8aX%2B%2BCkN8bI%2FiTfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
7ae3f1844c6a2361-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/css/style_library_2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c90eba2b1201d3b862d6a9fc0d3c7c0b58087260c9d57c3a38f03a4904fcc526
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Mar 2023 01:43:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 01:43:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Mar 2023 01:43:36 GMT
css2
fonts.googleapis.com/ 		2 KB
553 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@400;700&display=swap
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/css/style_library_2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
461ce13378d36e43fd837a21e9eb9b0c2e0da67c34f55017afa89b1c95f4aa1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 27 Mar 2023 01:43:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 27 Mar 2023 01:08:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 27 Mar 2023 01:43:36 GMT
2204_banner_gift_new.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/2204_banner_gift_new.png
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7c00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dccd3eaa0b5aa03c75207d302b7f7c2dd8748c53a7903a34e022a7e97cc8e5bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

x-amz-version-id
4ie6_YUdv.UzAmJG4ajkkFEKA5Seme0M
date
Sun, 26 Mar 2023 11:59:17 GMT
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 10:51:30 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
49460
x-amz-server-side-encryption
AES256
etag
"1787892eef4ecf7f458abb631c008610"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
47656
x-amz-cf-id
CsRodi_KvFZAHT6WAA0Z4wZZ81noVWMQ1M8uR_MQzPz3FmT-6K31Bw==
flag_best_ql_new.jpg
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/flag_best_ql_new.jpg
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/css/style_library_2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7c00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
478ef005ca37bc27bf87c87c345044f72d4cb4a197980c97639b96e276333583

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

x-amz-version-id
uXRn.WDN1d7GM_VQgfC6m6FpQIhNu4Zr
date
Sun, 26 Mar 2023 10:35:23 GMT
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 10:51:31 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
54494
x-amz-server-side-encryption
AES256
etag
"1d383409f217d3e92b61448eee9bdbad"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
4720
x-amz-cf-id
DX3XVL2hcweVbA6Icck9VppvI3RQJ0t05fn2Bfoghv7MuUCXhAAhEg==
line_background4.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/line_background4.png
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/css/style_library_2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7c00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9144afcf99db928e2f67372c78684c5e4d37352700f47abb00992fe60155fae7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

x-amz-version-id
MhoF05G5kGnYWTDTNUZnmaMztuyzUHC3
date
Sun, 26 Mar 2023 11:39:09 GMT
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
last-modified
Mon, 23 Aug 2021 15:43:45 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
50668
x-amz-server-side-encryption
AES256
etag
"375e3524d7f8353cb120bb59e9b66c05"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
62543
x-amz-cf-id
qVQUFxwzgH7q9icAzK-2u5BwB2IJtRVN5VgxwfcCtg-V28hPARHK0Q==
sprite_36.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/sprite_36.png
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/css/style_library_2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7c00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38b50f6dc301d2c63ca7975ff920a113142f48fe03fddc0c76a6b490659f3c30

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

x-amz-version-id
LT94HTVRnQOddEXQzjoxSTVHw12d7D2E
date
Sun, 26 Mar 2023 18:37:15 GMT
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
last-modified
Mon, 13 Mar 2023 09:47:56 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
25581
x-amz-server-side-encryption
AES256
etag
"2fc30cef43c7aa13f43b2165734a9a5c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
17381
x-amz-cf-id
-7AKGjOVf_ouGbPZ8SmqwKeAoBcCMh8BTjUWaHr-bkwWxR45rYPfRg==
new_footer3_new.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/new_footer3_new.png
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/css/style_library_2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7c00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d582fc572fcd358cc801fbdf70e64c4382ea51bd1fc99da523d15ea6a8a96da5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 02:48:33 GMT
x-amz-version-id
r63QuLj9bNbq8ONgsK5zpePMuVJAtJ_a
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 11:00:29 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
82504
etag
"5af252594d2faad40de603f9b1be9edc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9110
x-amz-cf-id
EDCD6f-o5h0rbiFlgzdPutoWuDe4Nsm6j4tSBtyXfwgxudlLHoDmNA==
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://herbliveoffer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:55:04 GMT
x-content-type-options
nosniff
age
316112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 09:55:04 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://herbliveoffer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:55:05 GMT
x-content-type-options
nosniff
age
316111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 09:55:05 GMT
7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2
fonts.gstatic.com/s/barlow/v12/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb474dc9b3e75c8ec335bab847cb29ec7e89da057ad068abdb99da4585366c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://herbliveoffer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:55:21 GMT
x-content-type-options
nosniff
age
316095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 09:55:21 GMT
icomoon.ttf
herbliveoffer.com/visitor_us_br_n/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://herbliveoffer.com/visitor_us_br_n/fonts/icomoon.ttf?8kxqkv
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:25d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3be5ef84c52eb0cfade8eed6201d22158622ce389a791bc824d8cd5b672d8b

Request headers

Referer
https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
Origin
https://herbliveoffer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 01:43:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
187648
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1296
last-modified
Mon, 13 Feb 2023 15:47:48 GMT
server
cloudflare
etag
"63ea5ba4-510"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjW1iRubWH3cxsqDbbpBoipJJnjuYG8tosDhZjXxv7IHCthUDrFzfeyEz6DmQao%2FC7AftxOD%2BluNV1Gkx94WZecGywa3U9KhLaVbFa9E6WZgWj9HyroqJVcZHwGOotwWlEGwCb24OrfKTmy562CC3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7ae3f184cd7e17f9-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v30/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsTYl4BO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,700;1,300;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1381e1f2e5800898923537ec58c4a964368db8c0f7553f30483a20c604986e0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://herbliveoffer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Thu, 23 Mar 2023 09:55:25 GMT
x-content-type-options
nosniff
age
316091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12816
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Mar 2024 09:55:25 GMT
gift.css
herbliveoffer.com/visitor_us_br_n/css/ 		770 B
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herbliveoffer.com/visitor_us_br_n/css/gift.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:25d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ed54c2268f43eef870de3bfa28a55b6c3be33cb872b16cb840f8eba7b446fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 01:43:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 08:56:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
187648
etag
W/"62a30720-302"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WBxOBKODbJQ4RT%2FP2CJa0T1%2FKe6jFEQ2HIj6NYSLp%2B3ntE8lT72Ce8RZasrLbXbcfAxoZ8snDFwnYLBPGTRqQAw1zuwPIQZHSLW3DSTb4xrHtIV3JKPvTEcbmdrjFtlqZzLWlwX82Q1msTd1wb82w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7ae3f184ed9617f9-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
sf.css
herbliveoffer.com/visitor_us_br_n/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herbliveoffer.com/visitor_us_br_n/css/sf.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:25d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baeb736fd6b23e537d40fcf84732ac023bd407ef5f62b4adc96f97b9246a9c14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 01:43:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Mar 2023 21:30:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
187738
etag
W/"641e167a-675"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sizuYy6YbgxO7%2B4TDq8dGbiewBdDAlTuhxl%2Fs2olS99djqEPfhyU%2Fy48yr%2Bi6XGaXw797A0NSHU48sUGb6BJzdrZ%2BZlFkMu1Sh45gMG46NcD4Yqj61lbWSMunnQ6ZC6pMCBCECVlMwgXqDc8razbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7ae3f184fd9c17f9-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
sf.json
herbliveoffer.com/visitor_us_br_n/datas/ 		989 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://herbliveoffer.com/visitor_us_br_n/datas/sf.json
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:25d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db674fa45abc9c07f3eee72fb8f89cdb910fa9ea364a4432d7c28a5f1cfd562d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 01:43:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 06 Dec 2022 09:08:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"3dd-5ef25277e964f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vR0fCRdm%2F%2BpoW7kmXdefkZt4Fnp7DQwq6L3EcOHB1J%2BwCQEq8NVy8ueqlbeCpj5mm6uWJJh7EJWfQIznNFjuWUR61OONKFPYChO%2F6n9PlC0i%2BHEMDkhrKrrm%2F4fORf10jIqho2sPJrcpXKx1mO3XWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
7ae3f184fd9d17f9-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
halloween_sweeps.css
herbliveoffer.com/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herbliveoffer.com/halloween_sweeps.css
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:25d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8328bab88f30849150677f8e75d79ac10518e91082df483c07f2e85add94de12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 01:43:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Mar 2023 13:40:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
187845
etag
W/"641da830-e3d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltEin%2FQoltbZh3T7R9uYLP88Xl1Tl9%2FPeCwKrkpyfuivaC19ZpQ3XC08hxHevqCDnK1j0uRvdi7eHv5%2FzrzPrHKj6SQ%2Bi67MGn1jI4JXg6QoM42ake%2BR8KMOgCSiQSAQrJtx8ud8fNh4a5NVGcwotw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
7ae3f184fda417f9-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
gift_cir_sf.png
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/gift_v2/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/gift_v2/gift_cir_sf.png
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/visitor_us_br_n/index_5_d.php?device_name=Desktop&browser_name=Safari&language=en-US&city=&clickid=47c8aoj7sira01a0&campaign=2855&user_id=1&clickcost=0&lander=1889&time=1679863415&browser_version=unknown&device_model=Desktop&device_brand=Desktop&resolution=desktop&os_name=MacOS&os_version=13.2.1&country=United%20States&country_code=US&isp=Unknown&ip=2a0d:5600:24:1500:1012:fc50:2549:4009&user_agent=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2013_2_1)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/110.0.0.0%20Safari/537.36&lpkey=1681794188bc170c15&target=sf&device=DESKTOP&country=US&ts={t9}&trafficsource=113&uclick=oj7sira0&uclickhash=oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7c00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f293ec09674a5f3955bb1b1320b0f75aa16acc96ad413799439a79cf16bc0e10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

x-amz-version-id
I9MCDGWPdLWvhELAo6Ur6jfu8yYCUEqI
date
Sun, 26 Mar 2023 15:49:49 GMT
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 08:37:22 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
35628
x-amz-server-side-encryption
AES256
etag
"3b217cbaea19afe517388b55db94f1fd"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
17784
x-amz-cf-id
wwnVUDBj6-miv7R1MNVhU4uG0Uz1qExG-RVuYL4jeDjNVNEifGSylw==
icomoonMain.ttf
herbliveoffer.com/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://herbliveoffer.com/icomoonMain.ttf?sicb8u
Requested by
Host: herbliveoffer.com
URL: https://herbliveoffer.com/halloween_sweeps.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:25d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e99003f5d746f15741333c91e9553fa75c9d9e56a501d26fe5fb5a303c5c56f9

Request headers

Referer
https://herbliveoffer.com/halloween_sweeps.css
Origin
https://herbliveoffer.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 01:43:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
187648
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1796
last-modified
Fri, 24 Mar 2023 13:00:39 GMT
server
cloudflare
etag
"641d9ef7-704"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHZeFatZhqclFCa3cSG5j5toINR8RswNJ3NXZwddD3ItDJcqGDvb7TjGFRfxBJhFddGdrx1QRH6JbAo8gFmM6Xdszjr1JQzOhSMnoHNfTG4m4ZTvVAo6GD5cchPKKkQhZLH3au8uVfJyvfj92IFvnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7ae3f1851dbd17f9-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
conf.js
d3e1y4kxkqljcb.cloudfront.net/survey_us_d/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e1y4kxkqljcb.cloudfront.net/survey_us_d/conf.js?_=1679881416432
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7c00:b:4623:cac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ac18ce9dd50403ef42cedc8bc65eb3b415131d6c6c2b667c425bebae2f3d08c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://herbliveoffer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36

Response headers

date
Sun, 26 Mar 2023 06:18:27 GMT
x-amz-version-id
XRrWbkwz6unc8ZdaxnBdPgKNFZoZKJwD
via
1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 11:17:49 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
69910
etag
"78213dd6bc428cd3b11c6d408b0657db"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3028
x-amz-cf-id
smM3n-OsipUZSdwa5dUv-ZcVYIZyM8fj4sLPs228MW_MCpXRd5cBHQ==

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery function| $_GET object| months object| days object| time object| d string| dateNow object| now string| targets string| gift string| css function| loadingData function| PopUpShow function| PopUpHide function| drawszlider function| timer string| target object| jQuery111108377759797839452 string| redirect_url string| back_url_link function| isIE object| comments function| startTimer number| slidewhere number| holvanszlider function| loadingOffers function| timer1 object| mydate number| year number| day number| month number| daym boolean| onlyOnKonami string| titleOut

3 Cookies

Domain/Path Name / Value
.tweeneafu.com/ Name: uid11147
Value: 720502143-20230326214335-b005d2da40d0cc9e391e4d683ad10e31-
bsttpl.com/ Name: uclick
Value: oj7sira0
bsttpl.com/ Name: uclickhash
Value: oj7sira0-oj7sira0-gmho-16dz-2toj-xouodz-irbg0-f82890

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bsttpl.com
code.jquery.com
d3e1y4kxkqljcb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
herbliveoffer.com
state.mounajaate.com
www.tweeneafu.com
185.197.30.21
2001:4de0:ac18::1:a:1b
2600:9000:2209:7c00:b:4623:cac0:21
2606:4700:3031::6815:3688
2606:4700:3036::6815:25d5
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80f::200a
45.156.27.77
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
1381e1f2e5800898923537ec58c4a964368db8c0f7553f30483a20c604986e0e
38b50f6dc301d2c63ca7975ff920a113142f48fe03fddc0c76a6b490659f3c30
3c518fb34724efd42bae2c47d508072bb6bdd5415dba774cd493012d49664c3e
461ce13378d36e43fd837a21e9eb9b0c2e0da67c34f55017afa89b1c95f4aa1c
478ef005ca37bc27bf87c87c345044f72d4cb4a197980c97639b96e276333583
4ac18ce9dd50403ef42cedc8bc65eb3b415131d6c6c2b667c425bebae2f3d08c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
69ed54c2268f43eef870de3bfa28a55b6c3be33cb872b16cb840f8eba7b446fd
6e3be5ef84c52eb0cfade8eed6201d22158622ce389a791bc824d8cd5b672d8b
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
8328bab88f30849150677f8e75d79ac10518e91082df483c07f2e85add94de12
9144afcf99db928e2f67372c78684c5e4d37352700f47abb00992fe60155fae7
baeb736fd6b23e537d40fcf84732ac023bd407ef5f62b4adc96f97b9246a9c14
c90eba2b1201d3b862d6a9fc0d3c7c0b58087260c9d57c3a38f03a4904fcc526
cb474dc9b3e75c8ec335bab847cb29ec7e89da057ad068abdb99da4585366c8c
d1a2ad73e4df4d5c6e312cb726892ac5cd0096a5a57334b5848bf388c046b103
d3a5aa68aff3d03f437fc78ff8722cee7282e594ae0712a75480d3ca5bdff417
d582fc572fcd358cc801fbdf70e64c4382ea51bd1fc99da523d15ea6a8a96da5
db674fa45abc9c07f3eee72fb8f89cdb910fa9ea364a4432d7c28a5f1cfd562d
dccd3eaa0b5aa03c75207d302b7f7c2dd8748c53a7903a34e022a7e97cc8e5bd
e3101c0886e354e74d0e54884028f9fa47fd0f3ff4d7e78809bb54e3e051c410
e99003f5d746f15741333c91e9553fa75c9d9e56a501d26fe5fb5a303c5c56f9
f293ec09674a5f3955bb1b1320b0f75aa16acc96ad413799439a79cf16bc0e10