www2.herbalfun.net Open in urlscan Pro
66.254.104.1  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://signup.herbalfun.net/ Page URL
2. https://www2.herbalfun.net/signup Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response signup.herbalfun.net/	39 KB 7 KB	525ms 469ms	Document text/html	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://signup.herbalfun.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash f86f6e44ce407adf18bf86c680dc06fec4e7c38191868abedc2edca9abf0ae19 Request headers :method GET :authority signup.herbalfun.net :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Sun, 02 Aug 2020 01:38:55 GMT cache-control max-age=3600 content-encoding gzip content-length 7013 content-type text/html last-modified Thu, 23 Jul 2020 15:58:48 GMT accept-ranges bytes content-md5 03q07gcTZa3HewrmKPLaIQ== etag "0x8D82F21492B55FD" server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-error-code ConditionNotMet x-ms-request-id 4e6b068e-301e-0044-496d-682d7a000000 x-ms-version 2018-03-28 x-hw 1596332335.cds019.pa1.hn,1596332335.cds013.pa1.sc,1596332335.cds013.pa1.pr access-control-allow-origin *
GET H/1.1	200 OK	Primary Request Cookie set signup Show response www2.herbalfun.net/	22 KB 10 KB	1184ms 803ms	Document text/html	66.254.104.1 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://www2.herbalfun.net/signup Requested by Host: signup.herbalfun.net URL: https://signup.herbalfun.net/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US), Reverse DNS Software Apache / Resource Hash d32201ccb590625d03407da4905cac334ce4a53f60c7b2248fdb110ec65abc0a Request headers Host www2.herbalfun.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer https://signup.herbalfun.net/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://signup.herbalfun.net/ Response headers Date Sun, 02 Aug 2020 01:38:56 GMT Server Apache Set-Cookie PHPSESSID=8n1bpcmkijpk9j62p258opsl51; path=/ studcat=1; expires=Tue, 01-Sep-2020 01:38:56 GMT; Max-Age=2592000 hide_browse_library=1; expires=Mon, 02-Aug-2021 01:38:56 GMT; Max-Age=31536000; path=/ visitidwww_security_key=b90c82aa85f5a38b4ebf13817644d0af; expires=Mon, 03-Aug-2020 01:38:56 GMT; Max-Age=86400; path=/; domain=.herbalfun.net visitidwww=1596332336; expires=Mon, 03-Aug-2020 01:38:56 GMT; Max-Age=86400; path=/; domain=.herbalfun.net ref_security_key=212e0595d3d81c93f0eb709d0c60fad2; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.herbalfun.net campaign_id_security_key=ba42e19fb8aa6bcaaeee5156ab615a70; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net campaign_id=0; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net program_id_security_key=c7507f47ce662b64ff1d1add91233975; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net program_id=0; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net affiliate_id_security_key=dc2181341c832029005852771ae9f74d; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net affiliate_id=0; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net sub_campaign_security_key=6ce2879930ae0db4adfff19100cad6bb; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net sub_campaign=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.herbalfun.net site_id_security_key=c4b3a7a1af671ee3b89481582c04293e; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net site_id=544; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net 23ac65279d7161cf540f047929e030ee_security_key=be5e4ab9d48fcab80707b0a58c6f3dc3; expires=Sun, 02-Aug-2020 05:38:56 GMT; Max-Age=14400; path=/; domain=.herbalfun.net 23ac65279d7161cf540f047929e030ee=1; expires=Sun, 02-Aug-2020 05:38:56 GMT; Max-Age=14400; path=/; domain=.herbalfun.net product_id_security_key=54613a1fef2fa1226d5c8a8050e9c4be; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net product_id=0; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net adserver_security_key=d42ac75fb1ed34564784cde324cabdd5; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net adserver=non-adserving; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net c_group_security_key=f1f844a78fee221a4e6b5466b2dd836f; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net c_group=0; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net segment_id_security_key=936878286503c40bd46b242cbd742833; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net segment_id=0; expires=Sun, 02-Aug-2020 02:38:56 GMT; Max-Age=3600; path=/; domain=.herbalfun.net track_dimensions_security_key=e805feb51813fc5003fd328cdc178111; expires=Sat, 31-Oct-2020 01:38:56 GMT; Max-Age=7776000; path=/; domain=.herbalfun.net track_dimensions=eJxtVMGOmzAQ%2FZWI%2B1JDSDZlT%2B2qx1UPVaXerIkZiLtgI9tAo6r%2F3jExxEF7wnoznpn35mEoi2P515YZK5MKHHKoKqySF0I%2Bl0nOcvbETk8s2%2BWs3LOSsTmUl0kLqpKq4T006LH8UCbTNOXpBc0Z2npQqUL3ycpGDb1POFID3YFUc4XTR9lzpCgTgzUaNPyeT92TW6kPbuT3Gz24i8co3X%2BIAlRRmQA%2Fz%2FAm9wYOSroIzLIyEdD1QL25JF1kyV5uavVGNwa6GKVBoK5lK72Qd5yUqY3FJqq7JzqsjhvRXTuc%2BdIsClFEW38gzd5A7L7%2F2P1KwhDa8hGNlVqFqm9fXgOZs9GTRROkf70Y3c2Lyg5rLL5LUp32KUuLjO3nND8ighEXjqqRCh9l7VsQ2KFyGw7OeAUEd9cew8zzbkwwFaUIPShnrlzoCgO%2Fr98Wx9Ut2MsyF%2B%2FgtzarvPtNeAkQvR6uenBrZrYg6xzLiGzdcrw4yrcdGEfu38DCIDg5xuv0Asbu39zowVqs%2BBnE%2BwI%2Fe%2FOuljgUxdJzdjSvWz3FJPFPj0Z6caPS%2BWNgBEMu8xo9urLDSsLKmu5A2y7EybHVIOKiR7%2BdJjggSHTyCpE5xpt3%2FEBKq6cbRpyDvQRvjPZ%2Fduh9WiFOVt8Mnx3vniPpmiE8GlTnp3pXelrsa%2BvxYSnzGFxBt74x9DodWHFI6ZuSs1oUjk7hKSj8n8bHjScX3g9e%2BPcfFTSQww%3D%3D; expires=Sat, 31-Oct-2020 01:38:56 GMT; Max-Age=7776000; path=/; domain=.herbalfun.net RNLBSERVERID=ded5045cmBVjRCJfk3WucReo0xUI44L; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 5185 Content-Type text/html; charset=UTF-8
GET H2	200	css fonts.googleapis.com/	2 KB 577 B	14ms 13ms	Stylesheet text/css	2a00:1450:4001:825::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Oxygen:400,300,700 Requested by Host: www2.herbalfun.net URL: https://www2.herbalfun.net/signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e1e415b221fcf1939c5a3893b1e8408285a5dbf4a26c0c46f6cb461d6ca87caa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www2.herbalfun.net/signup User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 02 Aug 2020 00:30:25 GMT server ESF date Sun, 02 Aug 2020 01:38:57 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 02 Aug 2020 01:38:57 GMT
GET H/1.1	200 OK	main.php www2.herbalfun.net/css/	114 KB 21 KB	158ms 158ms	Stylesheet text/css	66.254.104.1 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://www2.herbalfun.net/css/main.php Requested by Host: www2.herbalfun.net URL: https://www2.herbalfun.net/signup Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US), Reverse DNS Software Apache / Resource Hash 085d7cf5d4c86b08c439061cd44b085eb76fd1f5f0bea3d19dc72f828720e14d Request headers Referer https://www2.herbalfun.net/signup User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma public Date Sun, 02 Aug 2020 01:38:57 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control 31536000 Content-Length 21132 Expires Mon, 2 Aug 2021 01:38:57 GMT
GET H/1.1	200 OK	logo_h.png www2.herbalfun.net/uploads/	21 KB 21 KB	353ms 119ms	Image image/png	66.254.104.1 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://www2.herbalfun.net/uploads/logo_h.png Requested by Host: www2.herbalfun.net URL: https://www2.herbalfun.net/signup Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US), Reverse DNS Software Apache / Resource Hash 6219f84c766da9eb12c31eb5cce8737b4d86df0c1cf7fa5d04f2778bb35111d5 Request headers Referer https://www2.herbalfun.net/signup User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 02 Aug 2020 01:38:57 GMT Last-Modified Thu, 15 Sep 2016 16:36:06 GMT Server Apache ETag "52a2-53c8e7136e980" Content-Type image/png Cache-Control max-age=31536000 Accept-Ranges bytes Content-Length 21154 Expires Mon, 02 Aug 2021 01:38:57 GMT
GET H/1.1	200 OK	main_silveris_2.php Show response www2.herbalfun.net/js/	208 KB 62 KB	376ms 142ms	Script application/javascript	66.254.104.1 REFLECTED
General Check archive.org Show headers Download Go to Full URL https://www2.herbalfun.net/js/main_silveris_2.php?ver=1.0.0 Requested by Host: www2.herbalfun.net URL: https://www2.herbalfun.net/signup Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US), Reverse DNS Software Apache / Resource Hash 0bd8dea687847bb8b5c44bf30b035823f76101045451b4593039649bfc75d7e2 Request headers Referer https://www2.herbalfun.net/signup User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma public Date Sun, 02 Aug 2020 01:38:57 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Content-Type application/javascript Cache-Control 31536000 Transfer-Encoding chunked Expires Mon, 2 Aug 2021 01:38:57 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	171 KB 53 KB	15ms 14ms	Script application/javascript	2a00:1450:4001:821::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NTC28N5 Requested by Host: www2.herbalfun.net URL: https://www2.herbalfun.net/signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a863a2cd8370e44844056e1fd9931c8bcb651a450dc25a5ada762bd254d3200a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www2.herbalfun.net/signup User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 02 Aug 2020 01:38:57 GMT content-encoding br vary Accept-Encoding status 200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53724 x-xss-protection 0 last-modified Sun, 02 Aug 2020 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 02 Aug 2020 01:38:57 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTC28N5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www2.herbalfun.net/signup User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 04 Jun 2020 23:38:14 GMT server Golfe2 age 3916 date Sun, 02 Aug 2020 00:33:41 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18469 expires Sun, 02 Aug 2020 02:33:41 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 108 B	13ms 13ms	Image image/gif	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1030483248&t=pageview&_s=1&dl=https%3A%2F%2Fwww2.herbalfun.net%2Fsignup&dr=https%3A%2F%2Fsignup.herbalfun.net%2F&dp=%2Fsignup&ul=en-us&de=UTF-8&dt=Upgrade&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=793861470&gjid=650836586&cid=317079744.1596332337&tid=UA-160266386-1&_gid=937060068.1596332337&_r=1&gtm=2wg7m1NTC28N5&z=437424799 Requested by Host: www2.herbalfun.net URL: https://www2.herbalfun.net/signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www2.herbalfun.net/signup User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 02 Aug 2020 01:38:57 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2 fonts.gstatic.com/s/oxygen/v9/	10 KB 10 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oxygen/v9/2sDfZG1Wl4LcnbuKjk0mRUe0Aw.woff2 Requested by Host: www2.herbalfun.net URL: https://www2.herbalfun.net/signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Oxygen:400,300,700 Origin https://www2.herbalfun.net Response headers date Tue, 14 Jul 2020 12:25:30 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:20:18 GMT server sffe age 1602807 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10332 x-xss-protection 0 expires Wed, 14 Jul 2021 12:25:30 GMT
GET H/1.1	200 OK	background_signup.jpg www2.herbalfun.net/images/	64 KB 64 KB	122ms 121ms	Image image/jpeg	66.254.104.1 REFLECTED
General Check archive.org Show headers Download Go to Show image Full URL https://www2.herbalfun.net/images/background_signup.jpg Requested by Host: www2.herbalfun.net URL: https://www2.herbalfun.net/signup Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 66.254.104.1 Waltham, United States, ASN29789 (REFLECTED, US), Reverse DNS Software Apache / Resource Hash 0845fbb7ec028ac51901a709c871124a1b87043348d379bd68d93442df2282ec Request headers Referer https://www2.herbalfun.net/css/main.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sun, 02 Aug 2020 01:38:57 GMT Last-Modified Mon, 30 Jan 2017 14:27:20 GMT Server Apache ETag "10069-547509cf7e200" Content-Type image/jpeg Cache-Control max-age=31536000 Accept-Ranges bytes Content-Length 65641 Expires Mon, 02 Aug 2021 01:38:57 GMT
GET H2	200	2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2 fonts.gstatic.com/s/oxygen/v9/	10 KB 10 KB	6ms 5ms	Font font/woff2	2a00:1450:4001:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oxygen/v9/2sDcZG1Wl4LcnbuCNWgzaGW5Kb8VZA.woff2 Requested by Host: www2.herbalfun.net URL: https://www2.herbalfun.net/signup Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Oxygen:400,300,700 Origin https://www2.herbalfun.net Response headers date Wed, 15 Jul 2020 22:11:18 GMT x-content-type-options nosniff last-modified Mon, 22 Jul 2019 19:27:29 GMT server sffe age 1481259 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10280 x-xss-protection 0 expires Thu, 15 Jul 2021 22:11:18 GMT
GET H2	200	index.js Show response prod-csx-static-assets.infoserv.systems/csx-trk-client/2.1.6/	8 KB 3 KB	94ms 25ms	Script application/javascript	143.204.201.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-csx-static-assets.infoserv.systems/csx-trk-client/2.1.6/index.js Requested by Host: signup.herbalfun.net URL: https://signup.herbalfun.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.204.201.54 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-201-54.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 41c43b7c645ea0bb73afde86129182d18543ac7415381f4e4346225d29787040 Request headers Referer https://www2.herbalfun.net/signup User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 02 Aug 2020 00:50:16 GMT content-encoding gzip last-modified Tue, 06 Aug 2019 20:24:27 GMT server AmazonS3 age 5917 etag "462d9d3545a1a4bdf8fe7e8255247509" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript status 200 x-amz-cf-pop FRA53-C1 x-amz-cf-id Jv0fjCcvpAkA_QIG9jWrm8jANuWOvXscmhz33IFA4UnvAcsqetXleA== via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
GET H2	200	js Show response www.google-analytics.com/gtm/	97 KB 34 KB	19ms 18ms	Script application/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-KW55NQN&t=gtm9&cid=317079744.1596332337 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e3bf4af8c206dfb70cc92567de266b7fe5a51fb961493da550fee33c5a3f8b07 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www2.herbalfun.net/signup User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 02 Aug 2020 01:38:57 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34276 x-xss-protection 0 expires Sun, 02 Aug 2020 01:38:57 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	45 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTC28N5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www2.herbalfun.net/signup User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Thu, 04 Jun 2020 23:38:14 GMT server Golfe2 age 3916 date Sun, 02 Aug 2020 00:33:41 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18469 expires Sun, 02 Aug 2020 02:33:41 GMT
POST H2	200	track_tag Show response prod-support-process.infoserv.systems/process/	74 B 649 B	384ms 342ms	XHR application/json	13.35.254.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod-support-process.infoserv.systems/process/track_tag Requested by Host: prod-csx-static-assets.infoserv.systems URL: https://prod-csx-static-assets.infoserv.systems/csx-trk-client/2.1.6/index.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.254.37 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-254-37.fra6.r.cloudfront.net Software / Resource Hash 41bf9ca4eff56835b855fc1574c6c1b9109c2d0258377780b277955c09cf091a Request headers Referer https://www2.herbalfun.net/signup User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 content-type application/json Response headers date Sun, 02 Aug 2020 01:38:58 GMT via 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amzn-requestid caf0a1bc-0d70-45f3-acb5-639ca46d95e1 status 200 x-cache Miss from cloudfront content-type application/json access-control-allow-origin https://www2.herbalfun.net x-amzn-trace-id Root=1-5f261932-00e85cdcadc02e8e955d4762;Sampled=0 access-control-allow-headers X-Requested-With, Content-Type access-control-allow-credentials true x-amz-apigw-id Qnjf6GtyIAMForA= content-length 74 x-amz-cf-id QJLZhc40W3p0QmR7a3CUue7Pj0X4vq5fEEFJgrzJtgdtHDr8HlBmiQ==

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| google_tag_manager function| postscribe object| google_tag_data string| GoogleAnalyticsObject function| ga function| getCookieValue object| gaplugins object| gaGlobal object| gaData object| silverisApp function| doForgotPassword function| validate_login function| appendOverlay function| showLoginForm function| $ function| jQuery object| Foundation function| include string| env object| urls object| csx_exp object| google_optimize object| expClient function| parcelRequire

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.herbalfun.net/	1970-01-19 11:25:32	Name: _gat_UA-160266386-1 Value: 1
			www2.herbalfun.net/	1969-12-31 23:59:59	Name: RNLBSERVERID Value: ded5045cmBVjRCJfk3WucReo0xUI44L
			.herbalfun.net/	1970-01-19 11:25:35	Name: segment_id Value: 0
			.herbalfun.net/	1970-01-19 11:25:35	Name: adserver Value: non-adserving
			.herbalfun.net/	1970-01-19 11:25:35	Name: c_group_security_key Value: f1f844a78fee221a4e6b5466b2dd836f
			.herbalfun.net/	1970-01-19 11:25:35	Name: adserver_security_key Value: d42ac75fb1ed34564784cde324cabdd5
			.herbalfun.net/	1970-01-19 11:25:35	Name: ref_security_key Value: 212e0595d3d81c93f0eb709d0c60fad2
			.herbalfun.net/	1970-01-19 11:25:35	Name: product_id_security_key Value: 54613a1fef2fa1226d5c8a8050e9c4be
			.herbalfun.net/	1970-01-19 11:26:58	Name: _gid Value: GA1.2.937060068.1596332337
			.herbalfun.net/	1970-01-19 11:25:46	Name: 23ac65279d7161cf540f047929e030ee Value: 1
			.herbalfun.net/	1970-01-19 11:25:35	Name: segment_id_security_key Value: 936878286503c40bd46b242cbd742833
			.herbalfun.net/	1970-01-19 11:26:58	Name: visitidwww_security_key Value: b90c82aa85f5a38b4ebf13817644d0af
			.herbalfun.net/	1970-01-19 11:25:46	Name: 23ac65279d7161cf540f047929e030ee_security_key Value: be5e4ab9d48fcab80707b0a58c6f3dc3
			.herbalfun.net/	1970-01-19 11:25:35	Name: site_id_security_key Value: c4b3a7a1af671ee3b89481582c04293e
			.herbalfun.net/	1970-01-19 11:25:35	Name: sub_campaign_security_key Value: 6ce2879930ae0db4adfff19100cad6bb
			.herbalfun.net/	1970-01-19 11:25:35	Name: affiliate_id Value: 0
			.herbalfun.net/	1970-01-19 11:25:35	Name: affiliate_id_security_key Value: dc2181341c832029005852771ae9f74d
			.herbalfun.net/	1970-01-19 11:25:35	Name: site_id Value: 544
			.herbalfun.net/	1970-01-20 04:56:44	Name: _ga Value: GA1.2.317079744.1596332337
			www2.herbalfun.net/	1970-01-19 20:11:08	Name: hide_browse_library Value: 1
			.herbalfun.net/	1970-01-19 11:26:58	Name: visitidwww Value: 1596332336
			.herbalfun.net/	1970-01-19 11:25:35	Name: campaign_id Value: 0
			.herbalfun.net/	1970-01-19 11:25:35	Name: campaign_id_security_key Value: ba42e19fb8aa6bcaaeee5156ab615a70
			.herbalfun.net/	1970-01-19 11:25:35	Name: c_group Value: 0
			.herbalfun.net/	1970-01-19 11:25:35	Name: program_id Value: 0
			.herbalfun.net/	1970-01-19 11:25:35	Name: program_id_security_key Value: c7507f47ce662b64ff1d1add91233975
			www2.herbalfun.net/	1970-01-19 12:08:44	Name: studcat Value: 1
			.herbalfun.net/	1970-01-19 13:35:08	Name: track_dimensions_security_key Value: e805feb51813fc5003fd328cdc178111
			.herbalfun.net/	1970-01-19 11:25:35	Name: product_id Value: 0
			.herbalfun.net/	1970-01-19 13:35:08	Name: track_dimensions Value: eJxtVMGOmzAQ%2FZWI%2B1JDSDZlT%2B2qx1UPVaXerIkZiLtgI9tAo6r%2F3jExxEF7wnoznpn35mEoi2P515YZK5MKHHKoKqySF0I%2Bl0nOcvbETk8s2%2BWs3LOSsTmUl0kLqpKq4T006LH8UCbTNOXpBc0Z2npQqUL3ycpGDb1POFID3YFUc4XTR9lzpCgTgzUaNPyeT92TW6kPbuT3Gz24i8co3X%2BIAlRRmQA%2Fz%2FAm9wYOSroIzLIyEdD1QL25JF1kyV5uavVGNwa6GKVBoK5lK72Qd5yUqY3FJqq7JzqsjhvRXTuc%2BdIsClFEW38gzd5A7L7%2F2P1KwhDa8hGNlVqFqm9fXgOZs9GTRROkf70Y3c2Lyg5rLL5LUp32KUuLjO3nND8ighEXjqqRCh9l7VsQ2KFyGw7OeAUEd9cew8zzbkwwFaUIPShnrlzoCgO%2Fr98Wx9Ut2MsyF%2B%2FgtzarvPtNeAkQvR6uenBrZrYg6xzLiGzdcrw4yrcdGEfu38DCIDg5xuv0Asbu39zowVqs%2BBnE%2BwI%2Fe%2FOuljgUxdJzdjSvWz3FJPFPj0Z6caPS%2BWNgBEMu8xo9urLDSsLKmu5A2y7EybHVIOKiR7%2BdJjggSHTyCpE5xpt3%2FEBKq6cbRpyDvQRvjPZ%2Fduh9WiFOVt8Mnx3vniPpmiE8GlTnp3pXelrsa%2BvxYSnzGFxBt74x9DodWHFI6ZuSs1oUjk7hKSj8n8bHjScX3g9e%2BPcfFTSQww%3D%3D
			www2.herbalfun.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8n1bpcmkijpk9j62p258opsl51

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://prod-csx-static-assets.infoserv.systems/csx-trk-client/2.1.6/index.js(Line 8) Message: null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
prod-csx-static-assets.infoserv.systems
prod-support-process.infoserv.systems
signup.herbalfun.net
www.google-analytics.com
www.googletagmanager.com
www2.herbalfun.net
13.35.254.37
143.204.201.54
151.139.128.11
2a00:1450:4001:808::200e
2a00:1450:4001:817::2003
2a00:1450:4001:821::2008
2a00:1450:4001:825::200a
66.254.104.1
0845fbb7ec028ac51901a709c871124a1b87043348d379bd68d93442df2282ec
085d7cf5d4c86b08c439061cd44b085eb76fd1f5f0bea3d19dc72f828720e14d
0bd8dea687847bb8b5c44bf30b035823f76101045451b4593039649bfc75d7e2
41bf9ca4eff56835b855fc1574c6c1b9109c2d0258377780b277955c09cf091a
41c43b7c645ea0bb73afde86129182d18543ac7415381f4e4346225d29787040
6219f84c766da9eb12c31eb5cce8737b4d86df0c1cf7fa5d04f2778bb35111d5
64f12bcd111be76f80de661978a9817e6701c7b62a84be48ca42f604c4a57a2e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a863a2cd8370e44844056e1fd9931c8bcb651a450dc25a5ada762bd254d3200a
d32201ccb590625d03407da4905cac334ce4a53f60c7b2248fdb110ec65abc0a
e0f49049bbf8071312c4a4554e9332d420b7277fc310ab02fb2ef031e48128f8
e1e415b221fcf1939c5a3893b1e8408285a5dbf4a26c0c46f6cb461d6ca87caa
e3bf4af8c206dfb70cc92567de266b7fe5a51fb961493da550fee33c5a3f8b07
f86f6e44ce407adf18bf86c680dc06fec4e7c38191868abedc2edca9abf0ae19
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955