www.goherbalife.com Open in urlscan Pro
2a02:26f0:3500:888::2ddc Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://beautyparty.ch/
Effective URL:
https://www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/Lookup
Submission: On May 07 via api (May 7th 2024, 10:18:00 am UTC) from CH — Scanned from CH

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 5 domains to perform 27 HTTP transactions. The main IP is 2a02:26f0:3500:888::2ddc, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.goherbalife.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 22nd 2024. Valid for: a year.

This is the only time www.goherbalife.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	89.22.106.131 89.22.106.131	8648 (ONE-NETWORK) (ONE-NETWORK)
2 3	2a02:26f0:350... 2a02:26f0:3500:888::2ddc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
27	3

2 89.22.106.131 (Germany)

ASN8648 (ONE-NETWORK, DE)
PTR: webbox442.server-home.org

beautyparty.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:888::2ddc (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.goherbalife.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	goherbalife.com 2 redirects www.goherbalife.com	2 KB
2	beautyparty.ch beautyparty.ch	681 B
0	brightcove.net Failed players.brightcove.net Failed
0	msecnd.net Failed az31823.vo.msecnd.net Failed
0	amazonaws.com Failed telerik-aspnet-skins.s3.amazonaws.com Failed telerik-aspnet-scripts.s3.amazonaws.com Failed
27	5

	Domain	Requested by
3	www.goherbalife.com	2 redirects www.goherbalife.com
2	beautyparty.ch
0	players.brightcove.net Failed	www.goherbalife.com
0	telerik-aspnet-scripts.s3.amazonaws.com Failed	www.goherbalife.com
0	az31823.vo.msecnd.net Failed	www.goherbalife.com
0	telerik-aspnet-skins.s3.amazonaws.com Failed	www.goherbalife.com
27	6

This site contains no links.

Subject Issuer	Validity	Valid
*.server-home.org Sectigo RSA Domain Validation Secure Server CA	`2023-10-18` - `2024-10-19`	a year	crt.sh
Herbalife.com DigiCert TLS RSA SHA256 2020 CA1	`2024-04-22` - `2025-04-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/Lookup
Frame ID: 0ACB57650F7C488BB3015313A3AB459F
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://beautyparty.ch/ Page URL
http://www.goherbalife.com/www.shakeparty.ch/ HTTP 307
https://www.goherbalife.com/www.shakeparty.ch/ HTTP 302
https://www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/Lookup HTTP 307
http://www.goherbalife.com/www.shakeparty.ch/ HTTP 307
https://www.goherbalife.com/www.shakeparty.ch/ HTTP 302
https://www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/Lookup Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

27
Requests

4 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

3
IPs

1
Countries

1 kB
Transfer

14 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://beautyparty.ch/ Page URL
http://www.goherbalife.com/www.shakeparty.ch/ HTTP 307
https://www.goherbalife.com/www.shakeparty.ch/ HTTP 302
https://www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/Lookup HTTP 307
http://www.goherbalife.com/www.shakeparty.ch/ HTTP 307
https://www.goherbalife.com/www.shakeparty.ch/ HTTP 302
https://www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/Lookup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
beautyparty.ch/ 380 B
433 B 117ms
33ms Document
text/html 89.22.106.131
ONE-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://beautyparty.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.22.106.131 , Germany, ASN8648 (ONE-NETWORK, DE),
Reverse DNS: webbox442.server-home.org
Software: nginx /
Resource Hash: 83aac4cadee32dccfe343036ae65b035c9f41d523769ebb2039a8330c94fdd7d

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 242
content-type: text/html
date: Tue, 07 May 2024 10:17:50 GMT
etag: "17c-539838b4afe00-gzip"
last-modified: Sun, 07 Aug 2016 23:20:24 GMT
server: nginx
vary: Accept-Encoding
x-accel-version: 0.01

GET
H2

200

Primary Request Lookup
www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/
Redirect Chain

http://www.goherbalife.com/www.shakeparty.ch/
https://www.goherbalife.com/www.shakeparty.ch/
https://www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/Lookup
http://www.goherbalife.com/www.shakeparty.ch/
https://www.goherbalife.com/www.shakeparty.ch/
https://www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/Lookup

13 KB
0

3590ms
3590ms

Document
text/html

2a02:26f0:3500:888::2ddc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/Lookup

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:888::2ddc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://beautyparty.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 5082
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 10:18:00 GMT
expires: Tue, 07 May 2024 10:18:00 GMT
pragma: no-cache
server: Microsoft-IIS/10.0
server-timing: cdn-cache; desc=MISS edge; dur=103 origin; dur=3417 ak_p; desc="1715077076537_388276620_1002681823_352012_10563_26_0_255";dur=1
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-akamai-transformed: 9 9635 0 pmb=mTOE,2mRUM,2
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 3.0
x-frame-options: DENY
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

cache-control: max-age=0, no-cache, no-store
content-length: 154
content-type: text/html; charset=utf-8
date: Tue, 07 May 2024 10:17:56 GMT
expires: Tue, 07 May 2024 10:17:56 GMT
location: /www.shakeparty.ch/de-CH/Sites/Lookup
pragma: no-cache
server: Microsoft-IIS/10.0
server-timing: cdn-cache; desc=MISS edge; dur=97 origin; dur=3166 ak_p; desc="1715077073232_388276620_1002671707_326268_14425_27_0_255";dur=1
strict-transport-security: max-age=86400
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 3.0
x-frame-options: DENY
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

GET
H2 404 favicon.ico
beautyparty.ch/ 209 B
248 B 39ms
39ms Other
text/html 89.22.106.131
ONE-NETWORK

General

Check archive.org

Show headers Download Go to

Full URL: https://beautyparty.ch/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.22.106.131 , Germany, ASN8648 (ONE-NETWORK, DE),
Reverse DNS: webbox442.server-home.org
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://beautyparty.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 10:17:50 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET telerik.common.min.css
telerik-aspnet-skins.s3.amazonaws.com/mvcz/2011.2.712/ 0
0

GET main.css
www.goherbalife.com/CSS/ 0
0

GET flags.css
www.goherbalife.com/CSS/vendors/ 0
0

GET jquery-1.6.1.min.js
az31823.vo.msecnd.net/content/global/js/ 0
0

GET jquery.validate.min.js
az31823.vo.msecnd.net/content/global/js/ 0
0

GET jquery.validate.unobtrusive.min.js
az31823.vo.msecnd.net/content/global/js/ 0
0

GET jquery.textoverflow.0.1.1.js
az31823.vo.msecnd.net/content/global/js/ 0
0

GET s_code.js
az31823.vo.msecnd.net/content/global/js/buynow/ 0
0

GET dws-common.js
az31823.vo.msecnd.net/content/global/js/ 0
0

GET jquery.corner.js
az31823.vo.msecnd.net/content/global/js/ 0
0

GET jquery.watermark.min.js
az31823.vo.msecnd.net/content/global/js/ 0
0

GET jquery.jcarousel.min.js
az31823.vo.msecnd.net/content/global/js/ 0
0

GET FeaturedCart.js
www.goherbalife.com/Scripts/ 0
0

GET main.js
www.goherbalife.com/Scripts/ 0
0

GET IE.js
www.goherbalife.com/Scripts/ 0
0

GET 742a28a1
www.goherbalife.com/akam/13/ 0
0

GET hl_logo_nutrition.png
www.goherbalife.com/img/v2/ 0
0

GET example_ds.jpg
az31823.vo.msecnd.net/content/global/img/welcome/ 0
0

GET telerik.common.min.js
telerik-aspnet-scripts.s3.amazonaws.com/mvcz/2011.2.712/ 0
0

GET telerik.tabstrip.min.js
telerik-aspnet-scripts.s3.amazonaws.com/mvcz/2011.2.712/ 0
0

GET telerik.grid.min.js
telerik-aspnet-scripts.s3.amazonaws.com/mvcz/2011.2.712/ 0
0

GET telerik.treeview.min.js
telerik-aspnet-scripts.s3.amazonaws.com/mvcz/2011.2.712/ 0
0

GET index.min.js
players.brightcove.net/4129125548001/38e4aab6-5f26-4c44-a581-8e9d61e4a4b9_default/ 0
0

GET scripts.min.js
az31823.vo.msecnd.net/content/global/js/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: telerik-aspnet-skins.s3.amazonaws.com
URL: https://telerik-aspnet-skins.s3.amazonaws.com/mvcz/2011.2.712/telerik.common.min.css

Domain: www.goherbalife.com
URL: https://www.goherbalife.com/CSS/main.css

Domain: www.goherbalife.com
URL: https://www.goherbalife.com/CSS/vendors/flags.css

Domain: az31823.vo.msecnd.net
URL: https://az31823.vo.msecnd.net/content/global/js/jquery-1.6.1.min.js

Domain: az31823.vo.msecnd.net
URL: https://az31823.vo.msecnd.net/content/global/js/jquery.validate.min.js?v=1

Domain: az31823.vo.msecnd.net
URL: https://az31823.vo.msecnd.net/content/global/js/jquery.validate.unobtrusive.min.js?v=1

Domain: az31823.vo.msecnd.net
URL: https://az31823.vo.msecnd.net/content/global/js/jquery.textoverflow.0.1.1.js

Domain: az31823.vo.msecnd.net
URL: https://az31823.vo.msecnd.net/content/global/js/buynow/s_code.js?v=3

Domain: az31823.vo.msecnd.net
URL: https://az31823.vo.msecnd.net/content/global/js/dws-common.js?v=1

Domain: az31823.vo.msecnd.net
URL: https://az31823.vo.msecnd.net/content/global/js/jquery.corner.js?v=1

Domain: az31823.vo.msecnd.net
URL: https://az31823.vo.msecnd.net/content/global/js/jquery.watermark.min.js

Domain: az31823.vo.msecnd.net
URL: https://az31823.vo.msecnd.net/content/global/js/jquery.jcarousel.min.js

Domain: www.goherbalife.com
URL: https://www.goherbalife.com/Scripts/FeaturedCart.js

Domain: www.goherbalife.com
URL: https://www.goherbalife.com/Scripts/main.js

Domain: www.goherbalife.com
URL: https://www.goherbalife.com/Scripts/IE.js

Domain: www.goherbalife.com
URL: https://www.goherbalife.com/akam/13/742a28a1

Domain: www.goherbalife.com
URL: https://www.goherbalife.com/img/v2/hl_logo_nutrition.png

Domain: az31823.vo.msecnd.net
URL: https://az31823.vo.msecnd.net/content/global/img/welcome/example_ds.jpg

Domain: telerik-aspnet-scripts.s3.amazonaws.com
URL: https://telerik-aspnet-scripts.s3.amazonaws.com/mvcz/2011.2.712/telerik.common.min.js

Domain: telerik-aspnet-scripts.s3.amazonaws.com
URL: https://telerik-aspnet-scripts.s3.amazonaws.com/mvcz/2011.2.712/telerik.tabstrip.min.js

Domain: telerik-aspnet-scripts.s3.amazonaws.com
URL: https://telerik-aspnet-scripts.s3.amazonaws.com/mvcz/2011.2.712/telerik.grid.min.js

Domain: telerik-aspnet-scripts.s3.amazonaws.com
URL: https://telerik-aspnet-scripts.s3.amazonaws.com/mvcz/2011.2.712/telerik.treeview.min.js

Domain: players.brightcove.net
URL: https://players.brightcove.net/4129125548001/38e4aab6-5f26-4c44-a581-8e9d61e4a4b9_default/index.min.js

Domain: az31823.vo.msecnd.net
URL: https://az31823.vo.msecnd.net/content/global/js/scripts.min.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.goherbalife.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: thywqq30n2hrj5bsjw24wi4a
			.goherbalife.com/	1970-01-20 20:24:44	Name: ak_bmsc Value: 5BF58989D24B2F5CC672F5E422C88427~000000000000000000000000000000~YAAQjKEkF7XAkzSPAQAAq0KPUhfxHhmNesn+zlbLN5FEtvIaTy0papJd0AP7DWzXN5sHEP3nZcroQImGp2d9Lu7AXb4nFyPqkFfC6HM+3X+Sp92FXhYwq8VqMvOHbMwHDO5Xh021DwiR+530gcMvrLnC2Ju9SOnkRBgQan+PDlrB+rx+sdz5Mx9Q8lylTuzKaGCymZx6Ewmmc23tlHWqDYg7Q0zQYYm2tsEFn0/9XO7qsxfB6/CUvjXMl5bIgB4sAQ4utkDjPzt4D4lrRoljLIzC3oPGFk22c1cmw5KvJA2kpd3/BjOcySi81DXXCoLSR4EouurpeDPkSx5OCzbBHjn1ODWZ9b+n9d/wNDdqWnprOF9jts2BxRYDtjvKhSOkMKqfLS4Bn2r2Hoj8gvFpXiH6yrJFQ+7C9g==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://beautyparty.ch/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/Lookup Message: Mixed Content: The page at 'https://www.goherbalife.com/www.shakeparty.ch/de-CH/Sites/Lookup' was loaded over HTTPS, but requested an insecure element 'http://az31823.vo.msecnd.net/content/global/img/welcome/example_ds.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az31823.vo.msecnd.net
beautyparty.ch
players.brightcove.net
telerik-aspnet-scripts.s3.amazonaws.com
telerik-aspnet-skins.s3.amazonaws.com
www.goherbalife.com
az31823.vo.msecnd.net
players.brightcove.net
telerik-aspnet-scripts.s3.amazonaws.com
telerik-aspnet-skins.s3.amazonaws.com
www.goherbalife.com
2a02:26f0:3500:888::2ddc
89.22.106.131
83aac4cadee32dccfe343036ae65b035c9f41d523769ebb2039a8330c94fdd7d

www.goherbalife.com Open in urlscan Pro 2a02:26f0:3500:888::2ddc Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

4 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

3 IPs

1 Countries

1 kBTransfer

14 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

www.goherbalife.com Open in urlscan Pro
2a02:26f0:3500:888::2ddc Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

4 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

3
IPs

1
Countries

1 kB
Transfer

14 kB
Size

2
Cookies

27 HTTP transactions
0 data transactions