herbalife.kg5.no Open in urlscan Pro
2600:9000:21f3:ea00:3:38d1:2e40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://herbalife.kg5.no/
Effective URL:
https://herbalife.kg5.no/
Submission: On April 09 via manual (April 9th 2021, 10:07:33 am UTC) from PL

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2600:9000:21f3:ea00:3:38d1:2e40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is herbalife.kg5.no.
TLS certificate: Issued by Amazon on March 5th 2021. Valid for: a year.

This is the only time herbalife.kg5.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2600:9000:21f... 2600:9000:21f3:ea00:3:38d1:2e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d014:fc7... 2a05:d014:fc7:5401:dd2c:f4b6:e019:4815	16509 (AMAZON-02) (AMAZON-02)
2	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
3	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
14	4

9 2600:9000:21f3:ea00:3:38d1:2e40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

herbalife.kg5.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:fc7:5401:dd2c:f4b6:e019:4815 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

meet.jit.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.108.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com

whereby.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

o513061.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	kg5.no 1 redirects herbalife.kg5.no	2 MB
3	sentry.io o513061.ingest.sentry.io	1 KB
2	whereby.dev whereby.dev	20 KB
1	jit.si meet.jit.si	31 KB
14	4

	Domain	Requested by
9	herbalife.kg5.no	1 redirects herbalife.kg5.no
3	o513061.ingest.sentry.io	herbalife.kg5.no
2	whereby.dev	herbalife.kg5.no
1	meet.jit.si	herbalife.kg5.no
14	4

This site contains no links.

Subject Issuer	Validity	Valid
kg5.no Amazon	`2021-03-05` - `2022-04-03`	a year	crt.sh
*.jit.si DigiCert SHA2 Secure Server CA	`2019-10-02` - `2021-10-06`	2 years	crt.sh
whereby.dev R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh
*.ingest.sentry.io R3	`2021-02-26` - `2021-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://herbalife.kg5.no/
Frame ID: B7CE39821C4749E48576F6865715A2D3
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://herbalife.kg5.no/ HTTP 301
https://herbalife.kg5.no/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2469 kB
Transfer

5450 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://herbalife.kg5.no/ HTTP 301
https://herbalife.kg5.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
herbalife.kg5.no/
Redirect Chain

http://herbalife.kg5.no/
https://herbalife.kg5.no/

3 KB
2 KB

40ms
18ms

Document
text/html

2600:9000:21f3:ea00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9caf3958403a2a5e13c4433702942ccd6e79c721b1b24d7ab429fd823495e9cf

Request headers

:method: GET
:authority: herbalife.kg5.no
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html
last-modified: Fri, 19 Mar 2021 15:04:40 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 09 Apr 2021 10:05:24 GMT
cache-control: public, max-age=300
etag: W/"99e09f3b1ddcca917663eb930fb63652"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: PPzeoKkqxT28PY5uekmIGf_7i7LqbmfpL8wsRoPXFeo2qldxlXzIDA==
age: 112

Redirect headers

Server: CloudFront
Date: Fri, 09 Apr 2021 10:07:15 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://herbalife.kg5.no/
X-Cache: Redirect from cloudfront
Via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: Veme8x3iX6p_ywguKtcUbdx_6nPhfKvtedxx6EEiEfJeDbTTQRzMKQ==

GET
H2 200 jwplayer.js Show response
herbalife.kg5.no/jw8/ 112 KB
37 KB 11ms
9ms Script
application/javascript 2600:9000:21f3:ea00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife.kg5.no/jw8/jwplayer.js
Requested by: Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c82d9b10832b36d67c6b0cda947150b3cc85af5341a0c7ed614438c0cc9875a3

Request headers

Referer: https://herbalife.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 05:04:50 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:04:35 GMT
server: AmazonS3
age: 18145
etag: W/"82c4937e67ceacf827d96791e0a0cd2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 9U80i5qCXAfsP3GkBPR-UTQs8VYtrODIz450tPiOU_FgMRNVbCemtw==

GET
H2 200 external_api.js Show response
meet.jit.si/ 31 KB
31 KB 28ms
12ms Script
application/javascript 2a05:d014:fc7:5401:dd2c:f4b6:e019:4815
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://meet.jit.si/external_api.js

Requested by

Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d014:fc7:5401:dd2c:f4b6:e019:4815 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

7dd66e78a036adf3cd0c45b6815a5c4903046ff9ec8af3ee23676fda5fde6663

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://herbalife.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:07:15 GMT
x-content-type-options: nosniff
x-jitsi-shard: meet-jit-si-eu-central-1b-s45
server: nginx/1.18.0
x-jitsi-region: eu-central-1
x-proxy-host: meet-jit-si-haproxy-21098
strict-transport-security: max-age=63072000
content-type: application/javascript
access-control-expose-headers: Content-Type, X-Jitsi-Region, X-Jitsi-Shard, X-Proxy-Region
x-proxy-region: eu-central-1

GET
H2 200 whereby-embed.js Show response
whereby.dev/embed/ 2 KB
1 KB 86ms
22ms Script
application/javascript 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://whereby.dev/embed/whereby-embed.js
Requested by: Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: f6e2e177a3bd7a7100b4257282444827ced8837e571bbc32b4eea44aefba538b

Request headers

Origin: https://herbalife.kg5.no
Referer: https://herbalife.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 0162b702794dc0bb9672ff5239966700d5702411
date: Fri, 09 Apr 2021 10:07:15 GMT
content-encoding: gzip
age: 416
x-cache: HIT
content-length: 1038
x-served-by: cache-vie21647-VIE
access-control-allow-origin: *
last-modified: Fri, 26 Mar 2021 16:08:00 GMT
server: GitHub.com
x-github-request-id: DFD6:9C43:FD1AC4:1047D1D:607022FC
x-timer: S1617962836.845673,VS0,VE1
etag: W/"605e06e0-8cb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Fri, 09 Apr 2021 09:58:44 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H2 200 4.056d2753.chunk.css
herbalife.kg5.no/static/css/ 547 KB
64 KB 15ms
13ms Stylesheet
text/css 2600:9000:21f3:ea00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife.kg5.no/static/css/4.056d2753.chunk.css
Requested by: Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f47039b265a9101a06e7bc84b94888e8246d3bd0edb9f176943428e05dd0472

Request headers

Referer: https://herbalife.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 20:32:14 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:04:39 GMT
server: AmazonS3
age: 48902
etag: W/"19a0b1bf4f00fadb8bffd5dc5e2718e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: mlPDj3v4MFVSPRSkEIDIrsO9DzI6du6b1InBfo0qTcLfcc8TZB-Nzg==

GET
H2 200 main.a31b4c20.chunk.css
herbalife.kg5.no/static/css/ 8 KB
3 KB 9ms
8ms Stylesheet
text/css 2600:9000:21f3:ea00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife.kg5.no/static/css/main.a31b4c20.chunk.css
Requested by: Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 039b2f428fcd17350fbcdc6b2ca2c73d46f5b56ef8039634e25f642b528a99d3

Request headers

Referer: https://herbalife.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 05:15:08 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:04:38 GMT
server: AmazonS3
age: 17528
etag: W/"87ec52701ee658457233510e0e1a97f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: gf24LG4cqX6DRG2Xy2KL3-Kcqz-t9GG59j_Kqhr2Ra0AKqHfu_ABxA==

GET
H2 200 4.642ab5eb.chunk.js Show response
herbalife.kg5.no/static/js/ 3 MB
857 KB 23ms
22ms Script
application/javascript 2600:9000:21f3:ea00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife.kg5.no/static/js/4.642ab5eb.chunk.js
Requested by: Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e910a42b5212d7fc4b4001a7f9bec71b44472d861ad90cef23671f51ace8cc44

Request headers

Referer: https://herbalife.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 07:00:48 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:04:39 GMT
server: AmazonS3
age: 11188
etag: W/"72d7112a1c1ee5d9324e82c47de45fc1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: eVXs47TEJJ8vHm_tB-aSa3meR8Y74vJ6JttmuKf-KLncpwvnL6W-_A==

GET
H2 200 main.d946d49d.chunk.js Show response
herbalife.kg5.no/static/js/ 294 KB
61 KB 21ms
20ms Script
application/javascript 2600:9000:21f3:ea00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife.kg5.no/static/js/main.d946d49d.chunk.js
Requested by: Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f184abb806eb6560ceb8d2f61d589d89f1ce14079e7b32f16cd6b9ff85b96351

Request headers

Referer: https://herbalife.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 04:23:23 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:04:39 GMT
server: AmazonS3
age: 20633
etag: W/"8aa77dc74bfbbf08dbef145ccd1276f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: OburTEWUaffrmPDfOjeAofPfUW4cTprnigHi83POh9JIxASRgVzr5Q==

GET
H2 200 heresy.js Show response
whereby.dev/embed/web_modules/ 64 KB
18 KB 22ms
21ms Script
application/javascript 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://whereby.dev/embed/web_modules/heresy.js
Requested by: Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: b0314a008312a47e848c14d3976649a51dcc058c45187787045eaf98c39342c7

Request headers

Origin: https://herbalife.kg5.no
Referer: https://whereby.dev/embed/whereby-embed.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 9864a53bb52b5b28668f892d33614ab62c74f181
date: Fri, 09 Apr 2021 10:07:15 GMT
content-encoding: gzip
age: 416
x-cache: HIT
content-length: 18383
x-served-by: cache-vie21647-VIE
access-control-allow-origin: *
last-modified: Fri, 26 Mar 2021 16:08:00 GMT
server: GitHub.com
x-github-request-id: 57C2:7C84:5B7381:5E4FE3:607022FC
x-timer: S1617962836.868830,VS0,VE1
etag: W/"605e06e0-1009e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Fri, 09 Apr 2021 09:57:03 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 1

POST
H/1.1 200
OK / Show response
o513061.ingest.sentry.io/api/5620287/envelope/ 2 B
406 B 590ms
140ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o513061.ingest.sentry.io/api/5620287/envelope/?sentry_key=b9313751adcc43b09600c865be21f17c&sentry_version=7

Requested by

Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/static/js/4.642ab5eb.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://herbalife.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 09 Apr 2021 10:07:16 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://herbalife.kg5.no
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
o513061.ingest.sentry.io/api/5620287/envelope/ 2 B
406 B 555ms
140ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o513061.ingest.sentry.io/api/5620287/envelope/?sentry_key=b9313751adcc43b09600c865be21f17c&sentry_version=7

Requested by

Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/static/js/4.642ab5eb.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://herbalife.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 09 Apr 2021 10:07:16 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://herbalife.kg5.no
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
o513061.ingest.sentry.io/api/5620287/envelope/ 2 B
406 B 564ms
141ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o513061.ingest.sentry.io/api/5620287/envelope/?sentry_key=b9313751adcc43b09600c865be21f17c&sentry_version=7

Requested by

Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/static/js/4.642ab5eb.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://herbalife.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 09 Apr 2021 10:07:16 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://herbalife.kg5.no
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 33df8d5d-f328-454f-8e51-e2c54bb450b2.png
herbalife.kg5.no/s3/166e98e3-4b6a-4cdf-9281-2c703c068b48/ 214 KB
215 KB 12ms
11ms Image
image/png 2600:9000:21f3:ea00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://herbalife.kg5.no/s3/166e98e3-4b6a-4cdf-9281-2c703c068b48/33df8d5d-f328-454f-8e51-e2c54bb450b2.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d5773ef66249ebdda68be7532bc9a2df06dbd107fa6d0721686c44230255a59

Request headers

Referer: https://herbalife.kg5.no/login/globalPassword
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:00:17 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Fri, 05 Feb 2021 13:36:08 GMT
server: AmazonS3
age: 420
etag: "1c503c741fc25c72ac79c3dd682dc16e-1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 218989
x-amz-cf-id: QdJ23PRX0XgrR5XOTg5qsZ51q3udT29cLyrfoY8zudkSyZBEAsed1g==

GET
H2 200 2683728d-f096-4431-ad9c-cf7a34b274af.png
herbalife.kg5.no/s3/166e98e3-4b6a-4cdf-9281-2c703c068b48/ 1 MB
1 MB 14ms
14ms Image
image/png 2600:9000:21f3:ea00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://herbalife.kg5.no/s3/166e98e3-4b6a-4cdf-9281-2c703c068b48/2683728d-f096-4431-ad9c-cf7a34b274af.png
Requested by: Host: herbalife.kg5.no
URL: https://herbalife.kg5.no/login/globalPassword
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d9ecc8f34b86b29ba510281c605b1896ba4cc2930feea8aa32dd21a9bce37fe

Request headers

Referer: https://herbalife.kg5.no/login/globalPassword
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:00:17 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
last-modified: Tue, 07 Apr 2020 13:35:05 GMT
server: AmazonS3
age: 420
etag: "cca94fe8dd34b6103b1539237ff9e67a-1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1204896
x-amz-cf-id: pfN777JBYZpPfwfGbKk9r2dbSmj6a1m_WzZdY9Z3v-AYXUlj9o3_cA==

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://meet.jit.si/external_api.js(Line 3) Message: Local storage is disabled.
console-api	warning	URL: https://herbalife.kg5.no/static/js/4.642ab5eb.chunk.js(Line 2) Message: quill Overwriting modules/imageResize with function e(n){var r=this,o=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};c(this,e),this.initializeModules=function(){r.removeModules(),r.modules=r.moduleClasses.map((function(e){return new(h[e]\|\|e)(r)})),r.modules.forEach((function(e){e.onCreate()})),r.onUpdate()},this.onUpdate=function(){r.repositionElements(),r.modules.forEach((function(e){e.onUpdate()}))},this.removeModules=function(){r.modules.forEach((function(e){e.onDestroy()})),r.modules=[]},this.handleClick=function(e){if(e.target&&e.target.tagName&&"IMG"===e.target.tagName.toUpperCase()){if(r.img===e.target)return;r.img&&r.hide(),r.show(e.target)}else r.img&&r.hide()},this.show=function(e){r.img=e,r.showOverlay(),r.initializeModules()},this.showOverlay=function(){r.overlay&&r.hideOverlay(),r.quill.setSelection(null),r.setUserSelect("none"),document.addEventListener("keyup",r.checkImage,!0),r.quill.root.addEventListener("input",r.checkImage,!0),r.overlay=document.createElement("div"),Object.assign(r.overlay.style,r.options.overlayStyles),r.quill.root.parentNode.appendChild(r.overlay),r.repositionElements()},this.hideOverlay=function(){r.overlay&&(r.quill.root.parentNode.removeChild(r.overlay),r.overlay=void 0,document.removeEventListener("keyup",r.checkImage),r.quill.root.removeEventListener("input",r.checkImage),r.setUserSelect(""))},this.repositionElements=function(){if(r.overlay&&r.img){var e=r.quill.root.parentNode,t=r.img.getBoundingClientRect(),n=e.getBoundingClientRect();Object.assign(r.overlay.style,{left:t.left-n.left-1+e.scrollLeft+"px",top:t.top-n.top+e.scrollTop+"px",width:t.width+"px",height:t.height+"px"})}},this.hide=function(){r.hideOverlay(),r.removeModules(),r.img=void 0},this.setUserSelect=function(e){["userSelect","mozUserSelect","webkitUserSelect","msUserSelect"].forEach((function(t){r.quill.root.style[t]=e,document.documentElement.style[t]=e}))},this.checkImage=function(e){r.img&&(46!=e.keyCode&&8!=e.keyCode\|\|t.find(r.img).deleteAt(0),r.hide())},this.quill=n;var l=!1;o.modules&&(l=o.modules.slice()),this.options=a()({},o,i.a),!1!==l&&(this.options.modules=l),document.execCommand("enableObjectResizing",!1,"false"),this.quill.root.addEventListener("click",this.handleClick,!1),this.quill.root.parentNode.style.position=this.quill.root.parentNode.style.position\|\|"relative",this.moduleClasses=this.options.modules,console.log("this.options.modules",this.options.modules),this.modules=[]}
console-api	log	URL: https://herbalife.kg5.no/static/js/4.642ab5eb.chunk.js(Line 2) Message: Socket is connected
console-api	log	URL: https://herbalife.kg5.no/static/js/4.642ab5eb.chunk.js(Line 2) Message: saved id 166e98e3-4b6a-4cdf-9281-2c703c068b48

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

herbalife.kg5.no
meet.jit.si
o513061.ingest.sentry.io
whereby.dev
185.199.108.153
2600:9000:21f3:ea00:3:38d1:2e40:93a1
2a05:d014:fc7:5401:dd2c:f4b6:e019:4815
35.188.42.15
039b2f428fcd17350fbcdc6b2ca2c73d46f5b56ef8039634e25f642b528a99d3
3d9ecc8f34b86b29ba510281c605b1896ba4cc2930feea8aa32dd21a9bce37fe
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
6d5773ef66249ebdda68be7532bc9a2df06dbd107fa6d0721686c44230255a59
7dd66e78a036adf3cd0c45b6815a5c4903046ff9ec8af3ee23676fda5fde6663
8f47039b265a9101a06e7bc84b94888e8246d3bd0edb9f176943428e05dd0472
9caf3958403a2a5e13c4433702942ccd6e79c721b1b24d7ab429fd823495e9cf
b0314a008312a47e848c14d3976649a51dcc058c45187787045eaf98c39342c7
c82d9b10832b36d67c6b0cda947150b3cc85af5341a0c7ed614438c0cc9875a3
e910a42b5212d7fc4b4001a7f9bec71b44472d861ad90cef23671f51ace8cc44
f184abb806eb6560ceb8d2f61d589d89f1ce14079e7b32f16cd6b9ff85b96351
f6e2e177a3bd7a7100b4257282444827ced8837e571bbc32b4eea44aefba538b

herbalife.kg5.no Open in urlscan Pro 2600:9000:21f3:ea00:3:38d1:2e40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

2469 kBTransfer

5450 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

herbalife.kg5.no Open in urlscan Pro
2600:9000:21f3:ea00:3:38d1:2e40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2469 kB
Transfer

5450 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions