herbalife2.kg5.no Open in urlscan Pro
2600:9000:21f3:1c00:3:38d1:2e40:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://herbalife2.kg5.no/
Effective URL:
https://herbalife2.kg5.no/
Submission: On April 09 via manual (April 9th 2021, 10:08:14 am UTC) from PL

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2600:9000:21f3:1c00:3:38d1:2e40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is herbalife2.kg5.no.
TLS certificate: Issued by Amazon on March 5th 2021. Valid for: a year.

This is the only time herbalife2.kg5.no was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2600:9000:21f... 2600:9000:21f3:1c00:3:38d1:2e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d014:fc7... 2a05:d014:fc7:5401:dd2c:f4b6:e019:4815	16509 (AMAZON-02) (AMAZON-02)
2	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
3	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
14	4

9 2600:9000:21f3:1c00:3:38d1:2e40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

herbalife2.kg5.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:fc7:5401:dd2c:f4b6:e019:4815 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

meet.jit.si	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.108.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com

whereby.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

o513061.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	kg5.no 1 redirects herbalife2.kg5.no	1 MB
3	sentry.io o513061.ingest.sentry.io	1 KB
2	whereby.dev whereby.dev	19 KB
1	jit.si meet.jit.si	31 KB
14	4

	Domain	Requested by
9	herbalife2.kg5.no	1 redirects herbalife2.kg5.no
3	o513061.ingest.sentry.io	herbalife2.kg5.no
2	whereby.dev	herbalife2.kg5.no
1	meet.jit.si	herbalife2.kg5.no
14	4

This site contains no links.

Subject Issuer	Validity	Valid
kg5.no Amazon	`2021-03-05` - `2022-04-03`	a year	crt.sh
*.jit.si DigiCert SHA2 Secure Server CA	`2019-10-02` - `2021-10-06`	2 years	crt.sh
whereby.dev R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh
*.ingest.sentry.io R3	`2021-02-26` - `2021-05-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://herbalife2.kg5.no/
Frame ID: 09FD91338BB7FCC77D756384A262040C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://herbalife2.kg5.no/ HTTP 301
https://herbalife2.kg5.no/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1236 kB
Transfer

4219 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://herbalife2.kg5.no/ HTTP 301
https://herbalife2.kg5.no/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
herbalife2.kg5.no/
Redirect Chain

http://herbalife2.kg5.no/
https://herbalife2.kg5.no/

3 KB
2 KB

30ms
10ms

Document
text/html

2600:9000:21f3:1c00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife2.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1c00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9caf3958403a2a5e13c4433702942ccd6e79c721b1b24d7ab429fd823495e9cf

Request headers

:method: GET
:authority: herbalife2.kg5.no
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html
last-modified: Fri, 19 Mar 2021 15:04:40 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 09 Apr 2021 10:05:24 GMT
cache-control: public, max-age=300
etag: W/"99e09f3b1ddcca917663eb930fb63652"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: GKc_YgYIbIMMMZ1gpllArsxIZjsFhWhJMe0bPa4-lEEwzHJinCBC9g==
age: 152

Redirect headers

Server: CloudFront
Date: Fri, 09 Apr 2021 10:07:55 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://herbalife2.kg5.no/
X-Cache: Redirect from cloudfront
Via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: 1iaqDWPvVApigArvX3_H5d6eom_Whzvxx6zD2_FKqff-t8dE_io1hg==

GET
H2 200 jwplayer.js Show response
herbalife2.kg5.no/jw8/ 112 KB
37 KB 10ms
8ms Script
application/javascript 2600:9000:21f3:1c00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife2.kg5.no/jw8/jwplayer.js
Requested by: Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1c00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c82d9b10832b36d67c6b0cda947150b3cc85af5341a0c7ed614438c0cc9875a3

Request headers

Referer: https://herbalife2.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 05:04:50 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:04:35 GMT
server: AmazonS3
age: 18185
etag: W/"82c4937e67ceacf827d96791e0a0cd2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: jL5FLQ8DNgH6uAPAlI-njwEt6hLQafZz1jR6oGArywNAHlc_9iKF6A==

GET
H2 200 external_api.js Show response
meet.jit.si/ 31 KB
31 KB 12ms
10ms Script
application/javascript 2a05:d014:fc7:5401:dd2c:f4b6:e019:4815
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://meet.jit.si/external_api.js

Requested by

Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d014:fc7:5401:dd2c:f4b6:e019:4815 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

7dd66e78a036adf3cd0c45b6815a5c4903046ff9ec8af3ee23676fda5fde6663

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://herbalife2.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:07:55 GMT
x-content-type-options: nosniff
x-jitsi-shard: meet-jit-si-eu-central-1b-s65
server: nginx/1.18.0
x-jitsi-region: eu-central-1
x-proxy-host: meet-jit-si-haproxy-21098
strict-transport-security: max-age=63072000
content-type: application/javascript
access-control-expose-headers: Content-Type, X-Jitsi-Region, X-Jitsi-Shard, X-Proxy-Region
x-proxy-region: eu-central-1

GET
H2 200 whereby-embed.js Show response
whereby.dev/embed/ 2 KB
1 KB 30ms
28ms Script
application/javascript 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://whereby.dev/embed/whereby-embed.js
Requested by: Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: f6e2e177a3bd7a7100b4257282444827ced8837e571bbc32b4eea44aefba538b

Request headers

Origin: https://herbalife2.kg5.no
Referer: https://herbalife2.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 4bb654e3026313f850df622a225957bf75cb538c
date: Fri, 09 Apr 2021 10:07:55 GMT
content-encoding: gzip
age: 456
x-cache: HIT
content-length: 1038
x-served-by: cache-vie21647-VIE
access-control-allow-origin: *
last-modified: Fri, 26 Mar 2021 16:08:00 GMT
server: GitHub.com
x-github-request-id: DFD6:9C43:FD1AC4:1047D1D:607022FC
x-timer: S1617962876.553605,VS0,VE0
etag: W/"605e06e0-8cb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Fri, 09 Apr 2021 09:58:44 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 2

GET
H2 200 4.056d2753.chunk.css
herbalife2.kg5.no/static/css/ 547 KB
64 KB 14ms
12ms Stylesheet
text/css 2600:9000:21f3:1c00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife2.kg5.no/static/css/4.056d2753.chunk.css
Requested by: Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1c00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f47039b265a9101a06e7bc84b94888e8246d3bd0edb9f176943428e05dd0472

Request headers

Referer: https://herbalife2.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 20:32:14 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:04:39 GMT
server: AmazonS3
age: 48942
etag: W/"19a0b1bf4f00fadb8bffd5dc5e2718e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: cw-zoE6J_4xF1SBlvPIG2krbyU4qe1C1bDvolA9W6R1USfYiYdKTTw==

GET
H2 200 main.a31b4c20.chunk.css
herbalife2.kg5.no/static/css/ 8 KB
3 KB 29ms
28ms Stylesheet
text/css 2600:9000:21f3:1c00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife2.kg5.no/static/css/main.a31b4c20.chunk.css
Requested by: Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1c00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 039b2f428fcd17350fbcdc6b2ca2c73d46f5b56ef8039634e25f642b528a99d3

Request headers

Referer: https://herbalife2.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 05:15:08 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:04:38 GMT
server: AmazonS3
age: 17568
etag: W/"87ec52701ee658457233510e0e1a97f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: RAbgH0W8hEkknxHEOfeS-XNT_gIrpz6OnS2Fz4W0XlDaBl3B9mDyVQ==

GET
H2 200 4.642ab5eb.chunk.js Show response
herbalife2.kg5.no/static/js/ 3 MB
858 KB 19ms
18ms Script
application/javascript 2600:9000:21f3:1c00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife2.kg5.no/static/js/4.642ab5eb.chunk.js
Requested by: Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1c00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e910a42b5212d7fc4b4001a7f9bec71b44472d861ad90cef23671f51ace8cc44

Request headers

Referer: https://herbalife2.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 07:00:48 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:04:39 GMT
server: AmazonS3
age: 11228
etag: W/"72d7112a1c1ee5d9324e82c47de45fc1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: r37AWlVawHD7XkF9db_bt-Ue3CkpjyaTbYmY52z6CiXTNTUW0KUo_g==

GET
H2 200 main.d946d49d.chunk.js Show response
herbalife2.kg5.no/static/js/ 294 KB
61 KB 28ms
27ms Script
application/javascript 2600:9000:21f3:1c00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://herbalife2.kg5.no/static/js/main.d946d49d.chunk.js
Requested by: Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1c00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f184abb806eb6560ceb8d2f61d589d89f1ce14079e7b32f16cd6b9ff85b96351

Request headers

Referer: https://herbalife2.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 04:23:23 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 15:04:39 GMT
server: AmazonS3
age: 20673
etag: W/"8aa77dc74bfbbf08dbef145ccd1276f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ACIflmhfsqt1Wk7s9kQ4kZ1cJsr-uMuaC72glyguf9FORNbXcyLXcg==

GET
H2 200 heresy.js Show response
whereby.dev/embed/web_modules/ 64 KB
18 KB 25ms
25ms Script
application/javascript 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://whereby.dev/embed/web_modules/heresy.js
Requested by: Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: b0314a008312a47e848c14d3976649a51dcc058c45187787045eaf98c39342c7

Request headers

Origin: https://herbalife2.kg5.no
Referer: https://whereby.dev/embed/whereby-embed.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 4c277571d7c76262b543d3f96761933dca49501b
date: Fri, 09 Apr 2021 10:07:55 GMT
content-encoding: gzip
age: 456
x-cache: HIT
content-length: 18383
x-served-by: cache-vie21647-VIE
access-control-allow-origin: *
last-modified: Fri, 26 Mar 2021 16:08:00 GMT
server: GitHub.com
x-github-request-id: 57C2:7C84:5B7381:5E4FE3:607022FC
x-timer: S1617962876.609734,VS0,VE0
etag: W/"605e06e0-1009e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Fri, 09 Apr 2021 09:57:03 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: HIT
x-cache-hits: 2

POST
H/1.1 200
OK / Show response
o513061.ingest.sentry.io/api/5620287/envelope/ 2 B
407 B 142ms
141ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o513061.ingest.sentry.io/api/5620287/envelope/?sentry_key=b9313751adcc43b09600c865be21f17c&sentry_version=7

Requested by

Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/static/js/4.642ab5eb.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://herbalife2.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 09 Apr 2021 10:07:55 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://herbalife2.kg5.no
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
o513061.ingest.sentry.io/api/5620287/envelope/ 2 B
407 B 142ms
141ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o513061.ingest.sentry.io/api/5620287/envelope/?sentry_key=b9313751adcc43b09600c865be21f17c&sentry_version=7

Requested by

Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/static/js/4.642ab5eb.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://herbalife2.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 09 Apr 2021 10:07:56 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://herbalife2.kg5.no
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

POST
H/1.1 200
OK / Show response
o513061.ingest.sentry.io/api/5620287/envelope/ 2 B
407 B 139ms
138ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o513061.ingest.sentry.io/api/5620287/envelope/?sentry_key=b9313751adcc43b09600c865be21f17c&sentry_version=7

Requested by

Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/static/js/4.642ab5eb.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://herbalife2.kg5.no/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 09 Apr 2021 10:07:56 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://herbalife2.kg5.no
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H2 200 f8ae2622-4703-4b14-937e-1dd0360fdccf.png
herbalife2.kg5.no/s3/5d29a353-7532-44b8-bc02-a00583acc883/ 7 KB
7 KB 11ms
10ms Image
image/png 2600:9000:21f3:1c00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://herbalife2.kg5.no/s3/5d29a353-7532-44b8-bc02-a00583acc883/f8ae2622-4703-4b14-937e-1dd0360fdccf.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1c00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed98bc1a315e4bcc7228b7a3591d1a6f5bf1e3813361b5b9adf7454c681d8f1d

Request headers

Referer: https://herbalife2.kg5.no/login/globalPassword
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:01:13 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified: Wed, 27 Jan 2021 18:39:37 GMT
server: AmazonS3
age: 403
etag: "39dedc6adc72b1c7effcf590c65693ef-1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 6930
x-amz-cf-id: pmkgWi_mxcv-GDj86-URfRd0Z_0TuG4MauCwUTgecXdiu7258aHCYQ==

GET
H2 200 c7fb4133-0fc1-49ed-894e-6e2509fb6b07.png
herbalife2.kg5.no/s3/5d29a353-7532-44b8-bc02-a00583acc883/ 152 KB
153 KB 10ms
10ms Image
image/png 2600:9000:21f3:1c00:3:38d1:2e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://herbalife2.kg5.no/s3/5d29a353-7532-44b8-bc02-a00583acc883/c7fb4133-0fc1-49ed-894e-6e2509fb6b07.png
Requested by: Host: herbalife2.kg5.no
URL: https://herbalife2.kg5.no/login/globalPassword
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1c00:3:38d1:2e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c1cc300513e01ec5547ca6db797f9e18af7fba107d55be799081f332866baa6

Request headers

Referer: https://herbalife2.kg5.no/login/globalPassword
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 10:01:13 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 11:30:17 GMT
server: AmazonS3
age: 403
etag: "804ba097665e44035bf91b1ba46dc7c7-1"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 155649
x-amz-cf-id: BWBCFDS_1b-slR8NpeBQlJ8IH6a8RvjQ4E2lwDIjvDLKuv2T81CBCg==

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://meet.jit.si/external_api.js(Line 3) Message: Local storage is disabled.
console-api	warning	URL: https://herbalife2.kg5.no/static/js/4.642ab5eb.chunk.js(Line 2) Message: quill Overwriting modules/imageResize with function e(n){var r=this,o=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};c(this,e),this.initializeModules=function(){r.removeModules(),r.modules=r.moduleClasses.map((function(e){return new(h[e]\|\|e)(r)})),r.modules.forEach((function(e){e.onCreate()})),r.onUpdate()},this.onUpdate=function(){r.repositionElements(),r.modules.forEach((function(e){e.onUpdate()}))},this.removeModules=function(){r.modules.forEach((function(e){e.onDestroy()})),r.modules=[]},this.handleClick=function(e){if(e.target&&e.target.tagName&&"IMG"===e.target.tagName.toUpperCase()){if(r.img===e.target)return;r.img&&r.hide(),r.show(e.target)}else r.img&&r.hide()},this.show=function(e){r.img=e,r.showOverlay(),r.initializeModules()},this.showOverlay=function(){r.overlay&&r.hideOverlay(),r.quill.setSelection(null),r.setUserSelect("none"),document.addEventListener("keyup",r.checkImage,!0),r.quill.root.addEventListener("input",r.checkImage,!0),r.overlay=document.createElement("div"),Object.assign(r.overlay.style,r.options.overlayStyles),r.quill.root.parentNode.appendChild(r.overlay),r.repositionElements()},this.hideOverlay=function(){r.overlay&&(r.quill.root.parentNode.removeChild(r.overlay),r.overlay=void 0,document.removeEventListener("keyup",r.checkImage),r.quill.root.removeEventListener("input",r.checkImage),r.setUserSelect(""))},this.repositionElements=function(){if(r.overlay&&r.img){var e=r.quill.root.parentNode,t=r.img.getBoundingClientRect(),n=e.getBoundingClientRect();Object.assign(r.overlay.style,{left:t.left-n.left-1+e.scrollLeft+"px",top:t.top-n.top+e.scrollTop+"px",width:t.width+"px",height:t.height+"px"})}},this.hide=function(){r.hideOverlay(),r.removeModules(),r.img=void 0},this.setUserSelect=function(e){["userSelect","mozUserSelect","webkitUserSelect","msUserSelect"].forEach((function(t){r.quill.root.style[t]=e,document.documentElement.style[t]=e}))},this.checkImage=function(e){r.img&&(46!=e.keyCode&&8!=e.keyCode\|\|t.find(r.img).deleteAt(0),r.hide())},this.quill=n;var l=!1;o.modules&&(l=o.modules.slice()),this.options=a()({},o,i.a),!1!==l&&(this.options.modules=l),document.execCommand("enableObjectResizing",!1,"false"),this.quill.root.addEventListener("click",this.handleClick,!1),this.quill.root.parentNode.style.position=this.quill.root.parentNode.style.position\|\|"relative",this.moduleClasses=this.options.modules,console.log("this.options.modules",this.options.modules),this.modules=[]}
console-api	log	URL: https://herbalife2.kg5.no/static/js/4.642ab5eb.chunk.js(Line 2) Message: Socket is connected
console-api	log	URL: https://herbalife2.kg5.no/static/js/4.642ab5eb.chunk.js(Line 2) Message: saved id 5d29a353-7532-44b8-bc02-a00583acc883

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

herbalife2.kg5.no
meet.jit.si
o513061.ingest.sentry.io
whereby.dev
185.199.108.153
2600:9000:21f3:1c00:3:38d1:2e40:93a1
2a05:d014:fc7:5401:dd2c:f4b6:e019:4815
35.188.42.15
039b2f428fcd17350fbcdc6b2ca2c73d46f5b56ef8039634e25f642b528a99d3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c1cc300513e01ec5547ca6db797f9e18af7fba107d55be799081f332866baa6
7dd66e78a036adf3cd0c45b6815a5c4903046ff9ec8af3ee23676fda5fde6663
8f47039b265a9101a06e7bc84b94888e8246d3bd0edb9f176943428e05dd0472
9caf3958403a2a5e13c4433702942ccd6e79c721b1b24d7ab429fd823495e9cf
b0314a008312a47e848c14d3976649a51dcc058c45187787045eaf98c39342c7
c82d9b10832b36d67c6b0cda947150b3cc85af5341a0c7ed614438c0cc9875a3
e910a42b5212d7fc4b4001a7f9bec71b44472d861ad90cef23671f51ace8cc44
ed98bc1a315e4bcc7228b7a3591d1a6f5bf1e3813361b5b9adf7454c681d8f1d
f184abb806eb6560ceb8d2f61d589d89f1ce14079e7b32f16cd6b9ff85b96351
f6e2e177a3bd7a7100b4257282444827ced8837e571bbc32b4eea44aefba538b

herbalife2.kg5.no Open in urlscan Pro 2600:9000:21f3:1c00:3:38d1:2e40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

1236 kBTransfer

4219 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

herbalife2.kg5.no Open in urlscan Pro
2600:9000:21f3:1c00:3:38d1:2e40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1236 kB
Transfer

4219 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions