urlscan.io logo urlscan.io
SecurityTrails logo

herbalifedifediscounts.doereport.com Open in urlscan Pro
172.67.72.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://herbalifedifediscounts.doereport.com/
Effective URL: https://herbalifedifediscounts.doereport.com/demindex.php
Submission: On April 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 1 countries across 9 domains to perform 30 HTTP transactions. The main IP is 172.67.72.14, located in United States and belongs to CLOUDFLARENET, US. The main domain is herbalifedifediscounts.doereport.com.
TLS certificate: Issued by GTS CA 1P5 on March 2nd 2024. Valid for: 3 months.
This is the only time herbalifedifediscounts.doereport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    172.67.72.14 (United States)

ASN13335 (CLOUDFLARENET, US)
herbalifedifediscounts.doereport.com
1    142.250.65.164 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f4.1e100.net
www.google.com
2    2606:4700:20::681a:996 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.nucleusmedical.media
2    2620:116:800b:21:f059:4f7e:28a9:1588 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
1    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2607:f8b0:4006:80b::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:21dd:a800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
Apex Domain
Subdomains		 Transfer
21 doereport.com
herbalifedifediscounts.doereport.com
113 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 632
17 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1357
pixel.quantserve.com — Cisco Umbrella Rank: 1140
10 KB
2 nucleusmedical.media
analytics.nucleusmedical.media
28 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1364
640 B
1 gstatic.com
www.gstatic.com
199 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 813
7 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 357
25 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
856 B
30 9
Domain Requested by
21 herbalifedifediscounts.doereport.com 2 redirects herbalifedifediscounts.doereport.com
static.cloudflareinsights.com
2 ssl.google-analytics.com herbalifedifediscounts.doereport.com
2 analytics.nucleusmedical.media herbalifedifediscounts.doereport.com
analytics.nucleusmedical.media
1 pixel.quantserve.com herbalifedifediscounts.doereport.com
1 rules.quantcount.com secure.quantserve.com
1 www.gstatic.com www.google.com
1 static.cloudflareinsights.com herbalifedifediscounts.doereport.com
1 ajax.googleapis.com herbalifedifediscounts.doereport.com
1 secure.quantserve.com herbalifedifediscounts.doereport.com
1 www.google.com herbalifedifediscounts.doereport.com
30 10

This site contains links to these domains. Also see Links.

Domain
medical-legal.blogspot.com
www.legalpointer.com
www.youtube.com
www.doereport.com
Subject Issuer Validity Valid
doereport.com
GTS CA 1P5		 2024-03-02 -
2024-05-31		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
nucleusmedical.media
GTS CA 1P5		 2024-02-12 -
2024-05-12		 3 months crt.sh
quantserve.com
R3		 2024-02-25 -
2024-05-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://herbalifedifediscounts.doereport.com/demindex.php
Frame ID: 0E8074395512C96BD662B3D64C91714E
Requests: 28 HTTP requests in this frame

Frame: https://herbalifedifediscounts.doereport.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: 469DB5D6451748AE8A456FB11B93D582
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Herbalife Discounts Medical Demonstrative Evidence

Page URL History Show full URLs

  1. https://herbalifedifediscounts.doereport.com/ HTTP 302
    https://herbalifedifediscounts.doereport.com/demindex.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

30
Requests

97 %
HTTPS

78 %
IPv6

9
Domains

10
Subdomains

9
IPs

1
Countries

399 kB
Transfer

885 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://herbalifedifediscounts.doereport.com/ HTTP 302
    https://herbalifedifediscounts.doereport.com/demindex.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://herbalifedifediscounts.doereport.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://herbalifedifediscounts.doereport.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request demindex.php
herbalifedifediscounts.doereport.com/
Redirect Chain
  • https://herbalifedifediscounts.doereport.com/
  • https://herbalifedifediscounts.doereport.com/demindex.php?
27 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e3d01ab92887b24ad28bf37c6e121ad358a3f0a45e148fc7c085c03af232bf4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
86d782d32e6031d4-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 01 Apr 2024 09:21:48 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zLmnP9RmvXyQbmMRJXYkg25lV%2Bug8hICN95fjXncO%2B46ToGINGG1w4OEftvzawM63xkouuPJov9W8t6J5kmzoJsmdlNR1zaxUDJTreXNplIClVRdhhlys%2B8LYPaNarVasBwdzxjw2qi3blr8ZWCsQ0Zp0x85MA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
86d782d1ed8231d4-MIA
content-type
text/html; charset=UTF-8
date
Mon, 01 Apr 2024 09:21:47 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
demindex.php?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6jUFUOsD46s%2BG1MwC6vLROMCJMCl3ryTIwrejyDrpPGSwIHSK2bzLCz9OhZF3Q7EubAB7FjWHcX3fUVPBRQ40EQAdhzJf3%2F8Hfdhsz3NfZvkc2nPGMn5bF0WGiO1A0l5hHhVuW3ByqfFJCgBHxLmVG2WP%2Bgeqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f4.1e100.net
Software
GSE /
Resource Hash
15347086a4c3f7a12d7ae800fa711b988a1c1c1572262d53b9295d1e1a089e8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Apr 2024 09:21:48 GMT
50_ads.css
herbalifedifediscounts.doereport.com/styles/ 		296 B
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herbalifedifediscounts.doereport.com/styles/50_ads.css
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6884cd750e470a771d9eb41e69c6ca4bdc814336d35a9000700a6b6e9972239e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 08 Apr 2006 21:51:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"128-410f260fa7780"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VaXwMGoEe8gu5dI2zWQcD2HrLZ667OGZTZNYUF9YCcxhP3OXIxtzBQaNIXF7lcnuhgniuyWWvUrPbnZrF43TiRBkLTdF4cnUCmKUFZp0iIDT7Gs8Bb%2BFNShQXHbOTcbVQ5d94Sedv9COxNGR%2FplGPcMZRZp4qg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
text/css
cache-control
max-age=14400
cf-ray
86d782d40ece31d4-MIA
alt-svc
h3=":443"; ma=86400
default.css
herbalifedifediscounts.doereport.com/styles/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herbalifedifediscounts.doereport.com/styles/default.css
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b99d73d3e62f44b865a55c84db58531c7febb5314de61c8649c0ea310892af96

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 21 Jul 2022 13:50:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2b5b-5e45101d6f1c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=msMm%2FPbxFPJTpP47wiShJxS4%2BIU3zndSgHctkIbA96lE7tH22Er0utDJnl%2F81buPWPtj25756b6d267rl2RokQf06KLOTtJdyPdBf8vZyuc193TFHnwpBlBiVYoZJ7s62m4UpmZX8%2BYSLIRv15cKVH9eB%2BblnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
text/css
cache-control
max-age=14400
cf-ray
86d782d40ecf31d4-MIA
alt-svc
h3=":443"; ma=86400
footer.css
herbalifedifediscounts.doereport.com/styles/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herbalifedifediscounts.doereport.com/styles/footer.css
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8c10a3ed52f1a0b0b0ffd57ef09fcbbd5a3da2e90c235155a74eac9f00a6379

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 23 Oct 2015 15:32:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"994-522c7533e9580"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mvIY4fGmXh%2B4HvqHxG9VAt%2Fn9X9rHu%2BqbkNjU%2F%2BRldV6XtE6WQD8TrsugsZU6LL%2F8Ww9d3534ohayyF1HzYO8%2BHT7mb3EUhEKCN4D3cT8erOC%2BqLskJztvVR2CsIhlu%2FfMDoOwVbRlcqCs%2F82tADbw9GhA1bbw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
text/css
cache-control
max-age=14400
cf-ray
86d782d40ed031d4-MIA
alt-svc
h3=":443"; ma=86400
default.css
herbalifedifediscounts.doereport.com/skins/1150/styles/ 		2 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://herbalifedifediscounts.doereport.com/skins/1150/styles/default.css
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
498703835bf5dba3fcaf4063803984b3aa111d4f48326c761e9019c9aade5044

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 08 Apr 2006 21:51:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"742-410f25fe7cf00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uyTY2veodaYMciguW3hpZQyUK36RlkR09bHlHvbHGFDwS1z9Vx9dsZ88dND2gnjRzsBiuoSDozsv9zUweHumqS1V0x3ZTEr1k%2BvFRUKBM5EFVu33CSV0qVBsesaTSqxZsNC3wWVC5DUVTLShWmWgaZFxPUiW9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
text/css
cache-control
max-age=14400
cf-ray
86d782d40ed131d4-MIA
alt-svc
h3=":443"; ma=86400
1150logo.gif
herbalifedifediscounts.doereport.com/common/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalifedifediscounts.doereport.com/common/1150logo.gif
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b56b16d72f137801e363440e36a67aae3d5de5fb76ff0ba6a0c01f8cbaacfb54

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
cf-cache-status
MISS
last-modified
Sat, 08 Apr 2006 21:49:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"958-410f25a1fb4c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHax3y9rNvnefQ1chpsVeYekgSqW1nCk%2BFChF7VKinKuhYd4qkE6uA%2BtJ%2BWQvZ9KQRR7rrupka9p0Q4mrDB802ncUo7I5G9Bjp%2Bm7DfmWFFf5wPnvvuvRdCU%2BcpvdIuwA6bkW6Sa%2FUksI7Kufbtmu5CQ2B%2B%2BsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86d782d40ed231d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
2392
spacer.gif
herbalifedifediscounts.doereport.com/common/ 		43 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalifedifediscounts.doereport.com/common/spacer.gif
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
cf-cache-status
MISS
last-modified
Sat, 08 Apr 2006 21:50:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2b-410f25b325d40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g1nu6XyYa9TV4W7fJt71lYeIkB1o6VhPo6TIV25KpMhQlt%2B6m0jEpgR0I9tQ75uE6vBoKGnVlj7DnCcnqkKvrTKI%2BCUVgmNgCdlWF1QGGls0Sz25HAtc8LT0afunI6krpxJ5u%2BwEuDC3w8B1%2BArIwcO2JQNu3g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86d782d43ee831d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
1150mde.gif
herbalifedifediscounts.doereport.com/common/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalifedifediscounts.doereport.com/common/1150mde.gif
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11ae47ecc392eaa4660c5a6fdfe88edef6b76a7b1c679735225f215c2229e021

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
cf-cache-status
MISS
last-modified
Sat, 08 Apr 2006 21:49:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"80c-410f25a1fb4c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ElAGpJieoVS2QNFaLG29sagoajh3Udd6bW8m%2FhURyaHbzDQN47lDEQy55aAmC26y%2Bc5%2F5tfb5fdaknhl%2BAomsF%2F%2BEEAcP2Cv7NQHIf%2B6sCYGHowN71x3ZVS5CuXNaj417Bq2TVbb4ngPkzawftCZd7aGsqMBgA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86d782d43ee931d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
2060
1150pbd.gif
herbalifedifediscounts.doereport.com/common/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalifedifediscounts.doereport.com/common/1150pbd.gif
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd90f7d3caeb7e0049e08121b15ce14931d663032761199a6d563c478552ad91

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
cf-cache-status
MISS
last-modified
Sat, 08 Apr 2006 21:49:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"981-410f25a1fb4c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JS%2F%2Br1bryhcRdO5D%2BOPJ444R%2BgihcC2JLITsR%2BFVXHGVQ%2FqjenLTDS8XVHNk1E2gs06%2FhRE1f3jzUwtgKa9l9zvtxCpBH2EDWrO2kOu%2FJPXz4fPBQH1kszXWaWhG9Ik19akX%2Fk6VB3lcqi4kl5K3HI60ruwbMw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86d782d43eeb31d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
2433
matomo.js
analytics.nucleusmedical.media/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.nucleusmedical.media/matomo.js
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:996 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
666311f3b3ec142faf73b8788c287680f575eaad970619d2bf4adabdaedd98ed

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 27 Mar 2024 12:23:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"14ae9-614a37940dcd0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oK7Oauq4V9eqv4UcNNfR%2FaTxjPIK6hgmRDSYKfz5OZN4iBOvLtsdtRXq%2FN0ZlaTbpPcwS%2BUQp4H9WE5XdUtlVJOSe1yTGqexxkFDfWvjAyWQNndm1QHozKhCCbXnwCskpaEClPUc0VV2LZmCInBz1ipQEROZurUdhcQU4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
86d782d4bdd009ee-MIA
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 08 Apr 2024 09:21:48 GMT
80large.jpg
herbalifedifediscounts.doereport.com/Ads// 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalifedifediscounts.doereport.com/Ads//80large.jpg
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d1978e44ce89f6b301a6bc9ff777380caeb38ff1cefc07a1df53fc15728e02b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
cf-cache-status
MISS
last-modified
Fri, 02 Mar 2012 15:02:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b757-4ba43dbcc0a00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJAbRJ%2B57YLFGVZXKwjIJ7Q3BwxJ1mU%2F%2BAxvUEL1k3Xshey2877GMM6rAYGQMIhII91%2BO058HCB%2BMh3o1qjggAkmFKGrd%2FuT6vU7%2F%2BI7BL8N2%2FQkgo2kG1jjd2QpqAmkByEWBKu1bG4Rx5Nt6hGg%2BCYpyArUlw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86d782d43eee31d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
46935
9small.jpg
herbalifedifediscounts.doereport.com/Ads/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalifedifediscounts.doereport.com/Ads/9small.jpg
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f26e31419e2a28c3ef19e5492f76425d7533c584630609ffcfda1de08edda77

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
cf-cache-status
MISS
last-modified
Sat, 08 Apr 2006 21:49:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4c88-410f259e2abc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpx2KFe4j98YnB1SpnWox017Sy2PgZINsFDa0x%2FxhwQ27qNpwGUao2vnN3ki%2BCD0rwv9qq10iR6%2FZQ1nAHRfiI4ZGpe9VAn3HQryzsDsB1d%2FX%2BCq8fhsQImBz%2BRm7DX5Bzc4CmtVfHmE5wmeJMe%2FQG1MqGWCJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86d782d43ef131d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
19592
8small.jpg
herbalifedifediscounts.doereport.com/Ads/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalifedifediscounts.doereport.com/Ads/8small.jpg
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d3e6ba65329b6d373633c171c58a9674ae855acba19b12c719c5307148bce2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
cf-cache-status
MISS
last-modified
Sat, 08 Apr 2006 21:49:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1e85-410f259e2abc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yVJd4ynCADr6%2BpLinaSpWqy2ISw7EdxACyJ%2Bu10%2FGBu0F%2BIEDXSqbtvc3Q21AhrwIVD3HG5G0p7sAzxpDG%2FGpBMuIPlpLqfvbp8VztO%2FDei5ZfECSs0pg85XLKgTTygadpVYOtXCvXvrXrXJATwe%2FjF8EckJXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86d782d43ef231d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
7813
14small.jpg
herbalifedifediscounts.doereport.com/Ads/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://herbalifedifediscounts.doereport.com/Ads/14small.jpg
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b04b12ff747d9a7e755123262991cc0aa2fdcb7436c3c16965add44f6a84cdf7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
cf-cache-status
MISS
last-modified
Sat, 08 Apr 2006 21:49:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1feb-410f259d36980"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ta84pSvDxk9PeSnJ%2FJaegNnOjWV%2Bcn%2FIEE13mZZTO2JKLnXxMakCqWaxh9VhYCuGI9Pbs9JhHvK5nadrnMBfK5SwEcok3uAqEWnCjxjFdOXMFcIkM9aHMFYg%2FwSsyfnuWN%2FrKngFY1WdQjKgKavPYZSMpTdb7A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86d782d43ef331d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
8171
email-decode.min.js
herbalifedifediscounts.doereport.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herbalifedifediscounts.doereport.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 22 Mar 2024 11:37:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65fd6d96-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZrqzQSf%2F2yGSSZ3ze7KbXlgb2il6FcxSSP22weONC%2FdKfl1qinObZEzkS%2BB1Ilrj661dskpwT9GrU67HAaCJhLOccqSTa1fSN0mn0RCNowLv99m1HPQDBW%2BaPHb1daebq5lryrkZqbryGGfxRXBOyQRtNqGOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
86d782d43ef531d4-MIA
expires
Wed, 03 Apr 2024 09:21:48 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 11:28:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 11:28:43 GMT
jquery.dropdownPlain.js
herbalifedifediscounts.doereport.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herbalifedifediscounts.doereport.com/js/jquery.dropdownPlain.js
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1fca17b945b384f3b4eccf84e7331086873c02753811bc78438e8dd93b6cab

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 May 2013 21:27:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"db3-4dcf0a6f24680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHwvGXsdFdWtuodNX7Vniypfkgk%2F1lZkd0%2FTdVn9CregzWiREErrPcZJwO3smZhQqhk4ckV6LcRkjb%2BaJpoysiBRgZgOuFoHEGqHunBrRKvalGIcPzJemBOhg7G6fPWv3T2e%2Be5Y1NsjQ5cOiUjn76A5w%2FzBJg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
application/javascript
cache-control
max-age=14400
cf-ray
86d782d43ef631d4-MIA
alt-svc
h3=":443"; ma=86400
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/
Origin
https://herbalifedifediscounts.doereport.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
86d782d4afe2746d-MIA
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Apr 2024 07:53:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5320
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Mon, 01 Apr 2024 09:53:08 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/ 		499 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/moV1mTgQ6S91nuTnmll4Y9yf/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3756825df5194a174b7a55ebd3b484c276766eef21343d34b053b98ed386801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/
Origin
https://herbalifedifediscounts.doereport.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 01:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203410
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 04:00:24 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Apr 2025 01:26:45 GMT
matomo.php
analytics.nucleusmedical.media/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.nucleusmedical.media/matomo.php?action_name=Herbalife%20Discounts%20Medical%20Demonstrative%20Evidence&idsite=2&rec=1&r=108006&h=23&m=21&s=48&url=https%3A%2F%2Fherbalifedifediscounts.doereport.com%2Fdemindex.php%3F&_id=c6f592afe91de410&_idn=1&send_image=0&_refts=0&dimension1=herbalifedifediscounts.doereport.com&pv_id=mzurMe&fa_pv=1&fa_fp[1][fa_vid]=tFg8Mc&fa_fp[1][fa_fv]=1&fa_fp[2][fa_vid]=cpsREL&fa_fp[2][fa_fv]=1&pf_net=0&pf_srv=126&pf_tfr=43&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22123.0.6312.86%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22123.0.6312.86%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=800x600
Requested by
Host: analytics.nucleusmedical.media
URL: https://analytics.nucleusmedical.media/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:996 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://herbalifedifediscounts.doereport.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
none
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gr%2B4nUM%2Bq7wh%2FUy7u1uN5i5Fio7AQYPtNf1n4ny4EHSxCGTN%2BPgxQECkIGfAbgNlm2CIzhAE2j3O1QEsrOHMVCA8pbcORnXx8MLrIzI4D48d%2FJSk7kjijuZJ00JLgUpmVWEB%2BWUeJCC1GZCmuMm9TH46YelKWGE3Nc9HYw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://herbalifedifediscounts.doereport.com
access-control-allow-credentials
true
cf-ray
86d782d5be1d09ee-MIA
rules-p-13iOrdZwuhY_s.js
rules.quantcount.com/ 		160 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-13iOrdZwuhY_s.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:a800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84ba8fece3bf5935c5933dcfd9ee10f29b882f6773a34efe1dee621a1a0b179a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:49 GMT
via
1.1 aa7679f2d01b23d9a66bfa6e92991b04.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:40:06 GMT
server
AmazonS3
etag
"0b8bde95d2460ef4717ab7e29641bbed"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
hq4PjWkWUYAyCJrXEkxBzOvEnyAU2dodUfyBx5fPaoe5F6D15UognA==
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=185646796&utmhn=herbalifedifediscounts.doereport.com&utmcs=UTF-8&utmsr=800x600&utmvp=1600x1113&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Herbalife%20Discounts%20Medical%20Demonstrative%20Evidence&utmhid=1052069034&utmr=-&utmp=%2Fdemindex.php&utmht=1711963308552&utmac=UA-770998-2&utmcc=__utma%3D148951087.1975329206.1711963309.1711963309.1711963309.1%3B%2B__utmz%3D148951087.1711963309.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1404682791&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 09:21:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1239880597;rf=0;a=p-13iOrdZwuhY_s;url=https%3A%2F%2Fherbalifedifediscounts.doereport.com%2Fdemindex.php%3F;uht=2;fpan=1;fpa=P0-622618890-1711963308436;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231...
pixel.quantserve.com/ 		35 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1239880597;rf=0;a=p-13iOrdZwuhY_s;url=https%3A%2F%2Fherbalifedifediscounts.doereport.com%2Fdemindex.php%3F;uht=2;fpan=1;fpa=P0-622618890-1711963308436;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=doereport.com;dst=0;et=1711963308719;tzo=600;ogl=;ses=b17619bc-ef29-4d23-a269-32b4f0c838ae;mdl=
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Apr 2024 09:21:48 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
main.js
herbalifedifediscounts.doereport.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame 469D
Redirect Chain
  • https://herbalifedifediscounts.doereport.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://herbalifedifediscounts.doereport.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://herbalifedifediscounts.doereport.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Protocol
H3
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1edbc47fac2328904059cb317f456b8da1c3a0fbebbee00fd617f30f8f0836b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fk2%2BYYlojEX5XJlBSEuYiuDANGxDb6Y5YWP1xzECslhZ81%2BPd2BM2yLnYbvOgHySEJ29yx15Sh6Ts9nan79r%2BP43DJTn5H2kTWmV8bdyBeo4LSftkapSQ9d2KVdpqshHBimyMBGF2pOe%2FleKf3jFL8KC%2FwUP%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86d782d91a2b31d4-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 01 Apr 2024 09:21:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BsF0nEqEDAv%2FH%2F3Gyj8TQWM3oy5HOAEkJvmdjaD4hv%2BnpXHwKgEE4eigJGs4ykZIDRdLJv0lZvxHkhVeRB%2BLxDmFFG4e%2BpTeg4pCNRbDBEwyEX6ZgfuX8v52bU9AP9ZHhKAO91SHJvmIiWUQc7EOgNYxeSFrvw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
cache-control
max-age=300, public
cf-ray
86d782d8da1031d4-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
rum
herbalifedifediscounts.doereport.com/cdn-cgi/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://herbalifedifediscounts.doereport.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 01 Apr 2024 09:21:48 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://herbalifedifediscounts.doereport.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
86d782d8da1131d4-MIA
favicon.ico
herbalifedifediscounts.doereport.com/favicon/ 		766 B
778 B 		Other
General
Check archive.org
Download Go to
Full URL
https://herbalifedifediscounts.doereport.com/favicon/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78946b3cbfd4982cebeaecbc9a155c36bcde1f8c56170f035144998f5a04e4fc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://herbalifedifediscounts.doereport.com/demindex.php?
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 09:21:49 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 20 Mar 2009 13:53:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2fe-4658d3f431e40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mrmpWBIeOjYKH%2B7RMkR3rh0bkFKU0K9BGYsORGjXPDRVH%2FGvKXixH38Fo0Q3JNEHdr1ZrSYyp4Or8eIutqpPcpCMSH4%2BxM6ZY2LOGJjLTjADCnxwiC85LNNnoBco5AydnhDBX4%2BdHvWLK7qt%2F4rgOt%2Faf%2F9O1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml"
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
86d782d8da1331d4-MIA
alt-svc
h3=":443"; ma=86400
86d782d32e6031d4
herbalifedifediscounts.doereport.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 469D 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://herbalifedifediscounts.doereport.com/cdn-cgi/challenge-platform/h/g/jsd/r/86d782d32e6031d4
Requested by
Host: herbalifedifediscounts.doereport.com
URL: https://herbalifedifediscounts.doereport.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.72.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 01 Apr 2024 09:21:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fi2eWeo8KcEpC%2FaqdnW2jCpdhhdjlMeRFGl0rD0l8vDv9fPuLZGdiDvd7t2bNkxnO8dRnYAA7uiWGQPb3IbcRtTdHoB9mg98RmQcriw3UEdjKuGGLxXuOK7SeaWFMTjcwzrkuXe4FuXUoZVvN4dRdRu%2BWdddHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
86d782da1aa331d4-MIA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal object| _paq object| _qevents string| gaJsHost object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| quantserve function| __qc object| ezt object| _qoptions object| _gat object| _gaq object| pageTracker object| gaGlobal function| $ function| jQuery object| recaptcha object| __cfBeacon

11 Cookies

Domain/Path Name / Value
.doereport.com/ Name: SessionData
Value: urpciphi9q3tlj55hmu09679e7
herbalifedifediscounts.doereport.com/ Name: _pk_id.2.cfa2
Value: c6f592afe91de410.1711963308.
herbalifedifediscounts.doereport.com/ Name: _pk_ses.2.cfa2
Value: 1
.herbalifedifediscounts.doereport.com/ Name: __utma
Value: 148951087.1975329206.1711963309.1711963309.1711963309.1
.herbalifedifediscounts.doereport.com/ Name: __utmc
Value: 148951087
.herbalifedifediscounts.doereport.com/ Name: __utmz
Value: 148951087.1711963309.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.herbalifedifediscounts.doereport.com/ Name: __utmt
Value: 1
.herbalifedifediscounts.doereport.com/ Name: __utmb
Value: 148951087.1.10.1711963309
.quantserve.com/ Name: mc
Value: 660a7cac-ba943-e9aaa-2e99c
.doereport.com/ Name: __qca
Value: P0-622618890-1711963308436
.doereport.com/ Name: cf_clearance
Value: r0..qzzhN2y4_H7vXixnQPFhAS8eHLiLFdX9WHpCZ2I-1711963309-1.0.1.1-9zEiQ7iFuLE4Vn8kvg6DV3BW9d4KBvGhEtDfL7HaCD_VbHuElzbZDGG7Oj30Xbno1T2JI3a9t_dOPlsDu3IlTw

3 Console Messages

Source Level URL
Text
javascript warning URL: https://herbalifedifediscounts.doereport.com/demindex.php?(Line 275)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://herbalifedifediscounts.doereport.com/demindex.php?(Line 275)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other warning URL: https://herbalifedifediscounts.doereport.com/demindex.php?
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.nucleusmedical.media
herbalifedifediscounts.doereport.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
ssl.google-analytics.com
static.cloudflareinsights.com
www.google.com
www.gstatic.com
142.250.65.164
172.67.72.14
2600:9000:21dd:a800:6:44e3:f8c0:93a1
2606:4700:20::681a:996
2606:4700::6810:5049
2607:f8b0:4006:80b::2003
2607:f8b0:4006:81d::200a
2607:f8b0:4006:821::2008
2620:116:800b:21:f059:4f7e:28a9:1588
11ae47ecc392eaa4660c5a6fdfe88edef6b76a7b1c679735225f215c2229e021
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
15347086a4c3f7a12d7ae800fa711b988a1c1c1572262d53b9295d1e1a089e8a
1edbc47fac2328904059cb317f456b8da1c3a0fbebbee00fd617f30f8f0836b6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
498703835bf5dba3fcaf4063803984b3aa111d4f48326c761e9019c9aade5044
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
666311f3b3ec142faf73b8788c287680f575eaad970619d2bf4adabdaedd98ed
6884cd750e470a771d9eb41e69c6ca4bdc814336d35a9000700a6b6e9972239e
78946b3cbfd4982cebeaecbc9a155c36bcde1f8c56170f035144998f5a04e4fc
7b1fca17b945b384f3b4eccf84e7331086873c02753811bc78438e8dd93b6cab
7e3d01ab92887b24ad28bf37c6e121ad358a3f0a45e148fc7c085c03af232bf4
7f26e31419e2a28c3ef19e5492f76425d7533c584630609ffcfda1de08edda77
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84ba8fece3bf5935c5933dcfd9ee10f29b882f6773a34efe1dee621a1a0b179a
9d1978e44ce89f6b301a6bc9ff777380caeb38ff1cefc07a1df53fc15728e02b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a8c10a3ed52f1a0b0b0ffd57ef09fcbbd5a3da2e90c235155a74eac9f00a6379
b04b12ff747d9a7e755123262991cc0aa2fdcb7436c3c16965add44f6a84cdf7
b56b16d72f137801e363440e36a67aae3d5de5fb76ff0ba6a0c01f8cbaacfb54
b99d73d3e62f44b865a55c84db58531c7febb5314de61c8649c0ea310892af96
dd90f7d3caeb7e0049e08121b15ce14931d663032761199a6d563c478552ad91
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3756825df5194a174b7a55ebd3b484c276766eef21343d34b053b98ed386801
f9d3e6ba65329b6d373633c171c58a9674ae855acba19b12c719c5307148bce2