healthme.ai
Open in
urlscan Pro
162.241.218.58
Malicious Activity!
Public Scan
Submitted URL: https://www.weichert.com/links.aspx?https://pbi.web.app/xrougE5Qauxa0TvalE5Qx1mCraa8D9vKoy45
Effective URL: https://healthme.ai/powerbi/?organisation=valextra.com&id=xrougeaux@valextra.com
Submission: On September 18 via manual from IT — Scanned from IT
Effective URL: https://healthme.ai/powerbi/?organisation=valextra.com&id=xrougeaux@valextra.com
Submission: On September 18 via manual from IT — Scanned from IT
Summary
This website contacted 14 IPs
in 3 countries
across 14 domains to perform 49 HTTP transactions.
The main IP is 162.241.218.58, located in
United States and
belongs to UNIFIEDLAYER-AS-1, US.
The main domain is healthme.ai.
TLS certificate: Issued by R3 on September 13th 2023. Valid for: 3 months.
This is the only time healthme.ai was scanned on urlscan.io!
TLS certificate: Issued by R3 on September 13th 2023. Valid for: 3 months.
This is the only time healthme.ai was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
1
137.135.86.93
(Tappahannock, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| www.weichert.com |
8
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
(United States)
ASN15133 (EDGECAST, US)
ASN15133 (EDGECAST, US)
| aadcdn.msftauth.net |
1
50.87.151.162
(United States)
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: mail.compositemediahd.com
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: mail.compositemediahd.com
| consolidatedriggingandlifting.com |
21
162.241.218.58
(United States)
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5540.bluehost.com
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5540.bluehost.com
| healthme.ai |
1
2a02:26f0:3500:594::35c1
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| secure.aadcdn.microsoftonline-p.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 21 |
healthme.ai
healthme.ai |
140 KB |
| 8 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 2505 |
222 KB |
| 5 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410 |
34 KB |
| 2 |
msauthimages.net
aadcdn.msauthimages.net |
285 KB |
| 2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 720 fonts.googleapis.com — Cisco Umbrella Rank: 113 |
32 KB |
| 2 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 1425 |
6 KB |
| 2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1683 |
40 KB |
| 2 |
live.com
login.live.com — Cisco Umbrella Rank: 62 |
2 KB |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 1243 |
30 KB |
| 1 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 2466 |
1 KB |
| 1 |
microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com — Cisco Umbrella Rank: 24166 |
2 KB |
| 1 |
consolidatedriggingandlifting.com
1 redirects
consolidatedriggingandlifting.com |
257 B |
| 1 |
web.app
pbi.web.app |
9 KB |
| 1 |
weichert.com
1 redirects
www.weichert.com — Cisco Umbrella Rank: 667226 |
294 B |
| 49 | 14 |
| Domain | Requested by | |
|---|---|---|
| 21 | healthme.ai |
pbi.web.app
healthme.ai code.jquery.com |
| 8 | aadcdn.msftauth.net |
pbi.web.app
|
| 5 | cdnjs.cloudflare.com |
healthme.ai
|
| 2 | aadcdn.msauthimages.net | |
| 2 | unpkg.com |
healthme.ai
|
| 2 | maxcdn.bootstrapcdn.com |
healthme.ai
|
| 2 | login.live.com |
pbi.web.app
|
| 1 | fonts.googleapis.com |
healthme.ai
|
| 1 | ajax.googleapis.com |
healthme.ai
|
| 1 | code.jquery.com |
healthme.ai
|
| 1 | aadcdn.msauth.net |
healthme.ai
|
| 1 | secure.aadcdn.microsoftonline-p.com |
healthme.ai
|
| 1 | consolidatedriggingandlifting.com | 1 redirects |
| 1 | pbi.web.app | |
| 1 | www.weichert.com | 1 redirects |
| 49 | 15 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| login.microsoftonline.com |
| login.live.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| web.app GTS CA 1D4 |
2023-09-11 - 2023-12-10 |
3 months | crt.sh |
| aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-01-31 - 2024-01-31 |
a year | crt.sh |
| login.live.com DigiCert SHA2 Secure Server CA |
2023-06-29 - 2024-06-29 |
a year | crt.sh |
| webmail.healthme.ai R3 |
2023-09-13 - 2023-12-12 |
3 months | crt.sh |
| secure.aadcdn.microsoftonline-p.com Microsoft Azure TLS Issuing CA 06 |
2022-10-21 - 2023-10-16 |
a year | crt.sh |
| aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-07-29 - 2024-07-29 |
a year | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
| aadcdn.msauthimages.net Microsoft Azure TLS Issuing CA 02 |
2023-03-08 - 2024-03-02 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://healthme.ai/powerbi/?organisation=valextra.com&id=xrougeaux@valextra.com
Frame ID: 7F7CF414EDC91B797775FAF11194ED7E
Requests: 17 HTTP requests in this frame
Frame:
https://login.live.com/Me.htm?v=3
Frame ID: BB7237FFC5C1900CAE83EF3E756E07D9
Requests: 1 HTTP requests in this frame
Frame:
https://healthme.ai/powerbi/Sign%20in%20to%20your%20account_files/prefetch(1).html
Frame ID: B8470FA2F321C1A9784A8EF9813C370A
Requests: 31 HTTP requests in this frame
Screenshot
Page Title
Sign in to your accountPage URL History Show full URLs
-
https://www.weichert.com/links.aspx?https://pbi.web.app/xrougE5Qauxa0TvalE5Qx1mCraa8D9vKoy45
HTTP 302
https://pbi.web.app/xrougE5Qauxa0TvalE5Qx1mCraa8D9vKoy45 Page URL
-
https://consolidatedriggingandlifting.com/wp-xml.php?url=https://pbi.web.app/xrougE5Qauxa0TvalE5Qx1mCraa8D9vKoy45
HTTP 302
https://healthme.ai/powerbi/?organisation=valextra.com&id=xrougeaux@valextra.com Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Flickity (JavaScript Libraries) Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /flickity(?:\.pkgd)?(?:\.min)?\.js
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
OWL Carousel
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- owl\.carousel.*\.js
Popper
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /popper\.js/([0-9.]+)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://login.microsoftonline.com/common/reprocess?ctx=rQIIAXWRO2_TUACFc_MwLSCoWGDswARy4nfiiA4hcZ2E2A6O3dZeItfx48bP2DeE5BewIHVg6oiEkCompgqE2DtVgglWBlQJCXVAjKQ_gOVMR5-OzvegRFbJ5n2GZlirfsjjvMXROMOTBG4xFIfTLM3RFEFOWILO7lzfQu--Tj7_edR9-ePG4OLyy6cTcNdHKM2btdpisagmrgttp2onUe0UgHMAfgJwXKw4Ma6PToo5R3N1muGoxppG8STL81VJU31F1BlppSNpakIZEoRMSauB5jHS9CmSRJ2StUlk7JuhFOmMMTVYRbMXSkdHZsePlDZBmOIuHOzvhvKaoYh7vjQNlsZKWMmRTn4r3lZac-RTV5FkcOVcFjfdJIvGaZKj49JboKRO3Ju0kzh2bFS9qjkxgraFYBIPsyR1MgSdfKc1U-XelOxanDmSGS8Yj4LnASFEROIqoc8m6p5gisFyZgxmPWt2yPYzlTOIpZaKMJuyFg_DgfvE16h2iFBg0l6wtDNZ2A_GJs6SndZAsqgof0an-MFjXqWEnt1osKY59zx3tpwPrfB9CVvfGiXxWenWelQMJ9tplrgwdM7L4KJ8kyg1NzawLXCvsF34WwavK2tbvwz3o2RG4hv--6j06rRwVqk9hKHHBhRNacOJwB9IklKPPFX1uSHZ7_aZrsApi5xvEMOY2WGa5BEGjjDsNwZeXCt82Pyf6381
Title: Can’t access your account?
Title: Can’t access your account?
Search URL Search Domain Scan URL
URL: https://login.live.com/oauth20_authorize.srf?response_type=code&client_id=51483342-085c-4d86-bf88-cf50c7252078&scope=openid+profile+email+offline_access&response_mode=form_post&redirect_uri=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2ffederation%2foauth2&state=rQIIAXWSvW_TUBTF4yQNbUFQISQYOzCBnDw_fySO6FBa10mJ7eDYbe0lch1_vPgzzmtD8hewIHVgyoiEkCompgqE2DtVgqmsDKgSEuqAGHHZu9zlnvPT1Tn3UYmqUs2HDM2wVn2fJ3mLo0mGpwBpMZAjaZbmaAioAQvo7O7yCn7_bfDlz5PWqx83OxeXXz_PiaV-iA6dqp1Ex8R9H-N03KzVJpNJNXFdZP9f1E4I4owgfhLEvLjgxKTeOy6OOZqr0wwHGzkZ8hTL81VJU31F1BlppmNpaCIZASBDadbRPEYaPseSqENZG0TGrhlKkc4YQ4NVNHuibOrY3PQjZQMAU9xCnd2tUM4ZirjjS8NgasyEmRzp1HnxjrJ-gH14NZIMzZzL4pKbZFE_TcZ4XnpHKKkTtwcbSRw7Nq5eyZwYI9vCKIm7WZI6GUbOeG19pMrtIdWyOLMnM17Q7wUvAiBEIHGV0GcTdUcwxWA6MjqjtjXaZ7czlTPAVEtFlA1Zi0dhx33ma3AjxDgwaS-Y2pks7AZ9k2SpzfWOZMFofEin5N5TXoVC2240WNM88Dx3ND3oWuGHUiWPNUri09Lt_KgYDVbTLHFR6JyViYvyLVBqLi5WVogHhdXC3zLxZiFv7pfhfpLMSHzLf--VXp8UThdqj1HosQGkodYdCPyeJCn1yFNVn-tS261tpiVwymTMN0A3ZtaYJnVUIY4qld-V4ssbhY9L13V9vnwv_5cGCXgSsquAb1K5tW7-Aw2&estsfed=1&uaid=64d4ac74f6bf483c8de40b4ceaf2d3bd&signup=1&lw=1&fl=easi2&fci=4345a7b9-9a63-4910-a426-35363201d503&mkt=en-US
Title: Create one!
Title: Create one!
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.weichert.com/links.aspx?https://pbi.web.app/xrougE5Qauxa0TvalE5Qx1mCraa8D9vKoy45
HTTP 302
https://pbi.web.app/xrougE5Qauxa0TvalE5Qx1mCraa8D9vKoy45 Page URL
-
https://consolidatedriggingandlifting.com/wp-xml.php?url=https://pbi.web.app/xrougE5Qauxa0TvalE5Qx1mCraa8D9vKoy45
HTTP 302
https://healthme.ai/powerbi/?organisation=valextra.com&id=xrougeaux@valextra.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.weichert.com/links.aspx?https://pbi.web.app/xrougE5Qauxa0TvalE5Qx1mCraa8D9vKoy45 HTTP 302
- https://pbi.web.app/xrougE5Qauxa0TvalE5Qx1mCraa8D9vKoy45
49 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
xrougE5Qauxa0TvalE5Qx1mCraa8D9vKoy45
pbi.web.app/ Redirect Chain
|
29 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
108 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
459 KB 126 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
42 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
oneDs_472fa3a12b65cf387ccd.js
aadcdn.msftauth.net/shared/1.0/content/js/ |
78 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ |
15 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 20 KB |
Other
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ |
0 12 KB |
Other
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Me.htm
login.live.com/ Frame BB72 |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 837 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
healthme.ai/powerbi/ Redirect Chain
|
191 KB 37 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prefetch(1).html
healthme.ai/powerbi/Sign%20in%20to%20your%20account_files/ Frame B847 |
36 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
process.php
healthme.ai/powerbi/ |
340 B 229 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ Frame B847 |
157 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aos.css
unpkg.com/aos@2.3.0/dist/ Frame B847 |
25 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ Frame B847 |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ Frame B847 |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bubble.css
healthme.ai/wp-content/themes/health_me_twentyone/css/ Frame B847 |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
healthme.ai/wp-includes/css/dist/block-library/ Frame B847 |
102 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.css
healthme.ai/wp-content/plugins/contact-form-7/includes/css/ Frame B847 |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
healthme.ai/wp-content/themes/health_me_twentyone/ Frame B847 |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.js
healthme.ai/wp-content/themes/health_me_twentyone/assets/js/ Frame B847 |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flickity.pkgd.min.js
healthme.ai/wp-content/themes/health_me_twentyone/flickity/ Frame B847 |
56 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flickity.css
healthme.ai/wp-content/themes/health_me_twentyone/flickity/ Frame B847 |
2 KB 924 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
me-style.css
healthme.ai/wp-content/themes/health_me_twentyone/css/ Frame B847 |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
me-responsive.css
healthme.ai/wp-content/themes/health_me_twentyone/css/ Frame B847 |
2 KB 932 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
healthme.ai/wp-content/themes/health_me_twentyone/images/ Frame B847 |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.svg
healthme.ai/wp-content/themes/health_me_twentyone/images/ Frame B847 |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
location-marker.svg
healthme.ai/wp-content/themes/health_me_twentyone/images/icon/ Frame B847 |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tw.svg
healthme.ai/wp-content/themes/health_me_twentyone/images/icon/ Frame B847 |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fb.svg
healthme.ai/wp-content/themes/health_me_twentyone/images/icon/ Frame B847 |
704 B 758 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame B847 |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/ Frame B847 |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/ Frame B847 |
59 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aos.js
unpkg.com/aos@2.3.0/dist/ Frame B847 |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
owl.carousel.min.js
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ Frame B847 |
43 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.js
healthme.ai/wp-content/plugins/contact-form-7/includes/swv/js/ Frame B847 |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.js
healthme.ai/wp-content/plugins/contact-form-7/includes/js/ Frame B847 |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
print.css
healthme.ai/wp-content/themes/health_me_twentyone/ Frame B847 |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
4b2a677a-87f2-47eb-9174-178b982caa8d
https://healthme.ai/ Frame B847 |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/ Frame B847 |
80 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ Frame B847 |
20 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji-release.min.js
healthme.ai/wp-includes/js/ Frame B847 |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
illustration
aadcdn.msauthimages.net/c1c6b6c8-heftztanax3s1qyntzmttic1blag3ggxmphlpon5dxe/logintenantbranding/0/ |
279 KB 279 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bannerlogo
aadcdn.msauthimages.net/c1c6b6c8-heftztanax3s1qyntzmttic1blag3ggxmphlpon5dxe/logintenantbranding/0/ |
6 KB 6 KB |
Image
image/* |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture function| $ function| jQuery function| goNext function| closeBox function| checkSubmit function| isEmail function| iserror function| isSuccess3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .weichert.com/ | Name: ASP.NET_SessionId Value: kdpvb3veqmo3dlxv5v5rshhz |
|
| .login.live.com/ | Name: MSPRequ Value: id=N<=1695062118&co=1 |
|
| .login.live.com/ | Name: uaid Value: f43308aabe6c41b0ab671009a7d902cf |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msauthimages.net
aadcdn.msftauth.net
ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
consolidatedriggingandlifting.com
fonts.googleapis.com
healthme.ai
login.live.com
maxcdn.bootstrapcdn.com
pbi.web.app
secure.aadcdn.microsoftonline-p.com
unpkg.com
www.weichert.com
137.135.86.93
162.241.218.58
20.190.159.23
2606:2800:233:3d10:442f:fac8:6d32:4c87
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2606:4700::6810:7caf
2606:4700::6811:180e
2606:4700::6812:acf
2620:0:890::100
2620:1ec:46::45
2a00:1450:4001:809::200a
2a00:1450:4001:80e::200a
2a02:26f0:3500:594::35c1
2a04:4e42:400::649
50.87.151.162
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
148a426efe3d6c454e4ec4c2abe26332f3e26f97a386b3fc1b995ab8598b117b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
22fc48813bff808ff9981e1da9658e78909ef92b465e9d7cd9168e82f7857724
235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
28fa757b0c0c15385987d2b4559575369567b8cf4d28023d56538b9dceeeb952
2b3df4d53882fba74216d365e7344c782145f2faf8e08a2d69c548f5fbc7fbf5
3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458
39a1c1f29df5860ca148544c04362486f0eefbffcf177a394f1f798ac52fa06c
3a6e534ba6c925e8646018b5b7133e0e42fa33c8d67bd104e7b0f2521bcdf595
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46b35ed348cb3d9618b6ca80a7ce6e594729e03acde5f3dc6befc56074811e9a
472c7748607b5b76986bb54ffe3fe79ea954f61705aabd2a0fa80d13b2eee46b
4ce65acaf4d41120a25c01985c629efe813b68d5acdd225522909b967f912d2e
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5f026b383ec248b94018a28c20153fe8a374bbce3693b6f1b589f7f37ec2e64d
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
81735261671cd094376ce5c6d31058c64fa70ad0f3b0798ffce2f2d8eeb7ab51
8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
9476cbf47838c6512648be29f0e62e68fc484e097195d8526aa335a680935cc7
9a38595d63dfae35b88183515b69f8b742128b564b9ea4dbd79908c3aa73921a
a423ac7e2310bc44a1defeb1f6df180cab8a59442e7f41d093f21649fcc86e69
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
aa142dcdb0df90424d15949632ae83cd91936d23238648f4dc85db1b8376ce5f
bc5f8361eafaef0a8aafaf2e7128e4cf4bb9c08bb7c86e4d599ca307510fae34
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
ce2064ce68a9d2be5e3e104d508d48107d92343d1ceefecc603632081f95cb19
ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d
d2855cd9c8b7c91f0d12dfe055e4914f70f2250225cd32fcefafbfce87e730dd
ddad2bd32c7bdb998503b198e94e59305f98813bd64e6fadf6bdd7cfea655596
ddc50db81388325d742df4bb1daded72aa3f0516b2fcd8bcf1d58be54bdd2c9e
def56d7a220150f7bdc1f7fa12a837514384b1833a1fd0004bbe12f90e5338e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee33ae3ebb1417dd0d3f75edfc1e1a13f976bd6b7010903581d8836a9c9ea818
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700
fbb456babf304d693c1f18021cc1e09a436ce8898638272019a5b2f3e1dbde71