securemyhealthequity.com Open in urlscan Pro
172.67.169.12 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://securemyhealthequity.com/
Submission: On August 26 via api (August 26th 2024, 2:17:34 am UTC) from BE — Scanned from IT

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 172.67.169.12, located in United States and belongs to CLOUDFLARENET, US. The main domain is securemyhealthequity.com.
TLS certificate: Issued by WE1 on August 18th 2024. Valid for: 3 months.

This is the only time securemyhealthequity.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address		AS Autonomous System
3 16	172.67.169.12 172.67.169.12		13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	1

16 172.67.169.12 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

securemyhealthequity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	securemyhealthequity.com 3 redirects securemyhealthequity.com	32 KB
13	1

	Domain	Requested by
16	securemyhealthequity.com	3 redirects securemyhealthequity.com
13	1

This site contains no links.

Subject Issuer	Validity	Valid
securemyhealthequity.com WE1	`2024-08-18` - `2024-11-16`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://securemyhealthequity.com/
Frame ID: DC17FA66CFFEF5B8B760B3FA2AAAA518
Requests: 9 HTTP requests in this frame

Frame: https://securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js
Frame ID: AC59FC47725B4CF195EBF262FD4D2A03
Requests: 2 HTTP requests in this frame

Frame: https://securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js
Frame ID: 7EE5585B41CE9890379C5A775F0FFFD6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

https://securemyhealthequity.com/ Page URL
https://securemyhealthequity.com/cdn-cgi/phish-bypass?atok=BVcks9IZG0XU_VkLxhAWoPBQblzo4rJRGuO8btU_j1o-172463... HTTP 301
https://securemyhealthequity.com/ Page URL
https://securemyhealthequity.com/ Page URL

Page Statistics

13
Requests

85 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

32 kB
Transfer

64 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://securemyhealthequity.com/ Page URL
https://securemyhealthequity.com/cdn-cgi/phish-bypass?atok=BVcks9IZG0XU_VkLxhAWoPBQblzo4rJRGuO8btU_j1o-1724638644-0.0.1.1-%2F HTTP 301
https://securemyhealthequity.com/ Page URL
https://securemyhealthequity.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://securemyhealthequity.com/cdn-cgi/phish-bypass?atok=BVcks9IZG0XU_VkLxhAWoPBQblzo4rJRGuO8btU_j1o-1724638644-0.0.1.1-%2F HTTP 301
https://securemyhealthequity.com/

Request Chain 6

https://securemyhealthequity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js

Request Chain 9

https://securemyhealthequity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
securemyhealthequity.com/ 5 KB
2 KB 523ms
55ms Document
text/html 172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securemyhealthequity.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2ece69121e7dbf83558725cec4152f398fa328f1d42206ccd0b117318296611

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8b9053461a560da6-MRS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 26 Aug 2024 02:17:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ixYb%2Fc1Lab2%2FoQ%2BhGfVpfVDTMQipCEG%2F219GtUXvI44ttcHHI7YJ2V7bG5WDa0WPbudb8eAKsy5W10lYLJ%2FcDZugs2EuAotmetI7KudAZYkastkvyGH8MyrOoLqlzyQFYoARhq75DFCfd9Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 cf.errors.css
securemyhealthequity.com/cdn-cgi/styles/ 23 KB
5 KB 49ms
48ms Stylesheet
text/css 172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securemyhealthequity.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: securemyhealthequity.com
URL: https://securemyhealthequity.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://securemyhealthequity.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 02:17:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2024 12:07:35 GMT
server: cloudflare
etag: W/"66c5d887-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8b9053467ab40da6-MRS
expires: Mon, 26 Aug 2024 04:17:24 GMT

GET
H2 200 icon-exclamation.png
securemyhealthequity.com/cdn-cgi/images/ 452 B
541 B 50ms
50ms Image
image/png 172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securemyhealthequity.com/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: securemyhealthequity.com
URL: https://securemyhealthequity.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://securemyhealthequity.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 02:17:24 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2024 12:07:35 GMT
server: cloudflare
etag: "66c5d887-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8b905346cb0b0da6-MRS
content-length: 452
expires: Mon, 26 Aug 2024 04:17:24 GMT

GET
H2 200 favicon.ico
securemyhealthequity.com/ 5 KB
2 KB 56ms
56ms Other
text/html 172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securemyhealthequity.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffcfbabe24aabd319003305877117a320ff26d752497d73f2c6deb74a97c1ce5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://securemyhealthequity.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 02:17:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pG8hFh2L6suk2EtdiwDLcABH1SuE1pNYyFdUNs93%2FtSVe%2FluSo13m2sxhNDuxdsxG%2FuoaBXP95r6WmUqXcYzxr4UCcTDhXW9W0yx4EevAqJ308bXKvtz%2BPRGjDu2oNqZaO2WkvI5WlVnKEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 8b9053471ba10da6-MRS
alt-svc: h3=":443"; ma=86400

GET
H2

503

/ Show response
securemyhealthequity.com/
Redirect Chain

https://securemyhealthequity.com/cdn-cgi/phish-bypass?atok=BVcks9IZG0XU_VkLxhAWoPBQblzo4rJRGuO8btU_j1o-1724638644-0.0.1.1-%2F
https://securemyhealthequity.com/

7 KB
8 KB

261ms
261ms

Document
text/html

172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securemyhealthequity.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8610a811ab34030749fbc19c3837bffc19d5580d31fa175edc2595bc273c1097

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://securemyhealthequity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8b905366790f0da6-MRS
content-type: text/html; charset=utf-8
date: Mon, 26 Aug 2024 02:17:29 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMSjGx79zc%2B0uFwAph8fvTyoSz%2F2CvGJlR%2BmIp%2B49NG62zezR7Qy3VDQ7cv3XXanKLdoqvMOs34tn1UQCdYK9Txh0HufV27kwcdjghJUNTsYJnweT0vCROQ9OcVB%2BrKl%2FzRlqeEUORdSKQw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

cache-control: private, no-cache
cf-ray: 8b90536628cd0da6-MRS
content-length: 167
content-type: text/html
date: Mon, 26 Aug 2024 02:17:29 GMT
location: https://securemyhealthequity.com/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 204 /
securemyhealthequity.com/ 0
767 B 153ms
151ms XHR
text/plain 172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securemyhealthequity.com/

Requested by

Host: securemyhealthequity.com
URL: https://securemyhealthequity.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

i3XoAG3h0Lv2JjKwBkjdtxyjI: 44322848
X-Requested-TimeStamp-Expire
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination: GET
Content-type: application/x-www-form-urlencoded
X-Requested-Type: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Referer: https://securemyhealthequity.com/
2i-euvToyJShDbkzn0cstfbkaG8: ka9lwAYY-gUwvwU6g4cJI5erTcA
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 02:17:29 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2B%2Byw5sauZYWLClJHZpINQokfusjwAzUt7%2FN8voL%2BkE01dX5WdjA6aBbLX5TQhpNGEAy99wsUtTUlO0KgBKYqIjx1Cwo1wJiDKyTPX5VHgI9YCitMJfjnejhT2XdV8ZWCsub4jqOHeFai7c%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8b905368abaf0da6-MRS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

GET
H2

200

main.js Show response
securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/ Frame AC59
Redirect Chain

https://securemyhealthequity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

8 KB
4 KB

52ms
52ms

Script
application/javascript

172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

Protocol

Server

172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5717f9fcd83e2943572b6b33a22017ee06033e160a244456d1b91530f1e7e5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 02:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JjLPorNA%2BLOxxG4QoLZmCgugqKr8fIfc66xhQt87iY8EAV5guJaJFSxZfd8AuyoTPNxFLLp%2FqV2pXQ3kVfKcd9yN78Chx90bn%2F7MNWgecfdlWENV24Cf56xIVSRBIKpBWGtpqszCmrUJcuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b9053690c300da6-MRS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 26 Aug 2024 02:17:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOPGz7KmSAplaixIe8w7PkLtNLYA1vmFGqBBRNKtskDfmo9ice78FXDBuqqxY0NEJjkkfTKgzKt65p4vJO9Bs2EIbUFeuKMetuTTcExvaFNKdccdoiPD8lqBYomvH9KVNrRKwZJ41UeTwPU%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b905368abb30da6-MRS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 503 favicon.ico
securemyhealthequity.com/ 6 KB
7 KB 302ms
300ms Other
text/html 172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securemyhealthequity.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://securemyhealthequity.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Aug 2024 02:17:29 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oZQDHAHRuca%2Ft2kP8%2BijhGe70ZELqnwaT0f6VKnzGwmiMvtss%2Fh0bMeF3KQXsuVNvub%2BSyX%2B5GT%2BEuLKZfok3JHVSxZS2fmAxuNyF7%2F7Ls9sDAp2TliR1MVKZIEvR%2FdnbV9M3IA5OOHdhGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8b905368abb90da6-MRS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

POST
H2 200 8b905366790f0da6
securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame AC59 0
857 B 119ms
110ms XHR
text/plain 172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/jsd/r/8b905366790f0da6
Requested by: Host: securemyhealthequity.com
URL: https://securemyhealthequity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Aug 2024 02:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tX9DZHtUNt03i0o6vu%2BZ%2B2XfRa7wIyk%2FenIo2%2Bwp1HehGJoJD1zUgK37uZ7PKHdukatH%2BsCsKvAYSjX9jevNLk5usL480OrzUjNO9OHvba%2FLQR0KfQRkfRrXuArzr9otecLb01bpqd0lOfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8b90536a4d880da6-MRS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 403 Primary Request / Show response
securemyhealthequity.com/ 1 KB
932 B 219ms
216ms Document
text/html 172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securemyhealthequity.com/

Requested by

Host: securemyhealthequity.com
URL: https://securemyhealthequity.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c035a488873fefb083fff0b78dfac5df4c3868dea5bb6c575cb750af934e065

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://securemyhealthequity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b90536a8db00da6-MRS
content-encoding: br
content-type: text/html
date: Mon, 26 Aug 2024 02:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SDpYqWxP8uMT%2FjX14%2B%2FAkDbdlqWU6p1QADoPa%2FM4NcCxxJkjshT2U6aH4rAaghFe%2FH7ipIzk5LbuKybBAu0NKjTe2spF2V6FuAIC0uUDErDRvSqvv67z088B1h%2FTUWBwd40J1VJtih1%2Fq4E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block 1; mode=block

GET
H2

200

main.js Show response
securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/ Frame 7EE5
Redirect Chain

https://securemyhealthequity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

8 KB
0

0ms
0ms

Script
application/javascript

172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

Protocol

Server

172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5717f9fcd83e2943572b6b33a22017ee06033e160a244456d1b91530f1e7e5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 26 Aug 2024 02:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JjLPorNA%2BLOxxG4QoLZmCgugqKr8fIfc66xhQt87iY8EAV5guJaJFSxZfd8AuyoTPNxFLLp%2FqV2pXQ3kVfKcd9yN78Chx90bn%2F7MNWgecfdlWENV24Cf56xIVSRBIKpBWGtpqszCmrUJcuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b9053690c300da6-MRS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 26 Aug 2024 02:17:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOPGz7KmSAplaixIe8w7PkLtNLYA1vmFGqBBRNKtskDfmo9ice78FXDBuqqxY0NEJjkkfTKgzKt65p4vJO9Bs2EIbUFeuKMetuTTcExvaFNKdccdoiPD8lqBYomvH9KVNrRKwZJ41UeTwPU%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b905368abb30da6-MRS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 403 favicon.ico
securemyhealthequity.com/ 548 B
534 B 198ms
197ms Other
text/html 172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://securemyhealthequity.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://securemyhealthequity.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: public
date: Mon, 26 Aug 2024 02:17:30 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMREQDSgk3LmmjBAY%2FvPqDpMevz3YW%2BSC4x8jUPA2tIYz2Cco0wBu24u3Cp6qkroWmOw9RmPS7fSDBOojD84pYCk6ZP%2FlYjknTqPZg9abVBZIXKLQIlcJkMkcprszmQLbKHUUDNtnPKd2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 8b90536c6fa00da6-MRS
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

POST
H2 200 8b90536a8db00da6 Show response
securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7EE5 0
725 B 87ms
81ms XHR
text/plain 172.67.169.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://securemyhealthequity.com/cdn-cgi/challenge-platform/h/b/jsd/r/8b90536a8db00da6
Requested by: Host: securemyhealthequity.com
URL: https://securemyhealthequity.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.169.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Aug 2024 02:17:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2F0mmUS6xJuAaMvst8d%2FnMYFEpFiDerdb6mwO3Y0fBdqz1UlDG6JkJFapUN95r2%2Bv5XXdgVFrEpg%2Bm618b3SzHY1l6Tvi3W2wMav1m9IjJPYdYDn9P0CbJBFxCvRBZwgNt1ZeGqPr7%2F6cJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8b90536ce8380da6-MRS
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.securemyhealthequity.com/	1970-01-20 23:05:25	Name: __cf_mw_byp Value: BVcks9IZG0XU_VkLxhAWoPBQblzo4rJRGuO8btU_j1o-1724638644-0.0.1.1-/
securemyhealthequity.com/	1970-01-20 23:05:25	Name: 4LcqRtvARbIR9bqlXS5amUZbxVA Value: bRdJLG138iX7tO23Ri3DALhGc_U
securemyhealthequity.com/	1970-01-20 23:05:25	Name: nSCxngLHFSpJ1kY9O_EI7s6MF6g Value: 1724638648
securemyhealthequity.com/	1970-01-20 23:05:25	Name: beeiJKryrGupoWGy6NCMdGJ68uE Value: 1724725048
securemyhealthequity.com/	1970-01-20 23:05:25	Name: va51KkOi8FquWDlbvuZGg4wo168 Value: FhzJ_hnxWApQ6yJZWdxZC5xl4Es
securemyhealthequity.com/	1970-01-20 23:05:25	Name: leBY2aZ7J0Uu1al6lijRyeWPSxQ Value: mbF3kGGb4YOGag2yQOYIv39Ayj4
securemyhealthequity.com/	1970-01-20 23:05:25	Name: 2pPIKLd3S9Amg1IN5mnU06pTbJE Value: W-vmQRw2kwR9O4rAC0o3TEEqnPw
securemyhealthequity.com/	1970-01-20 23:05:25	Name: -tFb1GKUTqsRjkXiyc9mC6SZYcc Value: 1724638649
securemyhealthequity.com/	1970-01-20 23:05:25	Name: d9hVpQ_jBMGkRWwbZkF1mVQZCww Value: 1724725049
securemyhealthequity.com/	1970-01-20 23:05:25	Name: tZVcZ2SqEDJ-7zyHu0om8-P4ekI Value: y71SJ-5iWJ1NWZAA2CMI9yDWYxA
securemyhealthequity.com/	1970-01-20 23:05:25	Name: 8P02518khLVHutTxeunlqL_NZ3c Value: THtUsLHcYKjKRJjKe5F2pRpZP1M
.securemyhealthequity.com/	1970-01-21 07:49:34	Name: cf_clearance Value: rIruxS1sPO2x4Z8_seDVeU_m2i9yzrw.YBWWDNket_4-1724638650-1.2.1.1-U6qUB8b3ep9zoXHF7fA4XG9ipv_tSUo5YivfCMwuhbCDBkOmCiQYP6CUYKyQ4FzgxKmg7.s9uXwm3kE4XXhq8IOv4.dmljsiVYxwBC1MyziUk0WzS_DI4dfxPs648yQkiFJ5GYNw0b2XIYtLKxWNS0TAQ1yCFxn_vLVmea8KpX1UKpP4ZHN9iu62ZrlDjEKi87fnr.Hz9dcU1TSSl0Fw1bqqKUEJOvgyV34kDudxRXFGbAzY2XpYYFHNDf.jeGGALKBxDiZ5FbVwlYWmMv.cEDvqLEbiSfZjpdSm06HMogp9PcZnYqpD5ItIMLG_qa0MfKtrToGz9AOPBh9b7Tg3Gj5p56.JtmZC_mH9gcv.fMthd9aQxKmYIqLPUeBU5EYB

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://securemyhealthequity.com/ Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://securemyhealthequity.com/favicon.ico Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://securemyhealthequity.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://securemyhealthequity.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

securemyhealthequity.com
172.67.169.12
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
2c035a488873fefb083fff0b78dfac5df4c3868dea5bb6c575cb750af934e065
5717f9fcd83e2943572b6b33a22017ee06033e160a244456d1b91530f1e7e5d1
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8610a811ab34030749fbc19c3837bffc19d5580d31fa175edc2595bc273c1097
c2ece69121e7dbf83558725cec4152f398fa328f1d42206ccd0b117318296611
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
ffcfbabe24aabd319003305877117a320ff26d752497d73f2c6deb74a97c1ce5

securemyhealthequity.com Open in urlscan Pro 172.67.169.12 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

85 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

32 kBTransfer

64 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

12 Cookies

4 Console Messages

Security Headers

Indicators

securemyhealthequity.com Open in urlscan Pro
172.67.169.12 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

32 kB
Transfer

64 kB
Size

12
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!