id.039475896734985.healthyldietus.com
Open in
urlscan Pro
89.104.71.117
Malicious Activity!
Public Scan
Submission: On December 12 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on December 12th 2023. Valid for: 3 months.
This is the only time id.039475896734985.healthyldietus.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: EU Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 89.104.71.117 89.104.71.117 | 39494 (RU-CENTER-AS) (RU-CENTER-AS) | |
3 | 35.244.130.212 35.244.130.212 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
2 | 35.205.43.99 35.205.43.99 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
25 | 4 |
ASN39494 (RU-CENTER-AS, RU)
id.039475896734985.healthyldietus.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 212.130.244.35.bc.googleusercontent.com
res2.weblium.site |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.43.205.35.bc.googleusercontent.com
api.weblium.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
healthyldietus.com
id.039475896734985.healthyldietus.com |
1 MB |
3 |
weblium.site
res2.weblium.site — Cisco Umbrella Rank: 540431 |
117 KB |
2 |
weblium.com
api.weblium.com — Cisco Umbrella Rank: 490166 |
569 B |
25 | 3 |
Domain | Requested by | |
---|---|---|
20 | id.039475896734985.healthyldietus.com |
id.039475896734985.healthyldietus.com
|
3 | res2.weblium.site |
id.039475896734985.healthyldietus.com
|
2 | api.weblium.com |
id.039475896734985.healthyldietus.com
|
25 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
steunactie.nl |
www.linkedin.com |
docs.google.com |
help-to-ukraine.org |
www.hln.be |
Subject Issuer | Validity | Valid | |
---|---|---|---|
id.039475896734985.healthyldietus.com R3 |
2023-12-12 - 2024-03-11 |
3 months | crt.sh |
res2.weblium.site GTS CA 1D4 |
2023-11-19 - 2024-02-17 |
3 months | crt.sh |
*.weblium.com R3 |
2023-10-26 - 2024-01-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://id.039475896734985.healthyldietus.com/
Frame ID: ADA63017A50A6286B8346EF5C84FEA75
Requests: 30 HTTP requests in this frame
13 Outgoing links
These are links going to different origins than the main page.
Title: Want to Donate
Search URL Search Domain Scan URL
Title: Antoon Praet
Search URL Search Domain Scan URL
Title: Ivan Sabbe
Search URL Search Domain Scan URL
Title: Steunactie.nl
Search URL Search Domain Scan URL
Title: View table
Search URL Search Domain Scan URL
Title: View report
Search URL Search Domain Scan URL
Title: Document for refugees
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Who we are
Search URL Search Domain Scan URL
Title: What we do
Search URL Search Domain Scan URL
Title: Get involved
Search URL Search Domain Scan URL
Title: Contacts
Search URL Search Domain Scan URL
Title: Press
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
id.039475896734985.healthyldietus.com/ |
451 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-fonts-5bb75d14564d36002605c7b6.css
id.039475896734985.healthyldietus.com/css/ |
163 KB 121 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core-theme-5bb75d14564d36002605c7b6.css
id.039475896734985.healthyldietus.com/css/ |
203 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
id.039475896734985.healthyldietus.com/css/ |
177 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssr.css
id.039475896734985.healthyldietus.com/css/ |
28 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view-5bb75d14564d36002605c7b6.js
id.039475896734985.healthyldietus.com/css/ |
19 B 273 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
id.039475896734985.healthyldietus.com/css/ |
399 KB 100 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
view.js
id.039475896734985.healthyldietus.com/css/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slider.js
id.039475896734985.healthyldietus.com/css/ |
183 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
react-dom.js
id.039475896734985.healthyldietus.com/css/ |
120 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
legacy.js
id.039475896734985.healthyldietus.com/css/ |
2 MB 515 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendorscontact-form-chunk.js
id.039475896734985.healthyldietus.com/css/ |
265 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contact-form-chunk.css
id.039475896734985.healthyldietus.com/css/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contact-form-chunk.js
id.039475896734985.healthyldietus.com/css/ |
60 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
initial.js
id.039475896734985.healthyldietus.com/css/ |
95 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page-5bb75d14564d36002605c7b6.js
id.039475896734985.healthyldietus.com/css/ |
155 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6223349bb7b937002202cf4c_optimized.png
id.039475896734985.healthyldietus.com/css/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
62583ac760259e0022b7d288_optimized_1286_c1286x779-0x0.jpg
id.039475896734985.healthyldietus.com/css/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.js
id.039475896734985.healthyldietus.com/css/ |
90 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site-stat.js
id.039475896734985.healthyldietus.com/css/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
622338740f85370023ee35c6_optimized_1920.webp
res2.weblium.site/res/5d70ac45c917a00023aad765/ |
65 KB 65 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 8 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
12 KB 12 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 9 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 B 44 B |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
save
api.weblium.com/api/website/session/ |
68 B 569 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
save
api.weblium.com/api/website/session/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
initial.js
res2.weblium.site/site/62583d47874bf900236db362/ |
95 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
page-5bb75d14564d36002605c7b6.js
res2.weblium.site/site/62583d47874bf900236db362/ |
155 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: EU Government (Government)68 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture string| pathname undefined| preload_polyfill function| preload_polyfill_invoke object| swPromise function| registerAdata function| getAdata function| __set_style__ function| __require_style__ function| blockJsonp function| __require_block__ function| viewJsonp function| __require_view__ object| invokePreload object| __views object| webpackJsonp object| __INITIAL_STATE__ boolean| isRelative string| WEBLIUM_DOMAIN string| STRUCTURE_DOMAIN string| siteUrl string| mode string| pageId object| loadedPages object| scripts object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay function| _ function| __script object| webpackManifest string| slugId string| bucketUrl string| safeStaticDomain string| websiteId string| renderId function| initialLoading object| pageApps object| appsComponents object| apps object| popupsInfo string| API_URL object| appsContent object| regeneratorRuntime object| React function| __webpack_require__ function| MediaPlaceholder function| objectFitImages object| rollbar function| initLegacy object| browserHistory function| loadReactDOM object| memoStorage function| registerAppComponentInitializer function| preloadPopup function| showPopup function| closePopup object| wlStat object| popupsMap boolean| legacyIniting function| hydrateBlock0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.weblium.com
id.039475896734985.healthyldietus.com
res2.weblium.site
35.205.43.99
35.244.130.212
89.104.71.117
01ca87d2ea75e83973a7817fb02822e52d80ccf44c47e08d4486bd75d5533108
0313b568e3ebde272bddfafec1a0984b8c99723798d5100a056ea8c5476644d8
1829c7305de4ec8288ff85299fb73185704776d79ea8e1b3772c592b45e0a5cc
187435d32f749a971aff67b7e004deaa4f91df2af1611da7dd3a793566e09a37
1af81fbc3e62ebe83bc0ccc55a533a26562853bf1470a52e89982283964033e5
23afebe5c23ab17dbd56f899fe47052705ef73889551c8f64c355ee94e94a0a7
251ca9e28f5bd226a5fe83b7b17f2ca3c0d43c68c75db78c1d2899daa5d10356
2f6c746a1d669fcd26bbfabd83b5eb64a9f5c98272526b866346131c8f962a31
31079a702f9a0fd6f91a9b8257c3a4f5b414f75344493aebad298518f7ab8ebc
52734ffc9ed5c328ac20a2b1bd1177ade6dd2a4279d2445547fffdd5d1f5e2c4
5ac589704dd368b0f850c85d2d5520c98a789805ece7fe30d0959b82da3a4d0a
67b03b4f1434f091bb27e04bd0a36c15bd3b13360a8da64a8cd1454066342d26
67b4e0ddc7e67e8ec48682a72ac8cf8b9e03c51528964a1b5177ebcad059a7d3
73008aa40e5903cd5025f8c6cfda7b8e50f19cd6484c09e7f86769994624a8b0
7a11f63d869633a397a614242ea79ae1ceb2554dfac838aeb7a8efe65eef1f92
8ad39006ff4e157eb1f37acc5eca4683cd4869ec4c7ece90c5d6698709a8ce9a
9d95898f93b41bac4ffbb0b7ba76bc00f498f7a2c2989ebadaaf447caff18034
a2df170bd0114059539550e5e3b9ba6113a376e6acfb35b82259b119cb14f91c
ae9b4d4306c4c08255f63dd3a078f57fcc99c838b89ff2b1ea3e86805d6199d7
b19e26e8b34ed311747e843b9472ddbddf11ebd1eeb738eb0748ae875ad6f1f5
d0dcfa6e8d02e226f1239628352beb016bc7ec62d7d031dd9205a3fa98d15b08
da01206f08c529026039fec5e08532d903b3412ae65299989eb618e0ff9315b5
dd1dba2a7b39d04d4044db119ab83c0d7f3ad1fa77e22a8dbe083e8d07a8977b
dfcb7c0600cf0414955d8738ea6d01c84c8a8d0c73c005369ce0231b33c85119
f3e02fcbc3e663093ab86a07f6bbaed2f64b6eb62a811c32a4edc21c519044f6
f40329563564231f617f2b50b9eef50bdffde2f8ee3715d5951581d66b18ce66
f9350b1319b20ff358c9b8aad6347aa88c620901ea9a36f7c86559c8ac8882ca
fe1f61cd20c3f3246babd891612591164f8c06763356534aa4c8cc2e4010ff3e