hcarewards.lifeatworkportal.com
Open in
urlscan Pro
65.197.229.12
Public Scan
Effective URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa&TYPE=33554433&REALMOID=06-a317304c-48dc-4530-80a4-95b9673...
Submission: On October 16 via manual from US
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 11th 2020. Valid for: a year.
This is the only time hcarewards.lifeatworkportal.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 65.197.229.12 65.197.229.12 | 16983 (AS16983) (AS16983) | |
10 | 138.69.242.107 138.69.242.107 | 16983 (AS16983) (AS16983) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE) | |
13 | 4 |
ASN16983 (AS16983, US)
PTR: celanese.benefitcenter.com
hcarewards.com | |
hcarewards.lifeatworkportal.com |
ASN16983 (AS16983, US)
PTR: cd.lifeatworkportal.com
cd.lifeatworkportal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
lifeatworkportal.com
1 redirects
hcarewards.lifeatworkportal.com cd.lifeatworkportal.com |
589 KB |
1 |
gstatic.com
www.gstatic.com |
134 KB |
1 |
google.com
www.google.com |
642 B |
1 |
hcarewards.com
1 redirects
hcarewards.com |
191 B |
13 | 4 |
Domain | Requested by | |
---|---|---|
10 | cd.lifeatworkportal.com |
hcarewards.lifeatworkportal.com
cd.lifeatworkportal.com |
2 | hcarewards.lifeatworkportal.com | 1 redirects |
1 | www.gstatic.com |
www.google.com
|
1 | www.google.com |
hcarewards.lifeatworkportal.com
|
1 | hcarewards.com | 1 redirects |
13 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
hcahwe.com |
www.hcarewardshealthyliving.com |
form1095.benefitcenter.com |
www.hcahwe.com |
www.microsoft.com |
support.apple.com |
www.google.com |
www.mozilla.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
hcarewards.lifeatworkportal.com Sectigo RSA Organization Validation Secure Server CA |
2020-09-11 - 2021-09-11 |
a year | crt.sh |
cd.lifeatworkportal.com Sectigo RSA Organization Validation Secure Server CA |
2020-09-11 - 2021-09-11 |
a year | crt.sh |
www.google.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa&TYPE=33554433&REALMOID=06-a317304c-48dc-4530-80a4-95b9673839ac&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-6uTAs%2fOKjXN5PsE8mwRcXR%2bG4vTwfgXw8PO9HGFcyyVGaW0AS3uYlwIxwc5%2b3AI39EdtPYgbnlFHFBegDbECNiUrrLjhUoGg&TARGET=-SM-http%3a%2f%2fhcarewards%2elifeatworkportal%2ecom%2f
Frame ID: 282FD41C830F1ED4770008F2C1EE2230
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://hcarewards.com/
HTTP 302
https://hcarewards.lifeatworkportal.com/ HTTP 302
https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa&TYPE=33554433&REALMOID=06-a317304c-48... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /bootstrap[.-]([\d.]*\d)[^/]*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
reCAPTCHA (Captchas) Expand
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
Title: Learn About HCA Rewards
Search URL Search Domain Scan URL
Title: Wellness Resources
Search URL Search Domain Scan URL
Title: Form 1095
Search URL Search Domain Scan URL
Title: Resources for Retirees
Search URL Search Domain Scan URL
Title: Benefits Providers
Search URL Search Domain Scan URL
Title: Download Microsoft Internet Explorer
Search URL Search Domain Scan URL
Title: Download Safari
Search URL Search Domain Scan URL
Title: Download Chrome
Search URL Search Domain Scan URL
Title: Download Mozilla Firefox
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://hcarewards.com/
HTTP 302
https://hcarewards.lifeatworkportal.com/ HTTP 302
https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa&TYPE=33554433&REALMOID=06-a317304c-48dc-4530-80a4-95b9673839ac&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-6uTAs%2fOKjXN5PsE8mwRcXR%2bG4vTwfgXw8PO9HGFcyyVGaW0AS3uYlwIxwc5%2b3AI39EdtPYgbnlFHFBegDbECNiUrrLjhUoGg&TARGET=-SM-http%3a%2f%2fhcarewards%2elifeatworkportal%2ecom%2f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
logonlw.jsp
hcarewards.lifeatworkportal.com/login/v3/pub/ Redirect Chain
|
41 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
cd.lifeatworkportal.com/slogin/common/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
cd.lifeatworkportal.com/slogin/common/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
branding.css
cd.lifeatworkportal.com/slogin/hcamfa/css/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webtrends.js
cd.lifeatworkportal.com/static60/resources/scripts/client/rks/157/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
cd.lifeatworkportal.com/slogin/common/js/ |
274 KB 274 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.min.js
cd.lifeatworkportal.com/slogin/common/js/ |
23 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-3.0.0.js
cd.lifeatworkportal.com/slogin/common/js/ |
76 KB 76 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 642 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientLogo.png
cd.lifeatworkportal.com/slogin/hcamfa/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_login.png
cd.lifeatworkportal.com/slogin/hcamfa/images/ |
40 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/ |
341 KB 134 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SourceSerifPro-Regular.ttf
cd.lifeatworkportal.com/slogin/hcamfa/fonts/ |
98 KB 98 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| _tag function| ConvertToLower function| eraseCookie undefined| value function| fLogin_Validate function| setCookie function| toggler function| errorDisplay function| onLoadBody function| validate object| recaptcha11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
hcarewards.lifeatworkportal.com/ | Name: origtargetURL Value: http://hcarewards.lifeatworkportal.com/ |
|
hcarewards.lifeatworkportal.com/ | Name: origURL Value: http://hcarewards.lifeatworkportal.com/ |
|
hcarewards.lifeatworkportal.com/ | Name: locale Value: |
|
hcarewards.lifeatworkportal.com/ | Name: LB Value: 82.102.20.211:29284 Copenhagen-Hovedstaden-Denmark HCA-SPS--HCACLO |
|
hcarewards.lifeatworkportal.com/ | Name: product Value: login |
|
hcarewards.lifeatworkportal.com/ | Name: cltFolder Value: benefits/hcamfa |
|
hcarewards.lifeatworkportal.com/ | Name: LSESSIONID Value: Na4yt2RnOyi4zLpMClQoR1hacQMGzD5Pr1RiP5ssvDGAigsJbv4r!-1166972993 |
|
hcarewards.lifeatworkportal.com/ | Name: client Value: hcamfa |
|
hcarewards.lifeatworkportal.com/ | Name: logontype Value: fb |
|
hcarewards.lifeatworkportal.com/ | Name: X-Mapping-edphjpip Value: 4FBB372FF4C81CAC01D1F698878B5286 |
|
hcarewards.lifeatworkportal.com/ | Name: X-Mapping-clhgdopm Value: 55BC790EBEEF1918BA3300D84B79F506 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cd.lifeatworkportal.com
hcarewards.com
hcarewards.lifeatworkportal.com
www.google.com
www.gstatic.com
138.69.242.107
2a00:1450:4001:819::2004
2a00:1450:4001:820::2003
65.197.229.12
38ca7c48de33fb31ae7dfe8b2963024ab33be876a88453781e369ebb02e55b06
4f4e8fb1d562cf041c81eba325ad02c81c660513b11111081908e0f029ac344b
54f3aa37078dcd01911c9da1a5fd753b5834dde5acfd90c5bd55243bba87cf6d
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5f094b4aefe3bc552f23b8e0e1dc9d0fc73a5404c705718cd46495f23a171935
7efe892fa4ab4622102e8df4c7c4da906139fce1d4d25bb5c7a1224b8fa798cc
a22c3070ed376c37b68a7c6e33de72c06054feb66048160908a782b819d40922
b6d957cdcd295007d5ab3c2229b0935cb5312c6f6a2180441a19014f80a8c7bc
f5ceb3397b822fd4714212ac3bece071af29ff16a8bbac03fdc2baae1e37de45
fb6d5bfcd03dde09ab2f71355bad7fdf3a93aa36433895d7ab86374c33a04b77
fe00a828c8984aa432d60646922198377e78dba43b704e73ab70d1fd4b9458e9
fe3ba6a02cd23f368db927bdf16ee839ed32908d2c623604364d0e21e434c92e