![](/screenshots/4eb3b8c4-129b-4303-8fd1-26ad5964c33a.png)
esi-gateway.lifeadvantages.net
Open in
urlscan Pro
18.223.254.164
Public Scan
Effective URL: https://esi-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_08da9def71146d23a3435c8bfd698d1180d474c937%3Ahttps%...
Submission: On June 13 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on September 22nd 2023. Valid for: a year.
This is the only time esi-gateway.lifeadvantages.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 104.17.70.206 104.17.70.206 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 6 | 40.71.11.140 40.71.11.140 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 6 | 18.223.254.164 18.223.254.164 | 16509 (AMAZON-02) (AMAZON-02) | |
9 | 2001:4801:782... 2001:4801:7827:101:be76:4eff:fe10:3224 | 19994 (RACKSPACE) (RACKSPACE) | |
19 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.theeappremium.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-254-164.us-east-2.compute.amazonaws.com
esi-gateway.lifeadvantages.net |
ASN19994 (RACKSPACE, US)
lifeadvantages.personaladvantage.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
personaladvantage.com
lifeadvantages.personaladvantage.com |
25 KB |
6 |
lifeadvantages.net
2 redirects
esi-gateway.lifeadvantages.net |
87 KB |
6 |
theeappremium.com
1 redirects
www.theeappremium.com |
63 KB |
1 |
theeap.com
click.theeap.com |
1 KB |
19 | 4 |
Domain | Requested by | |
---|---|---|
9 | lifeadvantages.personaladvantage.com |
www.theeappremium.com
lifeadvantages.personaladvantage.com |
6 | esi-gateway.lifeadvantages.net |
2 redirects
esi-gateway.lifeadvantages.net
|
6 | www.theeappremium.com |
1 redirects
click.theeap.com
esi-gateway.lifeadvantages.net www.theeappremium.com |
1 | click.theeap.com | |
19 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.theeappremium.com |
www.theeap.com |
cdn.personaladvantage.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
click.theeap.com Cloudflare Inc ECC CA-3 |
2023-12-28 - 2024-12-27 |
a year | crt.sh |
*.theeappremium.com GeoTrust TLS RSA CA G1 |
2024-06-05 - 2025-06-15 |
a year | crt.sh |
*.lifeadvantages.net Amazon RSA 2048 M01 |
2023-09-22 - 2024-10-19 |
a year | crt.sh |
*.personaladvantage.com Go Daddy Secure Certificate Authority - G2 |
2023-09-25 - 2024-10-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://esi-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_08da9def71146d23a3435c8bfd698d1180d474c937%3Ahttps%3A%2F%2Fesi-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fwww.theeappremium.com%252Fsaml-sp.xml%26cookieTime%3D1718300984
Frame ID: F939CE60A7A9AEA835A163547D1C1486
Requests: 19 HTTP requests in this frame
Screenshot
![](/screenshots/4eb3b8c4-129b-4303-8fd1-26ad5964c33a.png)
Page Title
ESI GROUP : WelcomePage URL History Show full URLs
- https://click.theeap.com/MjEyLVJCSS03MzAAAAGTq8MzUuBivjnogQ2TvZoNxto1lj4KMcHlqDqCRwtaNidm31up7AxQ8wtg... Page URL
-
https://www.theeappremium.com/health/mens-health/screening-guidelines-for-men-50-to-64.html?mkt_tok=MjEyLV...
HTTP 302
https://www.theeappremium.com/auth/resolver/saml2 Page URL
-
https://esi-gateway.lifeadvantages.net/saml2/idp/SSOService.php
HTTP 303
https://esi-gateway.lifeadvantages.net/module.php/multiauth/selectsource.php?AuthState=_08da9def71146d23a3435c8bfd6... HTTP 302
https://esi-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_08da9def71146d23a3435c8bfd698d1... Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Recover Username
Search URL Search Domain Scan URL
Title: PRIVACY & SECURITY
Search URL Search Domain Scan URL
Title: TERMS & CONDITIONS
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://click.theeap.com/MjEyLVJCSS03MzAAAAGTq8MzUuBivjnogQ2TvZoNxto1lj4KMcHlqDqCRwtaNidm31up7AxQ8wtg3kBostD1N-N-vBE= Page URL
-
https://www.theeappremium.com/health/mens-health/screening-guidelines-for-men-50-to-64.html?mkt_tok=MjEyLVJCSS03MzAAAAGTq8MzUt1UIJe5kVxAjm8VCWZP9TTPgUmSNHo2cHdOin8LcsEsYF1Q8vFZDiBp-L-_vhVGRpf9Z3itZrXZF6QvvgmOuzX6c5rKNmZvOXNWEJDjpg
HTTP 302
https://www.theeappremium.com/auth/resolver/saml2 Page URL
-
https://esi-gateway.lifeadvantages.net/saml2/idp/SSOService.php
HTTP 303
https://esi-gateway.lifeadvantages.net/module.php/multiauth/selectsource.php?AuthState=_08da9def71146d23a3435c8bfd698d1180d474c937%3Ahttps%3A%2F%2Fesi-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fwww.theeappremium.com%252Fsaml-sp.xml%26cookieTime%3D1718300984&source=LifeAdvantages-Authentication HTTP 302
https://esi-gateway.lifeadvantages.net/module.php/core/loginuserpass.php?AuthState=_08da9def71146d23a3435c8bfd698d1180d474c937%3Ahttps%3A%2F%2Fesi-gateway.lifeadvantages.net%2Fsaml2%2Fidp%2FSSOService.php%3Fspentityid%3Dhttps%253A%252F%252Fwww.theeappremium.com%252Fsaml-sp.xml%26cookieTime%3D1718300984 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://www.theeappremium.com/health/mens-health/screening-guidelines-for-men-50-to-64.html?mkt_tok=MjEyLVJCSS03MzAAAAGTq8MzUt1UIJe5kVxAjm8VCWZP9TTPgUmSNHo2cHdOin8LcsEsYF1Q8vFZDiBp-L-_vhVGRpf9Z3itZrXZF6QvvgmOuzX6c5rKNmZvOXNWEJDjpg HTTP 302
- https://www.theeappremium.com/auth/resolver/saml2
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
MjEyLVJCSS03MzAAAAGTq8MzUuBivjnogQ2TvZoNxto1lj4KMcHlqDqCRwtaNidm31up7AxQ8wtg3kBostD1N-N-vBE=
click.theeap.com/ |
583 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saml2
www.theeappremium.com/auth/resolver/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
loginuserpass.php
esi-gateway.lifeadvantages.net/module.php/core/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
www.theeappremium.com/ |
15 KB 15 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WelcomePage.css
www.theeappremium.com/utility/themes/10725404/css/ |
254 B 595 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overrides.css
esi-gateway.lifeadvantages.net/css/ |
451 B 628 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www.theeappremium.com/utility/scripts/ |
91 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
WelcomePage.css
lifeadvantages.personaladvantage.com/utility/themes/00000001/css/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CustomStyles.css
www.theeappremium.com/utility/themes/10725404/css/gadgets/ |
76 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MenuBar.css
lifeadvantages.personaladvantage.com/utility/themes/00000001/css/gadgets/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BannerAd.css
lifeadvantages.personaladvantage.com/utility/themes/00000001/css/gadgets/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SignInForm.css
lifeadvantages.personaladvantage.com/utility/themes/00000001/css/gadgets/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ConciergeBadge.css
lifeadvantages.personaladvantage.com/utility/themes/00000001/css/gadgets/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PolicyBar.css
lifeadvantages.personaladvantage.com/utility/themes/00000001/css/gadgets/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.jpg
esi-gateway.lifeadvantages.net/img/ |
80 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
username_icon.png
lifeadvantages.personaladvantage.com/utility/themes/00000001/gfx/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
password-icon.png
lifeadvantages.personaladvantage.com/utility/themes/00000001/gfx/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bullet_02.gif
lifeadvantages.personaladvantage.com/utility/images/ |
55 B 362 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
esi-gateway.lifeadvantages.net/ |
209 B 330 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| $ function| jQuery7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.click.theeap.com/ | Name: __cf_bm Value: YfL5EYtiGhgSRmGeEke_SOdRhiVUx2Gn3boVrGbW.l0-1718300983-1.0.1.1-eQOgSenAah6XoE0bPxGBEHvxYmZ9uef3I3tOgnO1k0LSWq0Cc5ABd68PTjh96boO62NzWWGPa99a8dr4WnDx1g |
|
www.theeappremium.com/ | Name: visit Value: BB3DC12FB6ADFE29908C89EF6160C5B1 |
|
www.theeappremium.com/ | Name: agent Value: f3b2b111-bf1b-4bb7-add3-c28653d97440 |
|
.www.theeappremium.com/ | Name: ARRAffinity Value: 3fffb3e33c94da948372a96b72a9248d88e436a625e026f7056697a6be32f26e |
|
.www.theeappremium.com/ | Name: ARRAffinitySameSite Value: 3fffb3e33c94da948372a96b72a9248d88e436a625e026f7056697a6be32f26e |
|
esi-gateway.lifeadvantages.net/ | Name: SimpleSAML Value: 3f3f51f2aab97fd483f3ced65d34515d |
|
esi-gateway.lifeadvantages.net/ | Name: multiauth_source_gateway-multi-auth Value: LifeAdvantages-Authentication |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; img-src 'self';script-src 'self' 'sha256-oxJ8kGM+Ls7+LcDkhd+wLuAj3CIDK3L73Fikj0q9EQk=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self' |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
click.theeap.com
esi-gateway.lifeadvantages.net
lifeadvantages.personaladvantage.com
www.theeappremium.com
104.17.70.206
18.223.254.164
2001:4801:7827:101:be76:4eff:fe10:3224
40.71.11.140
09907d5813c9ab7062a0cc3b9e1e2a697e6229c77d6ae48ce7372ebe39dc9984
189acca5677165795a82e55391ddbe3a05f7d58da9f28ac47c512ae9bb2ae838
2ce5df9163e654465ed4a8bc8f9266e4c85de51ce448ba02cb052216518ae85b
527eb18827677d38ef6fb590f2485eca9eb6e7578ebfba6b3bba526d3cb197fb
5c72f96b8f31c997d1687455a7838c510697cb51926d691d766fb3667687fe7d
64412f15efd8c4d1b23c53249c80b3e3ed3a7b996ded0e08e66b2ab29060035b
783792317e11bda53f75372389d5a0fa6e292fa22766a88f3f7c8e2e3e0ce7b0
917d219030c35e46fd3e9810be5fcfd15a07439f9679cd194603017ae7a2f5eb
985b0352f827ecd434af8e7cb8f0c4445a0e8ffba98a4e53d59ce1453aa7f366
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
c8b09e711d4fd7758e830e173348ae74c7bc759195d7e5ee59c1aeb237437083
cef28792703aec98c6bfa67e07a40e49ccc29d0411f8e066715fd6545ca3011f
d25397c7c6b16aae303741c20ff4cdc48b8b82dd9980dd7636efc5e1e16f1400
d93063220dcf5b0a7d5ec8c4c6474324ab4c40d2a4c8a406df2e8f187d8b9bb9
fac4799c1020ca3d0cb5510b7f7eb7c366d76cb810816eb1c53ea03a8c78d92b
fdc1c3291fd0af28b530169803fd3a27bb11ae1605f5b9263e3b972cd1281127