urlscan.io logo urlscan.io
SecurityTrails logo

memberportal.lifelock.com Open in urlscan Pro
3.161.82.23  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js
Effective URL: https://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js
Submission: On April 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 3.161.82.23, located in United States and belongs to AMAZON-02, US. The main domain is memberportal.lifelock.com. The Cisco Umbrella rank of the primary domain is 531880.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 4th 2023. Valid for: a year.
This is the only time memberportal.lifelock.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3.161.82.23 16509 (AMAZON-02)
2 1
Apex Domain
Subdomains		 Transfer
2 lifelock.com
memberportal.lifelock.com — Cisco Umbrella Rank: 531880
27 KB
2 1
Domain Requested by
2 memberportal.lifelock.com
2 1

This site contains no links.

Subject Issuer Validity Valid
memberportal.lifelock.com
Amazon RSA 2048 M02		 2023-11-04 -
2024-12-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js
Frame ID: 9F462DB21754B822F190DAD093D64BA9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js HTTP 307
    https://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

27 kB
Transfer

72 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js HTTP 307
    https://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ruxitagentjs_icanvfghqrux_10287240325103108.js
memberportal.lifelock.com/
Redirect Chain
  • http://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js
  • https://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js
68 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-23.fra56.r.cloudfront.net
Software
/
Resource Hash
f54effaf4e7115fb90b76f0cfb9654d04ad79a32802025cd5b10a43eccb2d088

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=31536000, immutable
content-encoding
gzip
content-length
25139
content-type
text/javascript; charset=utf-8
date
Thu, 25 Apr 2024 12:04:21 GMT
expires
Fri, 25 Apr 2025 12:04:21 GMT
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
via
1.1 28f8e84a396255d768dd04c506bf86f0.cloudfront.net (CloudFront)
x-amz-cf-id
NnkrEe4pvmAlSTjrPNJZMBocB3OGdjXGsMzqqK0fLeLgrGVSLurdLw==
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront

Redirect headers

Location
https://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
memberportal.lifelock.com/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://memberportal.lifelock.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-23.fra56.r.cloudfront.net
Software
/
Resource Hash
054c34c18cbdb80a3a1873fc3b6a4cc647a12fd9b240b85240ec28b51ebe58ac
Security Headers
Name Value
Content-Security-Policy img-src 'self' https://cdn.lifelock.com https://www.google-analytics.com https://stats.g.doubleclick.net https://dev-analytics-event.dev.aws.lifelock.com https://analytics-event.prod.aws.lifelock.com https://code.jquery.com data: https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://oms.norton.com
Public-Key-Pins pin-sha256="JSMzqOOrtyOT1kmau6zKhgT676hGgczD5VMdRMyJZFA="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho="; max-age=2592000
Strict-Transport-Security max-age=7776000000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://memberportal.lifelock.com/ruxitagentjs_icanvfghqrux_10287240325103108.js
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 25 Apr 2024 12:04:21 GMT
strict-transport-security
max-age=7776000000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
img-src 'self' https://cdn.lifelock.com https://www.google-analytics.com https://stats.g.doubleclick.net https://dev-analytics-event.dev.aws.lifelock.com https://analytics-event.prod.aws.lifelock.com https://code.jquery.com data: https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://oms.norton.com
content-encoding
gzip
via
1.1 28f8e84a396255d768dd04c506bf86f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
server-timing
dtSInfo;desc="0", dtRpid;desc="1333739063"
x-xss-protection
1; mode=block
public-key-pins
pin-sha256="JSMzqOOrtyOT1kmau6zKhgT676hGgczD5VMdRMyJZFA="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="RRM1dGqnDFsCJXBTHky16vi1obOlCgFFn/yOhI/y+ho="; max-age=2592000
pragma
no-cache
referrer-policy
no-referrer
etag
W/"de5-E6x2waoGRaGMF2/PQ/pOvJi9Yt8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate
x-amz-cf-id
VpW7wSaSwZQW2xcjg9XgMAVWlWmoby_NISI2A9GrwsY6O1kzxTopCQ==
expires
-1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.lifelock.com/ Name: dtCookie
Value: v_4_srv_3_sn_A9A4F13A66D69742A92A4AF9DDFA5AC2_perc_100000_ol_0_mul_1_app-3A6360e6b799e501b3_1_rcs-3Acss_0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

memberportal.lifelock.com
3.161.82.23
054c34c18cbdb80a3a1873fc3b6a4cc647a12fd9b240b85240ec28b51ebe58ac
f54effaf4e7115fb90b76f0cfb9654d04ad79a32802025cd5b10a43eccb2d088