urlscan.io logo urlscan.io
SecurityTrails logo

fs.lendlease.com Open in urlscan Pro
8.22.192.161  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r.benefitmail.co.uk/tr/cl/MEcxgiKHydW-vlX4V_e-LShpLaECu3GWG7uOiTsz7UHFlfdOQr_p82SLLlKaYYeBu573hcA3GVV6a47chdvjpju2KN...
Effective URL: https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
Submission: On January 21 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 6 HTTP transactions. The main IP is 8.22.192.161, located in Bayonne, United States and belongs to LEVEL3 - Level 3 Parent, LLC, US. The main domain is fs.lendlease.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 3rd 2018. Valid for: a year.
This is the only time fs.lendlease.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.16.230.163 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 8.22.192.154 3356 (LEVEL3)
4 8.22.192.161 3356 (LEVEL3)
6 3
Domain Requested by
4 fs.lendlease.com r.benefitmail.co.uk
fs.lendlease.com
1 www.llpreference.co.uk 1 redirects
1 sibautomation.com r.benefitmail.co.uk
1 r.benefitmail.co.uk
6 4

This site contains links to these domains. Also see Links.

Domain
lendlease.service-now.com
Subject Issuer Validity Valid
sni117763.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-12-30 -
2019-07-08		 6 months crt.sh
fs.lendlease.com
Entrust Certification Authority - L1K		 2018-12-03 -
2020-03-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
Frame ID: 5AAE31DF01075CF26EA7059BAE07B90A
Requests: 5 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=1588432
Frame ID: 33EDB15073E0CD91EC3749DC71999E12
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://r.benefitmail.co.uk/tr/cl/MEcxgiKHydW-vlX4V_e-LShpLaECu3GWG7uOiTsz7UHFlfdOQr_p82SLLlKaYYeBu573hc... Page URL
  2. http://www.llpreference.co.uk/ HTTP 301
    https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Page Statistics

6
Requests

83 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

244 kB
Transfer

241 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r.benefitmail.co.uk/tr/cl/MEcxgiKHydW-vlX4V_e-LShpLaECu3GWG7uOiTsz7UHFlfdOQr_p82SLLlKaYYeBu573hcA3GVV6a47chdvjpju2KNbtQ9yECfBVA8OHA_UDvu2nGL6nEm-46h6MgG3lX8AJQmc7O_EL3Brl8ipt5cTSmz7kj8IHybq4xXUl_avlMdpR5NG8_A Page URL
  2. http://www.llpreference.co.uk/ HTTP 301
    https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set MEcxgiKHydW-vlX4V_e-LShpLaECu3GWG7uOiTsz7UHFlfdOQr_p82SLLlKaYYeBu573hcA3GVV6a47chdvjpju2KNbtQ9yECfBVA8OHA_UDvu2nGL6nEm-46h6MgG3lX8AJQmc7O_EL3Brl8ipt5cTSmz7kj8IHybq4xXUl_avlMdpR5NG8_A
r.benefitmail.co.uk/tr/cl/ 		596 B
879 B 		Document
General
Check archive.org
Download Go to
Full URL
http://r.benefitmail.co.uk/tr/cl/MEcxgiKHydW-vlX4V_e-LShpLaECu3GWG7uOiTsz7UHFlfdOQr_p82SLLlKaYYeBu573hcA3GVV6a47chdvjpju2KNbtQ9yECfBVA8OHA_UDvu2nGL6nEm-46h6MgG3lX8AJQmc7O_EL3Brl8ipt5cTSmz7kj8IHybq4xXUl_avlMdpR5NG8_A
Protocol
HTTP/1.1
Server
104.16.230.163 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0f8df99f2a8f412a40e87e54ccc2375a2e09dcaade3acdc5028cf2335bd9b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Host
r.benefitmail.co.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 21 Jan 2019 22:01:52 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d96e535e3d0f255e0293ab6b5d94f58331548108112; expires=Tue, 21-Jan-20 22:01:52 GMT; path=/; domain=.r.benefitmail.co.uk; HttpOnly
X-Sib-Server
SENDINBLUE-red2-3
X-Content-Type-Options
nosniff
X-XSS-Protection
1
Server
cloudflare
CF-RAY
49cd0fd600bf2b82-AMS
Content-Encoding
gzip
cm.html
sibautomation.com/ Frame 33ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=1588432
Requested by
Host: r.benefitmail.co.uk
URL: http://r.benefitmail.co.uk/tr/cl/MEcxgiKHydW-vlX4V_e-LShpLaECu3GWG7uOiTsz7UHFlfdOQr_p82SLLlKaYYeBu573hcA3GVV6a47chdvjpju2KNbtQ9yECfBVA8OHA_UDvu2nGL6nEm-46h6MgG3lX8AJQmc7O_EL3Brl8ipt5cTSmz7kj8IHybq4xXUl_avlMdpR5NG8_A
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:30::681f:5183 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.org>
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
sibautomation.com
:scheme
https
:path
/cm.html?id=1588432
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://r.benefitmail.co.uk/tr/cl/MEcxgiKHydW-vlX4V_e-LShpLaECu3GWG7uOiTsz7UHFlfdOQr_p82SLLlKaYYeBu573hcA3GVV6a47chdvjpju2KNbtQ9yECfBVA8OHA_UDvu2nGL6nEm-46h6MgG3lX8AJQmc7O_EL3Brl8ipt5cTSmz7kj8IHybq4xXUl_avlMdpR5NG8_A
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://r.benefitmail.co.uk/tr/cl/MEcxgiKHydW-vlX4V_e-LShpLaECu3GWG7uOiTsz7UHFlfdOQr_p82SLLlKaYYeBu573hcA3GVV6a47chdvjpju2KNbtQ9yECfBVA8OHA_UDvu2nGL6nEm-46h6MgG3lX8AJQmc7O_EL3Brl8ipt5cTSmz7kj8IHybq4xXUl_avlMdpR5NG8_A

Response headers

status
200
date
Mon, 21 Jan 2019 22:01:52 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d34acd820b008c3532b82d4d0d07d9ae31548108112; expires=Tue, 21-Jan-20 22:01:52 GMT; path=/; domain=.sibautomation.com; HttpOnly
x-powered-by
Sails <sailsjs.org>
access-control-allow-origin
*
access-control-allow-credentials
access-control-allow-methods
access-control-allow-headers
access-control-expose-headers
vary
Accept-Encoding
x-sib-server
SENDINBLUE-web2-2
x-content-type-options
nosniff
x-xss-protection
1
cf-cache-status
EXPIRED
expires
Tue, 22 Jan 2019 00:01:52 GMT
cache-control
public, max-age=7200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
49cd0fd6a80896d6-FRA
content-encoding
br
Primary Request Cookie set IdpInitiatedSignon.aspx
fs.lendlease.com/adfs/ls/
Redirect Chain
  • http://www.llpreference.co.uk/
  • https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
16 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
Requested by
Host: r.benefitmail.co.uk
URL: http://r.benefitmail.co.uk/tr/cl/MEcxgiKHydW-vlX4V_e-LShpLaECu3GWG7uOiTsz7UHFlfdOQr_p82SLLlKaYYeBu573hcA3GVV6a47chdvjpju2KNbtQ9yECfBVA8OHA_UDvu2nGL6nEm-46h6MgG3lX8AJQmc7O_EL3Brl8ipt5cTSmz7kj8IHybq4xXUl_avlMdpR5NG8_A
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
8.22.192.161 Bayonne, United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software
/
Resource Hash
2694924a71553378acd1b1d2d1137078e47a34dc3db925156ed5ddd5564d5afb
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
fs.lendlease.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://r.benefitmail.co.uk/tr/cl/MEcxgiKHydW-vlX4V_e-LShpLaECu3GWG7uOiTsz7UHFlfdOQr_p82SLLlKaYYeBu573hcA3GVV6a47chdvjpju2KNbtQ9yECfBVA8OHA_UDvu2nGL6nEm-46h6MgG3lX8AJQmc7O_EL3Brl8ipt5cTSmz7kj8IHybq4xXUl_avlMdpR5NG8_A
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://r.benefitmail.co.uk/tr/cl/MEcxgiKHydW-vlX4V_e-LShpLaECu3GWG7uOiTsz7UHFlfdOQr_p82SLLlKaYYeBu573hcA3GVV6a47chdvjpju2KNbtQ9yECfBVA8OHA_UDvu2nGL6nEm-46h6MgG3lX8AJQmc7O_EL3Brl8ipt5cTSmz7kj8IHybq4xXUl_avlMdpR5NG8_A

Response headers

Cache-Control
no-cache,no-store
Pragma
no-cache
Content-Length
16451
Content-Type
text/html; charset=utf-8
Expires
-1
x-frame-options
DENY
P3P
ADFS doesn't have P3P policy, please contact your site's admin for more details
Set-Cookie
MSISSamlRequest=QmFzZVVybD1odHRwcyUzYSUyZiUyZmZzLmxlbmRsZWFzZS5jb20lMmZhZGZzJTJmbHMlMmZcU0FNTFJlcXVlc3Q9bFZKQmFzTXdFUHlLMGQyVzdjU09MUnlEYVM2QjlwS1dIbm9waXJRbW9yYmthcVVtejYlMmJjMElaU0d1aE5HbVoyZG9adGtJJTJmRHhEcnZEbm9IN3g3UVJkdk5tcnlXYWM2clF1empudGM4WHVhaWppc0pWUXg5dHFybG9paVdaVVdpWjdDb2pGNlRQRWxKdEVYMHNOWG91SFlCU3JNNlRyTTR6NTd5bktVWkt4Wkp1U3BmU0xRSkxrcHpkMVllbkp1UVVkcGpNb0NXQTNDRVJKaVJjdGtqSFpDUzZNNW9oSG1rdDVvWmpncVo1aU1nYzRJOWRnJTJmM0xMZ3pjU0V4cjNFQ29Yb0Zra1NuY2RESXpobHZxeWRybkJGbUlHMXpUbUV2MHRzaWpnaDJUa0hhT2NXZklRTHJRd2xBNnF4SDE5Q0xROXVFWEZMTmV2eW5XOU41cVVBTDJJVW1yUkl6ZWdYYnIwcVB4Mk95QncwOW5NSXlpWCUyYmpjeE8wSCUyYkJFRyUyZnBOdno1JTJmaktQWDljTG45NTIwbnclM2QlM2RcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUmVkaXJlY3RcU2lnbmF0dXJlPXZHMnNxMkNibzQwV0FiN2Zubnd5Sk4lMmJDOGUlMmZhYzJadmc1bGFkVU53VEh5RUxuSXU2Qm90RHZObUV3MVNiRVBaR0F0RkhrQW9hWmFtNDJYejUlMmYxYzE1MSUyYlp4JTJmNjNZMzJHWVNGQjFIYWU2U1JVJTJiVHZRaEJ2ZFZMWk1CekNRTjl5aHRwaSUyZk1DeTBSUVd5ZHpEOUwlMmJnUU8xRExiMDdRTUxYTWE5V0lZY0xjblRLWUIzTVhOMWg2JTJiTEJoQTdMcmxPUjhSVU1zWkk0bXFncUFLejdKMVE0M2dURlJnaUolMmZJMnZiaFZYaE5MRVcwaVFvSkNhZFNDYWZJMTExV1ZITm9IekN2cVJiWFM5Q0hxY0olMmIzVTAwNFozWHlqZk9nVUw3Mk0lMmZBMmNkUGFOWUtBVDJVRDVyTiUyZklIVjJ1TFdkeVphTVlDMjlJWnV2Y0F5dmNLeGcwc0owdDd3JTNkJTNkXFNpZ0FsZz1odHRwJTNhJTJmJTJmd3d3LnczLm9yZyUyZjIwMDElMmYwNCUyZnhtbGRzaWctbW9yZSUyM3JzYS1zaGEyNTZcUXVlcnlTdHJpbmdIYXNoPTI2JTJiRzR4UXc1QkxQTVRVajF3UzVtREVhOXUxdENicUdidk4yamxSMjZKSSUzZA==; path=/adfs; HttpOnly; Secure TS0145feac=0137176c1c075151f5a8c5f2b91647229958202a5f62c258e67b3b6821d7f720e75401a46b; Path=/ TS01a98002=0137176c1cb8b4f7bc037ccc9b1a796223437de477a97720c091026745876544c80107f0dc98d82f42d98bfce0bcd8569fb13b3071; path=/adfs
Date
Mon, 21 Jan 2019 22:01:52 GMT

Redirect headers

Location
https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
Server
BigIP
Connection
Keep-Alive
Content-Length
0
style.css
fs.lendlease.com/adfs/portal/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fs.lendlease.com/adfs/portal/css/style.css?id=D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Requested by
Host: fs.lendlease.com
URL: https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
8.22.192.161 Bayonne, United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software
/
Resource Hash
d74d4d6943f32ae6f7f11d14d601dbb0e1a58919176ee512150366b6279aaf99

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
fs.lendlease.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
Cookie
MSISSamlRequest=QmFzZVVybD1odHRwcyUzYSUyZiUyZmZzLmxlbmRsZWFzZS5jb20lMmZhZGZzJTJmbHMlMmZcU0FNTFJlcXVlc3Q9bFZKQmFzTXdFUHlLMGQyVzdjU09MUnlEYVM2QjlwS1dIbm9waXJRbW9yYmthcVVtejYlMmJjMElaU0d1aE5HbVoyZG9adGtJJTJmRHhEcnZEbm9IN3g3UVJkdk5tcnlXYWM2clF1empudGM4WHVhaWppc0pWUXg5dHFybG9paVdaVVdpWjdDb2pGNlRQRWxKdEVYMHNOWG91SFlCU3JNNlRyTTR6NTd5bktVWkt4Wkp1U3BmU0xRSkxrcHpkMVllbkp1UVVkcGpNb0NXQTNDRVJKaVJjdGtqSFpDUzZNNW9oSG1rdDVvWmpncVo1aU1nYzRJOWRnJTJmM0xMZ3pjU0V4cjNFQ29Yb0Zra1NuY2RESXpobHZxeWRybkJGbUlHMXpUbUV2MHRzaWpnaDJUa0hhT2NXZklRTHJRd2xBNnF4SDE5Q0xROXVFWEZMTmV2eW5XOU41cVVBTDJJVW1yUkl6ZWdYYnIwcVB4Mk95QncwOW5NSXlpWCUyYmpjeE8wSCUyYkJFRyUyZnBOdno1JTJmaktQWDljTG45NTIwbnclM2QlM2RcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUmVkaXJlY3RcU2lnbmF0dXJlPXZHMnNxMkNibzQwV0FiN2Zubnd5Sk4lMmJDOGUlMmZhYzJadmc1bGFkVU53VEh5RUxuSXU2Qm90RHZObUV3MVNiRVBaR0F0RkhrQW9hWmFtNDJYejUlMmYxYzE1MSUyYlp4JTJmNjNZMzJHWVNGQjFIYWU2U1JVJTJiVHZRaEJ2ZFZMWk1CekNRTjl5aHRwaSUyZk1DeTBSUVd5ZHpEOUwlMmJnUU8xRExiMDdRTUxYTWE5V0lZY0xjblRLWUIzTVhOMWg2JTJiTEJoQTdMcmxPUjhSVU1zWkk0bXFncUFLejdKMVE0M2dURlJnaUolMmZJMnZiaFZYaE5MRVcwaVFvSkNhZFNDYWZJMTExV1ZITm9IekN2cVJiWFM5Q0hxY0olMmIzVTAwNFozWHlqZk9nVUw3Mk0lMmZBMmNkUGFOWUtBVDJVRDVyTiUyZklIVjJ1TFdkeVphTVlDMjlJWnV2Y0F5dmNLeGcwc0owdDd3JTNkJTNkXFNpZ0FsZz1odHRwJTNhJTJmJTJmd3d3LnczLm9yZyUyZjIwMDElMmYwNCUyZnhtbGRzaWctbW9yZSUyM3JzYS1zaGEyNTZcUXVlcnlTdHJpbmdIYXNoPTI2JTJiRzR4UXc1QkxQTVRVajF3UzVtREVhOXUxdENicUdidk4yamxSMjZKSSUzZA==; TS01a98002=0137176c1cb8b4f7bc037ccc9b1a796223437de477a97720c091026745876544c80107f0dc98d82f42d98bfce0bcd8569fb13b3071; TS0145feac=0137176c1c075151f5a8c5f2b91647229958202a5f62c258e67b3b6821d7f720e75401a46b
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 21 Jan 2019 22:01:52 GMT
Expires
Wed, 20 Feb 2019 22:01:53 GMT
ETag
D74D4D6943F32AE6F7F11D14D601DBB0E1A58919176EE512150366B6279AAF99
Content-Length
7812
Content-Type
text/css
logo.png
fs.lendlease.com/adfs/portal/logo/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fs.lendlease.com/adfs/portal/logo/logo.png?id=1679920B034E03B00C13B197BC9D3FD399841FA288AFCC15DC921EB14DEE5F90
Requested by
Host: fs.lendlease.com
URL: https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
8.22.192.161 Bayonne, United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software
/
Resource Hash
1679920b034e03b00c13b197bc9d3fd399841fa288afcc15dc921eb14dee5f90

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
fs.lendlease.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
Cookie
MSISSamlRequest=QmFzZVVybD1odHRwcyUzYSUyZiUyZmZzLmxlbmRsZWFzZS5jb20lMmZhZGZzJTJmbHMlMmZcU0FNTFJlcXVlc3Q9bFZKQmFzTXdFUHlLMGQyVzdjU09MUnlEYVM2QjlwS1dIbm9waXJRbW9yYmthcVVtejYlMmJjMElaU0d1aE5HbVoyZG9adGtJJTJmRHhEcnZEbm9IN3g3UVJkdk5tcnlXYWM2clF1empudGM4WHVhaWppc0pWUXg5dHFybG9paVdaVVdpWjdDb2pGNlRQRWxKdEVYMHNOWG91SFlCU3JNNlRyTTR6NTd5bktVWkt4Wkp1U3BmU0xRSkxrcHpkMVllbkp1UVVkcGpNb0NXQTNDRVJKaVJjdGtqSFpDUzZNNW9oSG1rdDVvWmpncVo1aU1nYzRJOWRnJTJmM0xMZ3pjU0V4cjNFQ29Yb0Zra1NuY2RESXpobHZxeWRybkJGbUlHMXpUbUV2MHRzaWpnaDJUa0hhT2NXZklRTHJRd2xBNnF4SDE5Q0xROXVFWEZMTmV2eW5XOU41cVVBTDJJVW1yUkl6ZWdYYnIwcVB4Mk95QncwOW5NSXlpWCUyYmpjeE8wSCUyYkJFRyUyZnBOdno1JTJmaktQWDljTG45NTIwbnclM2QlM2RcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUmVkaXJlY3RcU2lnbmF0dXJlPXZHMnNxMkNibzQwV0FiN2Zubnd5Sk4lMmJDOGUlMmZhYzJadmc1bGFkVU53VEh5RUxuSXU2Qm90RHZObUV3MVNiRVBaR0F0RkhrQW9hWmFtNDJYejUlMmYxYzE1MSUyYlp4JTJmNjNZMzJHWVNGQjFIYWU2U1JVJTJiVHZRaEJ2ZFZMWk1CekNRTjl5aHRwaSUyZk1DeTBSUVd5ZHpEOUwlMmJnUU8xRExiMDdRTUxYTWE5V0lZY0xjblRLWUIzTVhOMWg2JTJiTEJoQTdMcmxPUjhSVU1zWkk0bXFncUFLejdKMVE0M2dURlJnaUolMmZJMnZiaFZYaE5MRVcwaVFvSkNhZFNDYWZJMTExV1ZITm9IekN2cVJiWFM5Q0hxY0olMmIzVTAwNFozWHlqZk9nVUw3Mk0lMmZBMmNkUGFOWUtBVDJVRDVyTiUyZklIVjJ1TFdkeVphTVlDMjlJWnV2Y0F5dmNLeGcwc0owdDd3JTNkJTNkXFNpZ0FsZz1odHRwJTNhJTJmJTJmd3d3LnczLm9yZyUyZjIwMDElMmYwNCUyZnhtbGRzaWctbW9yZSUyM3JzYS1zaGEyNTZcUXVlcnlTdHJpbmdIYXNoPTI2JTJiRzR4UXc1QkxQTVRVajF3UzVtREVhOXUxdENicUdidk4yamxSMjZKSSUzZA==; TS01a98002=0137176c1cb8b4f7bc037ccc9b1a796223437de477a97720c091026745876544c80107f0dc98d82f42d98bfce0bcd8569fb13b3071; TS0145feac=0137176c1c075151f5a8c5f2b91647229958202a5f62c258e67b3b6821d7f720e75401a46b
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 21 Jan 2019 22:01:53 GMT
Expires
Wed, 20 Feb 2019 22:01:53 GMT
ETag
1679920B034E03B00C13B197BC9D3FD399841FA288AFCC15DC921EB14DEE5F90
Content-Length
19360
Content-Type
image/png
illustration.jpg
fs.lendlease.com/adfs/portal/illustration/ 		198 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fs.lendlease.com/adfs/portal/illustration/illustration.jpg?id=E62998EC3F5DBE50491B6CEB06AFD9A88DD176C5EE026492A698FFE18335C044
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
8.22.192.161 Bayonne, United States, ASN3356 (LEVEL3 - Level 3 Parent, LLC, US),
Reverse DNS
Software
/
Resource Hash
e62998ec3f5dbe50491b6ceb06afd9a88dd176c5ee026492a698ffe18335c044

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
fs.lendlease.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
Cookie
MSISSamlRequest=QmFzZVVybD1odHRwcyUzYSUyZiUyZmZzLmxlbmRsZWFzZS5jb20lMmZhZGZzJTJmbHMlMmZcU0FNTFJlcXVlc3Q9bFZKQmFzTXdFUHlLMGQyVzdjU09MUnlEYVM2QjlwS1dIbm9waXJRbW9yYmthcVVtejYlMmJjMElaU0d1aE5HbVoyZG9adGtJJTJmRHhEcnZEbm9IN3g3UVJkdk5tcnlXYWM2clF1empudGM4WHVhaWppc0pWUXg5dHFybG9paVdaVVdpWjdDb2pGNlRQRWxKdEVYMHNOWG91SFlCU3JNNlRyTTR6NTd5bktVWkt4Wkp1U3BmU0xRSkxrcHpkMVllbkp1UVVkcGpNb0NXQTNDRVJKaVJjdGtqSFpDUzZNNW9oSG1rdDVvWmpncVo1aU1nYzRJOWRnJTJmM0xMZ3pjU0V4cjNFQ29Yb0Zra1NuY2RESXpobHZxeWRybkJGbUlHMXpUbUV2MHRzaWpnaDJUa0hhT2NXZklRTHJRd2xBNnF4SDE5Q0xROXVFWEZMTmV2eW5XOU41cVVBTDJJVW1yUkl6ZWdYYnIwcVB4Mk95QncwOW5NSXlpWCUyYmpjeE8wSCUyYkJFRyUyZnBOdno1JTJmaktQWDljTG45NTIwbnclM2QlM2RcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUmVkaXJlY3RcU2lnbmF0dXJlPXZHMnNxMkNibzQwV0FiN2Zubnd5Sk4lMmJDOGUlMmZhYzJadmc1bGFkVU53VEh5RUxuSXU2Qm90RHZObUV3MVNiRVBaR0F0RkhrQW9hWmFtNDJYejUlMmYxYzE1MSUyYlp4JTJmNjNZMzJHWVNGQjFIYWU2U1JVJTJiVHZRaEJ2ZFZMWk1CekNRTjl5aHRwaSUyZk1DeTBSUVd5ZHpEOUwlMmJnUU8xRExiMDdRTUxYTWE5V0lZY0xjblRLWUIzTVhOMWg2JTJiTEJoQTdMcmxPUjhSVU1zWkk0bXFncUFLejdKMVE0M2dURlJnaUolMmZJMnZiaFZYaE5MRVcwaVFvSkNhZFNDYWZJMTExV1ZITm9IekN2cVJiWFM5Q0hxY0olMmIzVTAwNFozWHlqZk9nVUw3Mk0lMmZBMmNkUGFOWUtBVDJVRDVyTiUyZklIVjJ1TFdkeVphTVlDMjlJWnV2Y0F5dmNLeGcwc0owdDd3JTNkJTNkXFNpZ0FsZz1odHRwJTNhJTJmJTJmd3d3LnczLm9yZyUyZjIwMDElMmYwNCUyZnhtbGRzaWctbW9yZSUyM3JzYS1zaGEyNTZcUXVlcnlTdHJpbmdIYXNoPTI2JTJiRzR4UXc1QkxQTVRVajF3UzVtREVhOXUxdENicUdidk4yamxSMjZKSSUzZA==; TS01a98002=0137176c1cb8b4f7bc037ccc9b1a796223437de477a97720c091026745876544c80107f0dc98d82f42d98bfce0bcd8569fb13b3071; TS0145feac=0137176c1c075151f5a8c5f2b91647229958202a5f62c258e67b3b6821d7f720e75401a46b
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fs.lendlease.com/adfs/ls/IdpInitiatedSignon.aspx?loginToRp=https://www.benefex.co.uk/saml/flex/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 21 Jan 2019 22:01:53 GMT
Expires
Wed, 20 Feb 2019 22:01:54 GMT
ETag
E62998EC3F5DBE50491B6CEB06AFD9A88DD176C5EE026492A698FFE18335C044
Content-Length
203057
Content-Type
image/jpg

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration

3 Cookies

Domain/Path Name / Value
fs.lendlease.com/ Name: TS0145feac
Value: 0137176c1c075151f5a8c5f2b91647229958202a5f62c258e67b3b6821d7f720e75401a46b
fs.lendlease.com/adfs Name: TS01a98002
Value: 0137176c1cb8b4f7bc037ccc9b1a796223437de477a97720c091026745876544c80107f0dc98d82f42d98bfce0bcd8569fb13b3071
fs.lendlease.com/adfs Name: MSISSamlRequest
Value: QmFzZVVybD1odHRwcyUzYSUyZiUyZmZzLmxlbmRsZWFzZS5jb20lMmZhZGZzJTJmbHMlMmZcU0FNTFJlcXVlc3Q9bFZKQmFzTXdFUHlLMGQyVzdjU09MUnlEYVM2QjlwS1dIbm9waXJRbW9yYmthcVVtejYlMmJjMElaU0d1aE5HbVoyZG9adGtJJTJmRHhEcnZEbm9IN3g3UVJkdk5tcnlXYWM2clF1empudGM4WHVhaWppc0pWUXg5dHFybG9paVdaVVdpWjdDb2pGNlRQRWxKdEVYMHNOWG91SFlCU3JNNlRyTTR6NTd5bktVWkt4Wkp1U3BmU0xRSkxrcHpkMVllbkp1UVVkcGpNb0NXQTNDRVJKaVJjdGtqSFpDUzZNNW9oSG1rdDVvWmpncVo1aU1nYzRJOWRnJTJmM0xMZ3pjU0V4cjNFQ29Yb0Zra1NuY2RESXpobHZxeWRybkJGbUlHMXpUbUV2MHRzaWpnaDJUa0hhT2NXZklRTHJRd2xBNnF4SDE5Q0xROXVFWEZMTmV2eW5XOU41cVVBTDJJVW1yUkl6ZWdYYnIwcVB4Mk95QncwOW5NSXlpWCUyYmpjeE8wSCUyYkJFRyUyZnBOdno1JTJmaktQWDljTG45NTIwbnclM2QlM2RcUHJvdG9jb2xCaW5kaW5nPXVybiUzYW9hc2lzJTNhbmFtZXMlM2F0YyUzYVNBTUwlM2EyLjAlM2FiaW5kaW5ncyUzYUhUVFAtUmVkaXJlY3RcU2lnbmF0dXJlPXZHMnNxMkNibzQwV0FiN2Zubnd5Sk4lMmJDOGUlMmZhYzJadmc1bGFkVU53VEh5RUxuSXU2Qm90RHZObUV3MVNiRVBaR0F0RkhrQW9hWmFtNDJYejUlMmYxYzE1MSUyYlp4JTJmNjNZMzJHWVNGQjFIYWU2U1JVJTJiVHZRaEJ2ZFZMWk1CekNRTjl5aHRwaSUyZk1DeTBSUVd5ZHpEOUwlMmJnUU8xRExiMDdRTUxYTWE5V0lZY0xjblRLWUIzTVhOMWg2JTJiTEJoQTdMcmxPUjhSVU1zWkk0bXFncUFLejdKMVE0M2dURlJnaUolMmZJMnZiaFZYaE5MRVcwaVFvSkNhZFNDYWZJMTExV1ZITm9IekN2cVJiWFM5Q0hxY0olMmIzVTAwNFozWHlqZk9nVUw3Mk0lMmZBMmNkUGFOWUtBVDJVRDVyTiUyZklIVjJ1TFdkeVphTVlDMjlJWnV2Y0F5dmNLeGcwc0owdDd3JTNkJTNkXFNpZ0FsZz1odHRwJTNhJTJmJTJmd3d3LnczLm9yZyUyZjIwMDElMmYwNCUyZnhtbGRzaWctbW9yZSUyM3JzYS1zaGEyNTZcUXVlcnlTdHJpbmdIYXNoPTI2JTJiRzR4UXc1QkxQTVRVajF3UzVtREVhOXUxdENicUdidk4yamxSMjZKSSUzZA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1