herc.benefitcenter.com
Open in
urlscan Pro
138.69.242.104
Public Scan
Effective URL: https://herc.benefitcenter.com/globalwar/pub/logon.jsp?TYPE=33554433&REALMOID=06-69dc3069-4d7d-48ea-9444-aaba6cd8845b&GUID=&SMA...
Submission: On February 05 via manual from US
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on September 21st 2020. Valid for: a year.
This is the only time herc.benefitcenter.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 9 | 138.69.242.104 138.69.242.104 | 16983 (AS16983) (AS16983) | |
1 2 | 65.197.229.114 65.197.229.114 | 16983 (AS16983) (AS16983) | |
8 | 2 |
ASN16983 (AS16983, US)
PTR: herc.benefitcenter.com
herc.benefitcenter.com |
ASN16983 (AS16983, US)
PTR: sdc.benefitsweb.com
sdc.benefitcenter.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
benefitcenter.com
3 redirects
herc.benefitcenter.com sdc.benefitcenter.com |
67 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
9 | herc.benefitcenter.com |
2 redirects
herc.benefitcenter.com
|
2 | sdc.benefitcenter.com |
1 redirects
herc.benefitcenter.com
|
8 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
herc.benefitcenter.com Sectigo RSA Organization Validation Secure Server CA |
2020-09-21 - 2021-09-21 |
a year | crt.sh |
sdc.benefitcenter.com Sectigo RSA Organization Validation Secure Server CA |
2020-09-16 - 2021-09-16 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://herc.benefitcenter.com/globalwar/pub/logon.jsp?TYPE=33554433&REALMOID=06-69dc3069-4d7d-48ea-9444-aaba6cd8845b&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-HHQyon9N8GfaZm%2fM5ly5BplnEq6NqvIAtxqQ73BLYyYZ9To77lh77rdWjES2ADEQnj69%2fMmXnISpc2TSTJm8Kg64tbizwXzo&TARGET=-SM-https%3a%2f%2fherc%2ebenefitcenter%2ecom%2f
Frame ID: C88BF05A77CC738885141365AA5EBAE3
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://herc.benefitcenter.com/
HTTP 302
https://herc.benefitcenter.com/ HTTP 302
https://herc.benefitcenter.com/globalwar/pub/logon.jsp?TYPE=33554433&REALMOID=06-69dc3069-4d7d-48ea-9444-aa... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://herc.benefitcenter.com/
HTTP 302
https://herc.benefitcenter.com/ HTTP 302
https://herc.benefitcenter.com/globalwar/pub/logon.jsp?TYPE=33554433&REALMOID=06-69dc3069-4d7d-48ea-9444-aaba6cd8845b&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-HHQyon9N8GfaZm%2fM5ly5BplnEq6NqvIAtxqQ73BLYyYZ9To77lh77rdWjES2ADEQnj69%2fMmXnISpc2TSTJm8Kg64tbizwXzo&TARGET=-SM-https%3a%2f%2fherc%2ebenefitcenter%2ecom%2f Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://sdc.benefitcenter.com/dcs5vilyhrzp97sh4huy8tk46_4d4t/dcs.gif?&dcsdat=1612541353177&dcssip=herc.benefitcenter.com&dcsuri=/globalwar/pub/logon.jsp&dcsqry=?TYPE=33554433%26REALMOID=06-69dc3069-4d7d-48ea-9444-aaba6cd8845b%26GUID=%26SMAUTHREASON=0%26METHOD=GET%26SMAGENTNAME=-SM-HHQyon9N8GfaZm%25252fM5ly5BplnEq6NqvIAtxqQ73BLYyYZ9To77lh77rdWjES2ADEQnj69%25252fMmXnISpc2TSTJm8Kg64tbizwXzo%26TARGET=-SM-https%25253a%25252f%25252fherc%25252ebenefitcenter%25252ecom%25252f&WT.tz=1&WT.bh=17&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Herc%2520BenefitsPlus&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=windows-1252&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=herc.benefitcenter.com%252Fglobalwar%252Fpub%252Flogon.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1612541353179&WT.vtid=203a2e12b4b7a9d04bd1612519753179&WT.co_f=203a2e12b4b7a9d04bd1612519753179&meta_pageref=Login&WT.dep=meta_pageref HTTP 303
- https://sdc.benefitcenter.com/dcs5vilyhrzp97sh4huy8tk46_4d4t/dcs.gif?dcsredirect=1&dcsdat=1612541353177&dcssip=herc.benefitcenter.com&dcsuri=/globalwar/pub/logon.jsp&dcsqry=?TYPE=33554433%26REALMOID=06-69dc3069-4d7d-48ea-9444-aaba6cd8845b%26GUID=%26SMAUTHREASON=0%26METHOD=GET%26SMAGENTNAME=-SM-HHQyon9N8GfaZm%25252fM5ly5BplnEq6NqvIAtxqQ73BLYyYZ9To77lh77rdWjES2ADEQnj69%25252fMmXnISpc2TSTJm8Kg64tbizwXzo%26TARGET=-SM-https%25253a%25252f%25252fherc%25252ebenefitcenter%25252ecom%25252f&WT.tz=1&WT.bh=17&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Herc%2520BenefitsPlus&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=windows-1252&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=herc.benefitcenter.com%252Fglobalwar%252Fpub%252Flogon.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1612541353179&WT.vtid=203a2e12b4b7a9d04bd1612519753179&WT.co_f=203a2e12b4b7a9d04bd1612519753179&meta_pageref=Login&WT.dep=meta_pageref
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
logon.jsp
herc.benefitcenter.com/globalwar/pub/ Redirect Chain
|
13 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.css
herc.benefitcenter.com/globalweb/benefits/Herc/css/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webtrends.js
herc.benefitcenter.com/benefits/84/Herc/scripts/ |
27 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_logo.gif
herc.benefitcenter.com/globalweb/benefits/Herc/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
top_title.gif
herc.benefitcenter.com/globalweb/benefits/Herc/images/ |
6 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_error.gif
herc.benefitcenter.com/globalweb/benefits/Herc/images/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dcs.gif
sdc.benefitcenter.com/dcs5vilyhrzp97sh4huy8tk46_4d4t/ Redirect Chain
|
43 B 83 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bullet_01.gif
herc.benefitcenter.com/globalweb/benefits/Herc/images/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| WebTrends function| dcsMultiTrack function| dcsDebug object| _tag string| url object| urlParts function| ConvertToLower function| eraseCookie undefined| value function| fLogin_Validate function| setCookie function| submitForm function| errorDisplay function| pageDisplay object| now string| date function| fourdigits function| firstvisit number| todayyear11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
herc.benefitcenter.com/ | Name: X-Mapping-pgpjgnin Value: BB4E92536DA6A6D7F67F78626BC0EA18 |
|
herc.benefitcenter.com/ | Name: LB Value: 82.102.19.136:6098 Brussels-Brussels Hoofdstedelijk Gewest-Belgium SPS--CLO12 |
|
herc.benefitcenter.com/ | Name: cltFolder Value: benefits/Herc |
|
herc.benefitcenter.com/ | Name: origtargetURL Value: https://herc.benefitcenter.com/ |
|
herc.benefitcenter.com/ | Name: JSESSIONID Value: QYpy9Fq4t8JJzvJXnrQ1NR9lIqx-oyuZLN78-3JkMIwFqxX5H1Rx!-873892658 |
|
herc.benefitcenter.com/ | Name: product Value: globalwar |
|
herc.benefitcenter.com/ | Name: X-Mapping-cojdmolj Value: 14E3E54382FF8FE1A82F6484D3668579 |
|
herc.benefitcenter.com/ | Name: logontype Value: fb |
|
.benefitcenter.com/ | Name: WT_FPC Value: id=203a2e12b4b7a9d04bd1612519753179:lv=1612519753179:ss=1612519753179 |
|
herc.benefitcenter.com/ | Name: origURL Value: https://herc.benefitcenter.com/ |
|
herc.benefitcenter.com/ | Name: X-Mapping-ooajmhhm Value: 7C6EA3F94FABA098BB399D103D01BD7D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
herc.benefitcenter.com
sdc.benefitcenter.com
138.69.242.104
65.197.229.114
0e9ff72b3da1ddbb141bd39eb3d97575d0c9a300fbcebe4887018ce23b048fda
15318d6df1a9af8210a039e01c7439e4aea57c911811b3385ab0ffc37ca15c90
2e5dd7adf976f5a8dce6254d023e17c7a782a3ce16e7e62706a25b425be33ff6
33396bfc96ca5066257bf634a604075ea421023d210ed1ee4e51b3a592a476f7
4f6f288cf6273c1ee7a5d78d58e06e10e20d20828cd8ab0b0820ada920143cf0
7ef31477a25a50d1a3723bef372ab9f69465496bb94b553ce6b4b36ba8d86191
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57
983fa7eac282427738522fa25e39f235215fc755b585d4fa29dd7c9b51b0b778