www5.lifeatworkportal.com
Open in
urlscan Pro
138.69.242.115
Public Scan
Effective URL: https://www5.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=spl&TYPE=33554433&REALMOID=06-fb6dd360-5f1c-4af2-9c2e-91e272912c...
Submission: On November 20 via manual from DE — Scanned from NL
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on August 12th 2021. Valid for: a year.
This is the only time www5.lifeatworkportal.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 51.105.164.234 51.105.164.234 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 2 | 63.116.31.164 63.116.31.164 | 16983 (AS16983) (AS16983) | |
1 1 | 63.116.31.183 63.116.31.183 | 16983 (AS16983) (AS16983) | |
1 1 | 138.69.242.93 138.69.242.93 | 16983 (AS16983) (AS16983) | |
1 3 | 138.69.242.115 138.69.242.115 | 16983 (AS16983) (AS16983) | |
10 | 138.69.242.107 138.69.242.107 | 16983 (AS16983) (AS16983) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:802::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 65.197.229.114 65.197.229.114 | () () | |
19 | 7 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
merckretirementcenter.com.admin-eu.cas.ms |
ASN20940 (AKAMAI-ASN1, NL)
mcasproxy.azureedge.net |
ASN16983 (AS16983, US)
PTR: www.merckretirementcenter.com
merckretirementcenter.com |
ASN16983 (AS16983, US)
PTR: www.lifeatworkportal.com
www.lifeatworkportal.com |
ASN16983 (AS16983, US)
PTR: www5.lifeatworkportal.com
www5.lifeatworkportal.com |
ASN16983 (AS16983, US)
PTR: cd.lifeatworkportal.com
cd.lifeatworkportal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
lifeatworkportal.com
3 redirects
www.lifeatworkportal.com www5.lifeatworkportal.com cd.lifeatworkportal.com sdc.lifeatworkportal.com |
795 KB |
3 |
azureedge.net
mcasproxy.azureedge.net |
44 KB |
2 |
merckretirementcenter.com
2 redirects
merckretirementcenter.com |
388 B |
1 |
gstatic.com
www.gstatic.com |
136 KB |
1 |
google.com
www.google.com |
966 B |
1 |
benefitsweb.com
1 redirects
www.benefitsweb.com |
208 B |
1 |
cas.ms
merckretirementcenter.com.admin-eu.cas.ms |
1018 B |
19 | 7 |
Domain | Requested by | |
---|---|---|
10 | cd.lifeatworkportal.com |
www5.lifeatworkportal.com
cd.lifeatworkportal.com |
3 | www5.lifeatworkportal.com |
1 redirects
www5.lifeatworkportal.com
|
3 | mcasproxy.azureedge.net |
merckretirementcenter.com.admin-eu.cas.ms
mcasproxy.azureedge.net |
2 | sdc.lifeatworkportal.com |
1 redirects
www5.lifeatworkportal.com
|
2 | merckretirementcenter.com | 2 redirects |
1 | www.gstatic.com |
www.google.com
|
1 | www.google.com |
www5.lifeatworkportal.com
|
1 | www.lifeatworkportal.com | 1 redirects |
1 | www.benefitsweb.com | 1 redirects |
1 | merckretirementcenter.com.admin-eu.cas.ms | |
19 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.microsoft.com |
support.apple.com |
www.google.com |
www.mozilla.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.azureedge.net Microsoft RSA TLS CA 01 |
2021-10-28 - 2022-10-28 |
a year | crt.sh |
www5.lifeatworkportal.com Sectigo RSA Organization Validation Secure Server CA |
2021-08-12 - 2022-08-12 |
a year | crt.sh |
cd.lifeatworkportal.com Sectigo RSA Organization Validation Secure Server CA |
2021-08-23 - 2022-08-23 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www5.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=spl&TYPE=33554433&REALMOID=06-fb6dd360-5f1c-4af2-9c2e-91e272912c1f&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ORLgfHawF2yPGTj3Q30%2bCLxuTZerD2yAC8z5GnMuXmqQ%2fRB6dHOJR%2bdbcKFwH2ZZtGtpziaez57quZloFMNek6YK82klgVU5&TARGET=-SM-https%3a%2f%2fwww5%2elifeatworkportal%2ecom%2fspl
Frame ID: 43C9E7022CE6BEEEF7306B360E4CE781
Requests: 17 HTTP requests in this frame
Frame:
https://mcasproxy.azureedge.net/proxyweb/1.8.15/html/session-context-restore.html?action=store&contextData=http%3A%2F%2Fmerckretirementcenter.com%2F
Frame ID: 79ED93F0E4BAA7AE40FAAA6FA819F89A
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Merck - LoginPage URL History Show full URLs
- http://merckretirementcenter.com.admin-eu.cas.ms/ Page URL
-
http://merckretirementcenter.com/
HTTP 302
https://merckretirementcenter.com/ HTTP 302
https://www.benefitsweb.com/retirementcenterweb.html HTTP 302
https://www.lifeatworkportal.com/retirementcenterweb.html HTTP 302
https://www5.lifeatworkportal.com/spl HTTP 302
https://www5.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=spl&TYPE=33554433&REALMOID=06-fb6dd360-5f1c-... Page URL
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Download Microsoft Internet Explorer
Search URL Search Domain Scan URL
Title: Download Safari
Search URL Search Domain Scan URL
Title: Download Chrome
Search URL Search Domain Scan URL
Title: Download Mozilla Firefox
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://merckretirementcenter.com.admin-eu.cas.ms/ Page URL
-
http://merckretirementcenter.com/
HTTP 302
https://merckretirementcenter.com/ HTTP 302
https://www.benefitsweb.com/retirementcenterweb.html HTTP 302
https://www.lifeatworkportal.com/retirementcenterweb.html HTTP 302
https://www5.lifeatworkportal.com/spl HTTP 302
https://www5.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=spl&TYPE=33554433&REALMOID=06-fb6dd360-5f1c-4af2-9c2e-91e272912c1f&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ORLgfHawF2yPGTj3Q30%2bCLxuTZerD2yAC8z5GnMuXmqQ%2fRB6dHOJR%2bdbcKFwH2ZZtGtpziaez57quZloFMNek6YK82klgVU5&TARGET=-SM-https%3a%2f%2fwww5%2elifeatworkportal%2ecom%2fspl Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 15- https://sdc.lifeatworkportal.com/dcsf5se7tqzp974rj4pcb93dm_5n3k/dcs.gif?&dcsdat=1637398442047&dcssip=www5.lifeatworkportal.com&dcsuri=/login/v3/pub/logonlw.jsp&dcsqry=?client=spl%26TYPE=33554433%26REALMOID=06-fb6dd360-5f1c-4af2-9c2e-91e272912c1f%26GUID=%26SMAUTHREASON=0%26METHOD=GET%26SMAGENTNAME=-SM-ORLgfHawF2yPGTj3Q30%25252bCLxuTZerD2yAC8z5GnMuXmqQ%25252fRB6dHOJR%25252bdbcKFwH2ZZtGtpziaez57quZloFMNek6YK82klgVU5%26TARGET=-SM-https%25253a%25252f%25252fwww5%25252elifeatworkportal%25252ecom%25252fspl&dcsref=http://merckretirementcenter.com.admin-eu.cas.ms/&WT.tz=0&WT.bh=8&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Merck%2520-%2520Login&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=www5.lifeatworkportal.com%252Flogin%252Fv3%252Fpub%252Flogonlw.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1637398442048&WT.vtid=292452fb9eea0cadd221637380442048&WT.co_f=292452fb9eea0cadd221637380442048 HTTP 303
- https://sdc.lifeatworkportal.com/dcsf5se7tqzp974rj4pcb93dm_5n3k/dcs.gif?dcsredirect=1&dcsdat=1637398442047&dcssip=www5.lifeatworkportal.com&dcsuri=/login/v3/pub/logonlw.jsp&dcsqry=?client=spl%26TYPE=33554433%26REALMOID=06-fb6dd360-5f1c-4af2-9c2e-91e272912c1f%26GUID=%26SMAUTHREASON=0%26METHOD=GET%26SMAGENTNAME=-SM-ORLgfHawF2yPGTj3Q30%25252bCLxuTZerD2yAC8z5GnMuXmqQ%25252fRB6dHOJR%25252bdbcKFwH2ZZtGtpziaez57quZloFMNek6YK82klgVU5%26TARGET=-SM-https%25253a%25252f%25252fwww5%25252elifeatworkportal%25252ecom%25252fspl&dcsref=http://merckretirementcenter.com.admin-eu.cas.ms/&WT.tz=0&WT.bh=8&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Merck%2520-%2520Login&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=www5.lifeatworkportal.com%252Flogin%252Fv3%252Fpub%252Flogonlw.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1637398442048&WT.vtid=292452fb9eea0cadd221637380442048&WT.co_f=292452fb9eea0cadd221637380442048
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
merckretirementcenter.com.admin-eu.cas.ms/ |
1 KB 1018 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-context-store-helper.min.js
mcasproxy.azureedge.net/proxyweb/1.8.15/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-context-restore.html
mcasproxy.azureedge.net/proxyweb/1.8.15/html/ Frame 79ED |
281 B 730 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.8.15/js/ Frame 79ED |
37 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
logonlw.jsp
www5.lifeatworkportal.com/login/v3/pub/ Redirect Chain
|
38 KB 39 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
cd.lifeatworkportal.com/slogin/common/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
cd.lifeatworkportal.com/slogin/common/css/ |
8 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
branding.css
cd.lifeatworkportal.com/slogin/spl/css/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webtrends.js
www5.lifeatworkportal.com/static60/resources/scripts/client/rks/129/ |
26 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
cd.lifeatworkportal.com/slogin/common/js/ |
274 KB 274 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.min.js
cd.lifeatworkportal.com/slogin/common/js/ |
23 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-3.0.0.js
cd.lifeatworkportal.com/slogin/common/js/ |
76 KB 76 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
850 B 966 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientLogo.png
cd.lifeatworkportal.com/slogin/spl/images/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_login.png
cd.lifeatworkportal.com/slogin/spl/images/ |
287 KB 288 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__nl.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ |
345 KB 136 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dcs.gif
sdc.lifeatworkportal.com/dcsf5se7tqzp974rj4pcb93dm_5n3k/ Redirect Chain
|
43 B 83 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-right.png
cd.lifeatworkportal.com/slogin/spl/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
53fb9c60-2054-4c31-9283-5562244b4935.woff2
cd.lifeatworkportal.com/slogin/spl/fonts/ |
17 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| WebTrends function| dcsMultiTrack function| dcsDebug function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _tag string| url object| urlParts function| ConvertToLower function| eraseCookie undefined| value function| fLogin_Validate function| setCookie function| toggler function| errorDisplay function| onLoadBody function| validate object| recaptcha14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.lifeatworkportal.com/ | Name: X-Mapping-hjhbbmba Value: B95EB464B8D73985C7CFB09EEA73EB67 |
|
www.lifeatworkportal.com/ | Name: LB Value: 109.201.143.225:62833 --Netherlands SPS |
|
www5.lifeatworkportal.com/ | Name: X-Mapping-hjhbbmba Value: 5351609E99F4D305D37186A7FBE0763C |
|
www5.lifeatworkportal.com/ | Name: X-Mapping-ooajmhhm Value: 7C6EA3F94FABA098BB399D103D01BD7D |
|
www5.lifeatworkportal.com/ | Name: LSESSIONID Value: Tfw8jWySYRqXbvYEg9UPAer3WdKWWMSW8Xo_9suJgxxLYcprRsud!-25983757 |
|
www5.lifeatworkportal.com/ | Name: logontype Value: fb |
|
www5.lifeatworkportal.com/ | Name: client Value: spl |
|
www5.lifeatworkportal.com/ | Name: cltFolder Value: benefits/spl |
|
www5.lifeatworkportal.com/ | Name: product Value: login |
|
www5.lifeatworkportal.com/ | Name: locale Value: |
|
www5.lifeatworkportal.com/ | Name: origURL Value: https://www5.lifeatworkportal.com/spl |
|
www5.lifeatworkportal.com/ | Name: origtargetURL Value: https://www5.lifeatworkportal.com/spl |
|
www5.lifeatworkportal.com/ | Name: LB Value: 109.201.143.225:54623 --Netherlands SPS--CLO12 |
|
.lifeatworkportal.com/ | Name: WT_FPC Value: id=292452fb9eea0cadd221637380442048:lv=1637380442048:ss=1637380442048 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cd.lifeatworkportal.com
mcasproxy.azureedge.net
merckretirementcenter.com
merckretirementcenter.com.admin-eu.cas.ms
sdc.lifeatworkportal.com
www.benefitsweb.com
www.google.com
www.gstatic.com
www.lifeatworkportal.com
www5.lifeatworkportal.com
138.69.242.107
138.69.242.115
138.69.242.93
2a00:1450:4001:802::2003
2a00:1450:4001:808::2004
2a02:26f0:1700:d::1737:6e8f
51.105.164.234
63.116.31.164
63.116.31.183
65.197.229.114
0700d62e261e826f000f1c7a430d1441a379850496863aa7ec3590d70c49590c
08e739715c27f56e8722678bf68cba47b15b6d3fb53bcd13906fe6de9492861d
0e4ff26e5ba41cc041ae8d5b66cfca10625d83bcf5cd6fd9db40028d0fcbd19f
1b624b7b7455953d2e3243101ec2c75217a5401bb29e2d815e20fa8144763936
4f4e8fb1d562cf041c81eba325ad02c81c660513b11111081908e0f029ac344b
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5d3c065d399bde7ee07167d9a417655c573c20501c332cc8a7708ca10a74ca29
7058211e5216ebad63799d12378357a75369454d3f8711690ffb22f52d143b4a
7efe892fa4ab4622102e8df4c7c4da906139fce1d4d25bb5c7a1224b8fa798cc
826acad2772f8d99191446e01e16de828ed829015ebefca4faa1b587f995f87a
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57
952507d737bb76f62c790f3746c880d31958f2550d3c9925008ab5368fd4eb9e
976e1d23939be080fa47df9bf16bf63916ae7ca866eeda05efe4b6b365a8e884
98fce231adea179dfb0df568f5e103f77c2ba8b0ed31d608a58cbb8cf751d83d
a22c3070ed376c37b68a7c6e33de72c06054feb66048160908a782b819d40922
af658fb9bcca5c4e8f410364dff99d7527d8006c974cd555041ee992a03c01df
b2c883017fc6a6588197da55884c7620805914afec3349be857325df13debc94
d593eab937ae208334c866b7afc56b0703787c857dae8bb562aefbbd3ca15ee6
ef6b116f5d682673f7e8ebbfa0027176ccb482caea43b4077cc34f0748d7bc4b