my-benefits.ehr.com
Open in
urlscan Pro
158.82.145.182
Public Scan
Effective URL: https://my-benefits.ehr.com/default.ashx?ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F
Submission: On November 12 via api from US
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on August 26th 2020. Valid for: 2 years.
This is the only time my-benefits.ehr.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 69.252.80.75 69.252.80.75 | 7922 (COMCAST-7922) (COMCAST-7922) | |
2 17 | 158.82.145.182 158.82.145.182 | 40196 (WILLISNOR...) (WILLISNORTHAMERICA) | |
15 | 1 |
ASN7922 (COMCAST-7922, US)
PTR: urlrw01.cable.comcast.com
comcastbenefits.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
ehr.com
2 redirects
my-benefits.ehr.com |
955 KB |
1 |
comcastbenefits.com
1 redirects
comcastbenefits.com |
238 B |
15 | 2 |
Domain | Requested by | |
---|---|---|
17 | my-benefits.ehr.com |
2 redirects
my-benefits.ehr.com
|
1 | comcastbenefits.com | 1 redirects |
15 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ehr.com GlobalSign RSA OV SSL CA 2018 |
2020-08-26 - 2022-11-29 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://my-benefits.ehr.com/default.ashx?ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F
Frame ID: 223D7A68DC1FD4F5EB25C79DCCE33265
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://comcastbenefits.com/
HTTP 301
https://my-benefits.ehr.com/ HTTP 302
https://my-benefits.ehr.com/_layouts/Authenticate.aspx?Source=%2F HTTP 302
https://my-benefits.ehr.com/default.ashx?ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F&Sour... Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://comcastbenefits.com/
HTTP 301
https://my-benefits.ehr.com/ HTTP 302
https://my-benefits.ehr.com/_layouts/Authenticate.aspx?Source=%2F HTTP 302
https://my-benefits.ehr.com/default.ashx?ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
default.ashx
my-benefits.ehr.com/ Redirect Chain
|
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1140.css
my-benefits.ehr.com/_layouts/images/COMCAST2SDA/css/ |
691 B 999 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
password-meterDONOTUSETHISISNOWPARTOFMAINSTYLESHEET.css
my-benefits.ehr.com/_layouts/images/COMCAST2SDA/styles/ |
0 0 |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
respond.min.js
my-benefits.ehr.com/_layouts/images/COMCAST2SDA/js/ |
0 557 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
my-benefits.ehr.com/Base/Script/ |
364 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
password_strength_plugin.js
my-benefits.ehr.com/_layouts/images/COMCAST2SDA/scripts/ |
6 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
my-benefits.ehr.com/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
my-benefits.ehr.com/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
my-benefits.ehr.com/ |
118 KB 119 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
my-benefits.ehr.com/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
medianew.css
my-benefits.ehr.com/ |
0 0 |
Stylesheet
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
my-benefits.ehr.com/ |
488 KB 488 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
my-benefits.ehr.com/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
my-benefits.ehr.com/ |
116 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
default.ashx
my-benefits.ehr.com/ |
116 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
my-benefits.ehr.com/ | Name: ComcastessportalSessionHistory_Id Value: 18743143 |
|
my-benefits.ehr.com/ | Name: ComcastessportalSessionHistory_Key Value: e664f8cf-fe74-4147-abe3-37c8cee4a2a0 |
|
my-benefits.ehr.com/ | Name: ComcastessportalSessionHistory_Insert Value: False |
|
my-benefits.ehr.com/ | Name: ComcastessportalApp Value: %e0%81%25'%e6%94%cc%9bi%b2%df%cf5%a5%99%2f(d%13%c7!%7d%d0%bf%9e%12H%eb%25k%c0%db%12%26%c1c%a0%82v%97%22%ac)%8b%ae%d5%3e%84 |
|
my-benefits.ehr.com/ | Name: f5-cookie Value: 1004977418.0.0000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
comcastbenefits.com
my-benefits.ehr.com
158.82.145.182
69.252.80.75
067d314cea96870753d17221a2cc7b20f127c7f8087db8fde07f450d72ce92a0
134785e61d28ee70e2368b40dcdc1d786f09fcb31ac881ff41eec968deb5e01a
25c22336589b92a0c14bbce2fda3d0c09002caa8dc6dfa2e9a9c802d1fc78a83
40fb96c64aa5f2001d79ac73b115ea8262ad1e32ab475b90f7646fc8d9b3dd75
4c89b114dd576eba5d3fe9975ebbdc6246dbff5965d1e3d165a5dfbdc03f1576
547f6509b07b368474646943087918cd446a7d3eb6830926af65151464c7f6d8
90f10ead76df61fddbe7f41a66d808272c4fe9efc09f18f9307b948ec7bf5f1e
ae554a5224488ba2a2495b04c4506e8439159d72804c4f1a1200dac033659978
e286b98ebc866fb00e638f609ed0df09a3a4776afaa2077f9aa60485388eda19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7461e3ea84ef59d6259744ff6d94f2f0e4014c6eb769ef2360aa9794ac90d8
efdf2e169a9bb3e821acf908971563fb660bd90bed58cb1b205e5efc03461ea0
f16031ec98d854664cece76e9c28d1c6c8e32b43846da83156342555a9630335