www5.lifeatworkportal.com
Open in
urlscan Pro
138.69.242.115
Public Scan
Submitted URL: http://click.usbenefitsservices.com/?qs=83006cde402235f187a06efcbce8facb7d950dd471dfbbc77f33cf3b0d6afbaf0d6d3d20e50423ffea1433c1000f...
Effective URL: https://www5.lifeatworkportal.com/opglobal/pub/logonlw.jsp?client=pg&TYPE=33554433&REALMOID=06-65d5011c-5d9b-4922-bd9b-623264b9358...
Submission: On January 22 via manual from SG
Effective URL: https://www5.lifeatworkportal.com/opglobal/pub/logonlw.jsp?client=pg&TYPE=33554433&REALMOID=06-65d5011c-5d9b-4922-bd9b-623264b9358...
Submission: On January 22 via manual from SG
Summary
This website contacted 2 IPs
in 1 countries
across 3 domains to perform 14 HTTP transactions.
The main IP is 138.69.242.115, located in
Tarrytown, United States and
belongs to AS16983 - Conduent Business Services, LLC, US.
The main domain is www5.lifeatworkportal.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 10th 2019. Valid for: a year.
This is the only time www5.lifeatworkportal.com was scanned on urlscan.io!
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 10th 2019. Valid for: a year.
This is the only time www5.lifeatworkportal.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 66.231.91.47 66.231.91.47 | 22606 (EXACT-7) (EXACT-7 - ExactTarget) | |
| 1 1 | 63.116.31.183 63.116.31.183 | 16983 (AS16983) (AS16983 - Conduent Business Services) | |
| 1 1 | 138.69.242.93 138.69.242.93 | 16983 (AS16983) (AS16983 - Conduent Business Services) | |
| 1 14 | 138.69.242.115 138.69.242.115 | 16983 (AS16983) (AS16983 - Conduent Business Services) | |
| 1 2 | 65.197.229.114 65.197.229.114 | 16983 (AS16983) (AS16983 - Conduent Business Services) | |
| 14 | 2 |
1
66.231.91.47
(Indianapolis, United States)
ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: click.virt.exacttarget.com
ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: click.virt.exacttarget.com
| click.usbenefitsservices.com |
1
63.116.31.183
(United States)
ASN16983 (AS16983 - Conduent Business Services, LLC, US)
PTR: www.benefitsweb.com
ASN16983 (AS16983 - Conduent Business Services, LLC, US)
PTR: www.benefitsweb.com
| www.benefitsweb.com |
1
138.69.242.93
(Tarrytown, United States)
ASN16983 (AS16983 - Conduent Business Services, LLC, US)
PTR: lifeatworkportal.com
ASN16983 (AS16983 - Conduent Business Services, LLC, US)
PTR: lifeatworkportal.com
| www.lifeatworkportal.com |
14
138.69.242.115
(Tarrytown, United States)
ASN16983 (AS16983 - Conduent Business Services, LLC, US)
PTR: www5.lifeatworkportal.com
ASN16983 (AS16983 - Conduent Business Services, LLC, US)
PTR: www5.lifeatworkportal.com
| www5.lifeatworkportal.com |
2
65.197.229.114
(United States)
ASN16983 (AS16983 - Conduent Business Services, LLC, US)
PTR: sdc.lifeatworkportal.com
ASN16983 (AS16983 - Conduent Business Services, LLC, US)
PTR: sdc.lifeatworkportal.com
| sdc.lifeatworkportal.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 17 |
lifeatworkportal.com
3 redirects
www.lifeatworkportal.com www5.lifeatworkportal.com sdc.lifeatworkportal.com |
536 KB |
| 1 |
benefitsweb.com
1 redirects
www.benefitsweb.com |
191 B |
| 1 |
usbenefitsservices.com
1 redirects
click.usbenefitsservices.com |
210 B |
| 14 | 3 |
| Domain | Requested by | |
|---|---|---|
| 14 | www5.lifeatworkportal.com |
1 redirects
www5.lifeatworkportal.com
|
| 2 | sdc.lifeatworkportal.com |
1 redirects
www5.lifeatworkportal.com
|
| 1 | www.lifeatworkportal.com | 1 redirects |
| 1 | www.benefitsweb.com | 1 redirects |
| 1 | click.usbenefitsservices.com | 1 redirects |
| 14 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.microsoft.com |
| support.apple.com |
| www.google.com |
| www.mozilla.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www5.lifeatworkportal.com COMODO RSA Organization Validation Secure Server CA |
2019-01-10 - 2020-01-10 |
a year | crt.sh |
| sdc.lifeatworkportal.com COMODO RSA Organization Validation Secure Server CA |
2019-01-10 - 2020-01-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www5.lifeatworkportal.com/opglobal/pub/logonlw.jsp?client=pg&TYPE=33554433&REALMOID=06-65d5011c-5d9b-4922-bd9b-623264b93581&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ORLgfHawF2yPGTj3Q30%2bCLxuTZerD2yAC8z5GnMuXmqQ%2fRB6dHOJR%2bdbcKFwH2ZZtGtpziaez57quZloFMNek6YK82klgVU5&TARGET=-SM-http%3a%2f%2fwww5%2elifeatworkportal%2ecom%2fpg
Frame ID: F8D3CA8FD3868B68980BCB4A23F0BC6D
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://click.usbenefitsservices.com/?qs=83006cde402235f187a06efcbce8facb7d950dd471dfbbc77f33cf3b0d6afbaf0d6d3d20...
HTTP 302
https://www.benefitsweb.com/pg.html HTTP 302
https://www.lifeatworkportal.com/pg.html HTTP 302
https://www5.lifeatworkportal.com/pg HTTP 302
https://www5.lifeatworkportal.com/opglobal/pub/logonlw.jsp?client=pg&TYPE=33554433&REALMOID=06-65d5011c-5d9b-4... Page URL
Detected technologies
Moment.js
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^moment$/i
Webtrends
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^(?:WTOptimize|WebTrends)/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Twitter Bootstrap () Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: http://www.microsoft.com/windows/downloads/ie/getitnow.mspx
Title: Download Microsoft Internet Explorer
Title: Download Microsoft Internet Explorer
Search URL Search Domain Scan URL
URL: https://support.apple.com/downloads/safari
Title: Download Safari
Title: Download Safari
Search URL Search Domain Scan URL
URL: https://www.google.com/intl/en/chrome/browser/?brand=CHMA&utm_campaign=en&utm_source=en-ha-na-us-bk&utm_medium=ha
Title: Download Chrome
Title: Download Chrome
Search URL Search Domain Scan URL
URL: http://www.mozilla.com/en-US/firefox/
Title: Download Mozilla Firefox
Title: Download Mozilla Firefox
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://click.usbenefitsservices.com/?qs=83006cde402235f187a06efcbce8facb7d950dd471dfbbc77f33cf3b0d6afbaf0d6d3d20e50423ffea1433c1000f18aebeae420bdbd4feed
HTTP 302
https://www.benefitsweb.com/pg.html HTTP 302
https://www.lifeatworkportal.com/pg.html HTTP 302
https://www5.lifeatworkportal.com/pg HTTP 302
https://www5.lifeatworkportal.com/opglobal/pub/logonlw.jsp?client=pg&TYPE=33554433&REALMOID=06-65d5011c-5d9b-4922-bd9b-623264b93581&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=-SM-ORLgfHawF2yPGTj3Q30%2bCLxuTZerD2yAC8z5GnMuXmqQ%2fRB6dHOJR%2bdbcKFwH2ZZtGtpziaez57quZloFMNek6YK82klgVU5&TARGET=-SM-http%3a%2f%2fwww5%2elifeatworkportal%2ecom%2fpg Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://sdc.lifeatworkportal.com/dcsieg0ge00000oak52u9okay_8e8h/dcs.gif?&dcsdat=1548129618752&dcssip=www5.lifeatworkportal.com&dcsuri=/opglobal/pub/logonlw.jsp&dcsqry=?client=pg%26TYPE=33554433%26REALMOID=06-65d5011c-5d9b-4922-bd9b-623264b93581%26GUID=%26SMAUTHREASON=0%26METHOD=GET%26SMAGENTNAME=-SM-ORLgfHawF2yPGTj3Q30%25252bCLxuTZerD2yAC8z5GnMuXmqQ%25252fRB6dHOJR%25252bdbcKFwH2ZZtGtpziaez57quZloFMNek6YK82klgVU5%26TARGET=-SM-http%25253a%25252f%25252fwww5%25252elifeatworkportal%25252ecom%25252fpg&WT.tz=0&WT.bh=4&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=P%2526G%2520Benefits%2520Online%2520-%2520Logon&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=windows-1252&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=www5.lifeatworkportal.com%252Fopglobal%252Fpub%252Flogonlw.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1548129618756&WT.vtid=2af26f50d6e760a97241548111618756&WT.co_f=2af26f50d6e760a97241548111618756 HTTP 303
- https://sdc.lifeatworkportal.com/dcsieg0ge00000oak52u9okay_8e8h/dcs.gif?dcsredirect=1&dcsdat=1548129618752&dcssip=www5.lifeatworkportal.com&dcsuri=/opglobal/pub/logonlw.jsp&dcsqry=?client=pg%26TYPE=33554433%26REALMOID=06-65d5011c-5d9b-4922-bd9b-623264b93581%26GUID=%26SMAUTHREASON=0%26METHOD=GET%26SMAGENTNAME=-SM-ORLgfHawF2yPGTj3Q30%25252bCLxuTZerD2yAC8z5GnMuXmqQ%25252fRB6dHOJR%25252bdbcKFwH2ZZtGtpziaez57quZloFMNek6YK82klgVU5%26TARGET=-SM-http%25253a%25252f%25252fwww5%25252elifeatworkportal%25252ecom%25252fpg&WT.tz=0&WT.bh=4&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=P%2526G%2520Benefits%2520Online%2520-%2520Logon&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=windows-1252&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=www5.lifeatworkportal.com%252Fopglobal%252Fpub%252Flogonlw.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1548129618756&WT.vtid=2af26f50d6e760a97241548111618756&WT.co_f=2af26f50d6e760a97241548111618756
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
logonlw.jsp
www5.lifeatworkportal.com/opglobal/pub/ Redirect Chain
|
41 KB 42 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.css
www5.lifeatworkportal.com/globalweb/benefits/pg/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base.css
www5.lifeatworkportal.com/globalweb/benefits/pg/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
print.css
www5.lifeatworkportal.com/globalweb/benefits/pg/css/ |
0 255 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
branding.css
www5.lifeatworkportal.com/globalweb/benefits/pg/css/ |
7 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webtrends.js
www5.lifeatworkportal.com/static60/resources/scripts/client/rks/162/ |
26 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
www5.lifeatworkportal.com/globalweb/benefits/pg/js/ |
82 KB 83 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.validate.min.js
www5.lifeatworkportal.com/globalweb/benefits/pg/js/ |
21 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-3.0.0.js
www5.lifeatworkportal.com/globalweb/benefits/pg/js/ |
70 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
www5.lifeatworkportal.com/globalweb/benefits/pg/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg_login.png
www5.lifeatworkportal.com/globalweb/benefits/pg/images/ |
209 KB 210 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dcs.gif
sdc.lifeatworkportal.com/dcsieg0ge00000oak52u9okay_8e8h/ Redirect Chain
|
43 B 83 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg-wrapper-blue.png
www5.lifeatworkportal.com/globalweb/benefits/pg/images/ |
47 KB 47 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo_touchinglives.jpg
www5.lifeatworkportal.com/globalweb/benefits/pg/images/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| WebTrends function| dcsMultiTrack function| dcsDebug function| $ function| jQuery function| moment object| _tag string| url object| urlParts function| ConvertToLower function| eraseCookie undefined| value function| fLogin_Validate function| setCookie function| firstvisit function| errorDisplay function| onLoad function| validate12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .lifeatworkportal.com/ | Name: WT_FPC Value: id=2af26f50d6e760a97241548111618756:lv=1548111618756:ss=1548111618756 |
|
| www5.lifeatworkportal.com/ | Name: PSESSIONID Value: wIxzt0keHDVRkSfIfSOvKHYb8pInSyUXKnEX8BspAor1UaSdGUkz!638454134 |
|
| www5.lifeatworkportal.com/ | Name: product Value: opglobal |
|
| www5.lifeatworkportal.com/ | Name: X-Mapping-pgpjgnin Value: 2599F4681D553B904B8EA6964F6BAFA9 |
|
| www5.lifeatworkportal.com/ | Name: LB Value: 185.220.70.202:50066 Frankfurt-Hessen-Germany SPS--CLO12--c34vh1 |
|
| www5.lifeatworkportal.com/ | Name: origtargetURL Value: http://www5.lifeatworkportal.com/pg |
|
| www5.lifeatworkportal.com/ | Name: X-Mapping-hjhbbmba Value: 356295E318AD26F9BE402544F271E869 |
|
| www5.lifeatworkportal.com/ | Name: locale Value: |
|
| www5.lifeatworkportal.com/ | Name: X-Mapping-ooajmhhm Value: FE8E8582621255F21BB0AB7AF49D365C |
|
| www5.lifeatworkportal.com/ | Name: origURL Value: http://www5.lifeatworkportal.com/pg |
|
| www5.lifeatworkportal.com/ | Name: logontype Value: fb |
|
| www5.lifeatworkportal.com/ | Name: cltFolder Value: benefits/pg |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
click.usbenefitsservices.com
sdc.lifeatworkportal.com
www.benefitsweb.com
www.lifeatworkportal.com
www5.lifeatworkportal.com
138.69.242.115
138.69.242.93
63.116.31.183
65.197.229.114
66.231.91.47
334ec22aeade1cf086452c6bd8533b4abb988a118b43d70c90f3b36ea7263c79
3a1ac2d5cc69bf6167ee36d97558e3bbc391cdf774d1c5d70c6d84382938b513
806e0db9e5c58e0fb3216872f36b577c05fd85c132d2857effd68bf617c93b20
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
887420087cde17372cbfe44863083482ca8e4d21c70fdb97e7a7595af385c34a
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57
a279093699d23371512e6b6217327d632ddeee57888535c4dfaf9fa48959aab1
b60fffa72117e0c5af1ad13a8c3b1ea74784e7dac4fb722e36c90d5600226364
b947326607c75216383a1fe03813675c0fcecafb2603a84ec80730cf40266c32
d8a8b7fa476189b1dd0b8829273d0ff567998216538f63ccab1818960a74aefb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1f2dedbdc34e239d429020aabc460e97dc5b5907855beb7e594419c7207f88e
fd569ce6d310af2bb24769c7226d89af72eaacf1af4c4afb639f2adb7525d570
fe7242c6de03af0a19b250777bbc9cc6bf7a95cdba037a619d48157d36c54994