hcarewards.lifeatworkportal.com Open in urlscan Pro
45.223.60.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hcarewards.com/
Effective URL:
https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa
Submission: On October 24 via api (October 24th 2024, 2:37:12 am UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 19 HTTP transactions. The main IP is 45.223.60.234, located in United States and belongs to INCAPSULA, US. The main domain is hcarewards.lifeatworkportal.com. The Cisco Umbrella rank of the primary domain is 936633.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q3 on August 22nd 2024. Valid for: 6 months.

This is the only time hcarewards.lifeatworkportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	138.69.15.115 138.69.15.115	11676 (AS11676) (AS11676)
1 5	45.223.60.234 45.223.60.234	19551 (INCAPSULA) (INCAPSULA)
12	138.69.15.195 138.69.15.195	11676 (AS11676) (AS11676)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
1	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
1 2	138.69.15.189 138.69.15.189	11676 (AS11676) (AS11676)
19	5

1 138.69.15.115 (United States) 1 redirects

ASN11676 (AS11676, US)
PTR: hcarewards.lifeatworkportal.com

www.hcarewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.223.60.234 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

hcarewards.lifeatworkportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 138.69.15.195 (United States)

ASN11676 (AS11676, US)

cd.lifeatworkportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.69.15.189 (United States) 1 redirects

ASN11676 (AS11676, US)
PTR: sdc.viewless.benefitsweb.com

sdc.lifeatworkportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	lifeatworkportal.com 2 redirects hcarewards.lifeatworkportal.com — Cisco Umbrella Rank: 936633 cd.lifeatworkportal.com — Cisco Umbrella Rank: 161432 sdc.lifeatworkportal.com — Cisco Umbrella Rank: 345549	170 KB
1	gstatic.com www.gstatic.com	217 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	968 B
1	hcarewards.com 1 redirects www.hcarewards.com	226 B
19	4

	Domain	Requested by
12	cd.lifeatworkportal.com	hcarewards.lifeatworkportal.com
5	hcarewards.lifeatworkportal.com	1 redirects hcarewards.lifeatworkportal.com
2	sdc.lifeatworkportal.com	1 redirects hcarewards.lifeatworkportal.com
1	www.gstatic.com	www.google.com
1	www.google.com	hcarewards.lifeatworkportal.com
1	www.hcarewards.com	1 redirects
19	6

This site contains links to these domains. Also see Links.

Domain
www.microsoft.com
support.apple.com
www.google.com
www.mozilla.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-08-22` - `2025-02-18`	6 months	crt.sh
cd.lifeatworkportal.com Sectigo RSA Organization Validation Secure Server CA	`2024-07-08` - `2025-07-08`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa
Frame ID: D5ED73A87A183EE604A273D0A2F18F46
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HCA - Login

Page URL History Show full URLs

http://www.hcarewards.com/ HTTP 307
https://www.hcarewards.com/ HTTP 302
https://hcarewards.lifeatworkportal.com/hcamfa HTTP 302
https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

19
Requests

95 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

1
Countries

385 kB
Transfer

982 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.microsoft.com/en-us/edge?brand=M022&OCID=AID2200279_SEM_EAIaIQobChMI0bHR7pKe9wIVgf7jBx1-5w8hEAAYASAAEgLRI_D_BwE:G:s&ef_id=EAIaIQobChMI0bHR7pKe9wIVgf7jBx1-5w8hEAAYASAAEgLRI_D_BwE:G:s&gclid=EAIaIQobChMI0bHR7pKe9wIVgf7jBx1-5w8hEAAYASAAEgLRI_D_BwE
Title: Download Microsoft Edge

Search URL Search Domain Scan URL

URL: https://support.apple.com/downloads/safari
Title: Download Safari

Search URL Search Domain Scan URL

URL: https://www.google.com/intl/en/chrome/browser/?brand=CHMA&utm_campaign=en&utm_source=en-ha-na-us-bk&utm_medium=ha
Title: Download Chrome

Search URL Search Domain Scan URL

URL: http://www.mozilla.com/en-US/firefox/
Title: Download Mozilla Firefox

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hcarewards.com/ HTTP 307
https://www.hcarewards.com/ HTTP 302
https://hcarewards.lifeatworkportal.com/hcamfa HTTP 302
https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://sdc.lifeatworkportal.com/dcsbyfshm00000clsd6iy3ico_5q6e/dcs.gif?&dcsdat=1729737428744&dcssip=hcarewards.lifeatworkportal.com&dcsuri=/login/v3/pub/logonlw.jsp&dcsqry=?client=hcamfa&WT.tz=2&WT.bh=4&WT.ul=de-DE&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=HCA%2520-%2520Login&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=hcarewards.lifeatworkportal.com%252Flogin%252Fv3%252Fpub%252Flogonlw.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1729737428744&WT.vtid=2a36fc9aecb37f169d31729712228744&WT.co_f=2a36fc9aecb37f169d31729712228744 HTTP 303
https://sdc.lifeatworkportal.com/dcsbyfshm00000clsd6iy3ico_5q6e/dcs.gif?dcsredirect=1&dcsdat=1729737428744&dcssip=hcarewards.lifeatworkportal.com&dcsuri=/login/v3/pub/logonlw.jsp&dcsqry=?client=hcamfa&WT.tz=2&WT.bh=4&WT.ul=de-DE&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=HCA%2520-%2520Login&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=hcarewards.lifeatworkportal.com%252Flogin%252Fv3%252Fpub%252Flogonlw.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1729737428744&WT.vtid=2a36fc9aecb37f169d31729712228744&WT.co_f=2a36fc9aecb37f169d31729712228744

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
200

Primary Request logonlw.jsp Show response
hcarewards.lifeatworkportal.com/login/v3/pub/
Redirect Chain

http://www.hcarewards.com/
https://www.hcarewards.com/
https://hcarewards.lifeatworkportal.com/hcamfa
https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

41 KB
15 KB

105ms
104ms

Document
text/html

45.223.60.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.60.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0c272d2b984c68692b4941e355dc7fb4c3e142c6cd2905786fc754e75af6016d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Oct 2024 02:37:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Via: HTTP/1.1 hcarewards.lifeatworkportal.com:80
X-CDN: Imperva
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Iinfo: 1-95808190-95808194 SNYN RT(1729737426119 387) q(0 0 0 -1) r(1 1) U12
X-ORACLE-DMS-ECID: 98df87a1-ef14-43d0-b308-85e16e6e3bf6-001d8414
X-ORACLE-DMS-RID: 0

Redirect headers

Connection: keep-alive
Date: Thu, 24 Oct 2024 02:37:07 GMT
Location: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-CDN: Imperva
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Iinfo: 1-95808190-95808194 NNNN CT(88 178 0) RT(1729737426119 17) q(0 0 3 4) r(3 3) U11

GET
H/1.1 200
OK bootstrap.css
cd.lifeatworkportal.com/slogin/common/css/ 9 KB
3 KB 1438ms
89ms Stylesheet
text/css 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to

Full URL

https://cd.lifeatworkportal.com/slogin/common/css/bootstrap.css

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

a22c3070ed376c37b68a7c6e33de72c06054feb66048160908a782b819d40922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "094dc39f9d4d51:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 2449
Date: Thu, 24 Oct 2024 02:37:08 GMT
Content-Type: text/css
Last-Modified: Mon, 27 Jan 2020 10:04:56 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H/1.1 200
OK base.css
cd.lifeatworkportal.com/slogin/common/css/ 8 KB
3 KB 1438ms
89ms Stylesheet
text/css 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to

Full URL

https://cd.lifeatworkportal.com/slogin/common/css/base.css

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

7058211e5216ebad63799d12378357a75369454d3f8711690ffb22f52d143b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "804f4b2d688fd71:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1974
Date: Thu, 24 Oct 2024 02:37:08 GMT
Content-Type: text/css
Last-Modified: Thu, 12 Aug 2021 10:52:43 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H/1.1 200
OK branding.css
cd.lifeatworkportal.com/slogin/hcamfa/css/ 10 KB
3 KB 1440ms
91ms Stylesheet
text/css 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to

Full URL

https://cd.lifeatworkportal.com/slogin/hcamfa/css/branding.css

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

92eb21896a049a28187bad1cfdfac82dada53ae76be469a59395cb6b78b4e6c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "0a45436729db1:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 2528
Date: Thu, 24 Oct 2024 02:37:07 GMT
Content-Type: text/css
Last-Modified: Wed, 18 Sep 2024 02:26:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H/1.1 200
OK webtrends.js Show response
cd.lifeatworkportal.com/static60/resources/scripts/client/rks/157/ 27 KB
8 KB 1444ms
96ms Script
application/javascript 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to

Full URL

https://cd.lifeatworkportal.com/static60/resources/scripts/client/rks/157/webtrends.js

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

1e1166fd3ed57bf8d3a1cea6495d073bfd5f4ec885636fe741d85e78802a6e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "0b885277c23d61:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 7547
Date: Thu, 24 Oct 2024 02:37:08 GMT
Content-Type: application/javascript
Last-Modified: Wed, 06 May 2020 07:58:40 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H/1.1 200
OK jquery.min.js Show response
cd.lifeatworkportal.com/slogin/common/js/ 85 KB
30 KB 1440ms
92ms Script
application/javascript 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to

Full URL

https://cd.lifeatworkportal.com/slogin/common/js/jquery.min.js

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "802b4788c3c1da1:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 30446
Date: Thu, 24 Oct 2024 02:37:07 GMT
Content-Type: application/javascript
Last-Modified: Tue, 18 Jun 2024 21:07:31 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H/1.1 200
OK jquery.validate.min.js Show response
cd.lifeatworkportal.com/slogin/common/js/ 23 KB
8 KB 1439ms
92ms Script
application/javascript 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to

Full URL

https://cd.lifeatworkportal.com/slogin/common/js/jquery.validate.min.js

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

7efe892fa4ab4622102e8df4c7c4da906139fce1d4d25bb5c7a1224b8fa798cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "802ee50e8c9d51:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 7457
Date: Thu, 24 Oct 2024 02:37:07 GMT
Content-Type: application/javascript
Last-Modified: Mon, 13 Jan 2020 08:06:09 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H/1.1 200
OK bootstrap-3.0.0.js Show response
cd.lifeatworkportal.com/slogin/common/js/ 76 KB
17 KB 1534ms
92ms Script
application/javascript 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to

Full URL

https://cd.lifeatworkportal.com/slogin/common/js/bootstrap-3.0.0.js

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

4f4e8fb1d562cf041c81eba325ad02c81c660513b11111081908e0f029ac344b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "804671ad3364d61:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 16192
Date: Thu, 24 Oct 2024 02:37:07 GMT
Content-Type: application/javascript
Last-Modified: Mon, 27 Jul 2020 16:33:37 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H/1.1 200
OK bowser.js Show response
cd.lifeatworkportal.com/slogin/common/js/ 12 KB
3 KB 1532ms
89ms Script
application/javascript 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to

Full URL

https://cd.lifeatworkportal.com/slogin/common/js/bowser.js

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

cb37bca8bda6339946a7d30765bc9185ca47c3a07a1bdcd705d762aeda50b284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "804caf89cce1d11:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 2769
Date: Thu, 24 Oct 2024 02:37:08 GMT
Content-Type: application/javascript
Last-Modified: Tue, 19 Jul 2016 14:47:57 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 34ms
18ms Script
text/javascript 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

ESF /

Resource Hash

6297ee2a54577b9ce5494bf16cbd584a27ea194de38354f3cb37de0e87bf3ff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 24 Oct 2024 02:37:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 24 Oct 2024 02:37:07 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK clientLogo.png
cd.lifeatworkportal.com/slogin/hcamfa/images/ 7 KB
7 KB 90ms
90ms Image
image/png 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cd.lifeatworkportal.com/slogin/hcamfa/images/clientLogo.png

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

38ca7c48de33fb31ae7dfe8b2963024ab33be876a88453781e369ebb02e55b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: "05a197ac7d51:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 6825
Date: Thu, 24 Oct 2024 02:37:07 GMT
Content-Type: image/png
Last-Modified: Thu, 09 Jan 2020 16:29:56 GMT
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H/1.1 200
OK bg_login.png
cd.lifeatworkportal.com/slogin/hcamfa/images/ 40 KB
40 KB 90ms
89ms Image
image/png 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cd.lifeatworkportal.com/slogin/hcamfa/images/bg_login.png

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

b67979b90e715c26c924d8bc42def234cf5d84276018fdda8fab4514a61f74da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: "03dd0ee800db1:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 40666
Date: Thu, 24 Oct 2024 02:37:07 GMT
Content-Type: image/png
Last-Modified: Fri, 06 Sep 2024 17:19:30 GMT
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H/1.1 200
OK bootbox.min.js Show response
cd.lifeatworkportal.com/slogin/common/js/ 15 KB
6 KB 92ms
92ms Script
application/javascript 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to

Full URL

https://cd.lifeatworkportal.com/slogin/common/js/bootbox.min.js

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

9bf47bc53ccc2a090ac0cdc2acde06c1347660fc48cf4b97d48f08536cf13a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "0a43811a0c6d61:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 5022
Date: Thu, 24 Oct 2024 02:37:07 GMT
Content-Type: application/javascript
Last-Modified: Sun, 29 Nov 2020 22:36:24 GMT
Vary: Accept-Encoding
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H/1.1 200
OK TmpBrowser_Inline2.js Show response
cd.lifeatworkportal.com/slogin/common/js/ 2 KB
3 KB 91ms
90ms Script
application/javascript 138.69.15.195
AS11676

General

Check archive.org

Show headers Download Go to

Full URL

https://cd.lifeatworkportal.com/slogin/common/js/TmpBrowser_Inline2.js

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

138.69.15.195 , United States, ASN11676 (AS11676, US),

Reverse DNS

Software

Resource Hash

5d4c91b363e30da25daa508c3de5cfb7d92de1e1df79a6f20453b3ff9bf493d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: "79f21aa1a4db1:0"
Connection: keep-alive
Access-Control-Allow-Methods: POST,GET,OPTIONS
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 2296
Date: Thu, 24 Oct 2024 02:37:07 GMT
Content-Type: application/javascript
Last-Modified: Wed, 11 Sep 2024 07:13:02 GMT
Access-Control-Allow-Headers: X-Requested-With, origin, content-type, accept, cache-control, pragma

GET
H/1.1 200
OK _Incapsula_Resource Show response
hcarewards.lifeatworkportal.com/ 79 KB
19 KB 31ms
30ms Script
application/javascript 45.223.60.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://hcarewards.lifeatworkportal.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=897163950

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.60.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3d41c0a45347c804f819fd05d5a3cc2a653970431b155b0b4818e0556b494112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Response headers

Strict-Transport-Security: max-age=31536000
X-Robots-Tag: noindex
Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 19235
Content-Type: application/javascript
X-Content-Type-Options: nosniff

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 546 KB
217 KB 26ms
9ms Script
text/javascript 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f3.1e100.net

Software

sffe /

Resource Hash

9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://hcarewards.lifeatworkportal.com
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

content-encoding: gzip
age: 1214
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 02:16:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 02:16:54 GMT
last-modified: Mon, 14 Oct 2024 18:32:27 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 221971
x-xss-protection: 0
server: sffe

GET
H/1.1

200
OK

dcs.gif
sdc.lifeatworkportal.com/dcsbyfshm00000clsd6iy3ico_5q6e/
Redirect Chain

https://sdc.lifeatworkportal.com/dcsbyfshm00000clsd6iy3ico_5q6e/dcs.gif?&dcsdat=1729737428744&dcssip=hcarewards.lifeatworkportal.com&dcsuri=/login/v3/pub/logonlw.jsp&dcsqry=?client=hcamfa&WT.tz=2&W...
https://sdc.lifeatworkportal.com/dcsbyfshm00000clsd6iy3ico_5q6e/dcs.gif?dcsredirect=1&dcsdat=1729737428744&dcssip=hcarewards.lifeatworkportal.com&dcsuri=/login/v3/pub/logonlw.jsp&dcsqry=?client=hca...

43 B
586 B

95ms
95ms

Image
image/gif

138.69.15.189
AS11676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sdc.lifeatworkportal.com/dcsbyfshm00000clsd6iy3ico_5q6e/dcs.gif?dcsredirect=1&dcsdat=1729737428744&dcssip=hcarewards.lifeatworkportal.com&dcsuri=/login/v3/pub/logonlw.jsp&dcsqry=?client=hcamfa&WT.tz=2&WT.bh=4&WT.ul=de-DE&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=HCA%2520-%2520Login&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=hcarewards.lifeatworkportal.com%252Flogin%252Fv3%252Fpub%252Flogonlw.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1729737428744&WT.vtid=2a36fc9aecb37f169d31729712228744&WT.co_f=2a36fc9aecb37f169d31729712228744

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Server

138.69.15.189 , United States, ASN11676 (AS11676, US),

Reverse DNS

sdc.viewless.benefitsweb.com

Software

Resource Hash

9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
ETag: "059cc1a92e2d51:0"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Date: Thu, 24 Oct 2024 02:37:09 GMT
Content-Type: image/gif
Last-Modified: Thu, 13 Feb 2020 17:22:02 GMT
X-Frame-Options: SAMEORIGIN

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: /dcsbyfshm00000clsd6iy3ico_5q6e/dcs.gif?dcsredirect=1&dcsdat=1729737428744&dcssip=hcarewards.lifeatworkportal.com&dcsuri=/login/v3/pub/logonlw.jsp&dcsqry=?client=hcamfa&WT.tz=2&WT.bh=4&WT.ul=de-DE&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=HCA%2520-%2520Login&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=9.4.0&WT.dl=0&WT.ssl=1&WT.es=hcarewards.lifeatworkportal.com%252Flogin%252Fv3%252Fpub%252Flogonlw.jsp&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1729737428744&WT.vtid=2a36fc9aecb37f169d31729712228744&WT.co_f=2a36fc9aecb37f169d31729712228744
ETag: "059cc1a92e2d51:0"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Date: Thu, 24 Oct 2024 02:37:09 GMT
Content-Type: image/gif
Last-Modified: Thu, 13 Feb 2020 17:22:02 GMT
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK _Incapsula_Resource
hcarewards.lifeatworkportal.com/ 1 B
201 B 8ms
7ms Image
text/plain 45.223.60.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hcarewards.lifeatworkportal.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8473978761437377

Requested by

Host: hcarewards.lifeatworkportal.com
URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.60.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Response headers

Strict-Transport-Security: max-age=31536000
X-Robots-Tag: noindex
Cache-Control: no-cache, no-store
Content-Length: 1
Content-Type: text/plain
X-Content-Type-Options: nosniff

GET
H/1.1 403
403 favicon.ico
hcarewards.lifeatworkportal.com/ 666 B
1 KB 105ms
104ms Other
text/html 45.223.60.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://hcarewards.lifeatworkportal.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.223.60.234 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

232e728160543b17104516d09403f808fdaf84fc0cdf6ba0c0ba4dc55e69dd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Iinfo: 1-95808190-95808194 SNYN RT(1729737426119 3324) q(0 0 0 -1) r(1 1) U11
Content-Encoding: gzip
X-CDN: Imperva
Connection: keep-alive
X-Content-Type-Options: nosniff
Via: HTTP/1.1 hcarewards.lifeatworkportal.com:80
Date: Thu, 24 Oct 2024 02:37:10 GMT
Content-Type: text/html; charset=UTF-8
X-Frame-Options: SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sdc.lifeatworkportal.com/dcsbyfshm00000clsd6iy3ico_5q6e	1969-12-31 23:59:59	Name: WEBTRENDS_ID Value: 81.95.5.37-2679641744.31139261
.hcarewards.lifeatworkportal.com/	1970-01-21 00:30:23	Name: LB Value: 81.95.5.37:17580
.lifeatworkportal.com/	1970-01-21 09:14:20	Name: visid_incap_2986801 Value: gGOoHZVSRmq+XAgqppgqWNKyGWcAAAAAQUIPAAAAAADOTFFSQ14LLbZ9WcgDaKHS
.lifeatworkportal.com/	1969-12-31 23:59:59	Name: incap_ses_876_2986801 Value: 0A3RUTIXK2k/pg36cC0oDNKyGWcAAAAAu0yMEA0bpK2hWxu/3vfD+Q==
.hcarewards.lifeatworkportal.com/	1970-01-21 00:28:57	Name: ADRUM_BTa Value: R:0\|g:578d3413-5725-4945-8ab5-bf210ca3a4f4\|n:customer1_b0de3491-4d68-468d-9abe-4b29519a6ded
.hcarewards.lifeatworkportal.com/	1970-01-21 00:28:57	Name: ADRUM_BT1 Value: R:0\|i:1546364\|e:39
.hcarewards.lifeatworkportal.com/	1969-12-31 23:59:59	Name: LSESSIONID Value: oJS8YoikNXte3uMA6CBQIvah64JSu0uCnlFfLJfDH4CS-kbo1ENd!987380911
.hcarewards.lifeatworkportal.com/	1969-12-31 23:59:59	Name: logontype Value: fb
.hcarewards.lifeatworkportal.com/	1969-12-31 23:59:59	Name: client Value: hcamfa
.hcarewards.lifeatworkportal.com/	1969-12-31 23:59:59	Name: cltFolder Value: benefits/hcamfa
.hcarewards.lifeatworkportal.com/	1969-12-31 23:59:59	Name: product Value: login
.hcarewards.lifeatworkportal.com/	1969-12-31 23:59:59	Name: locale Value: ""
.hcarewards.lifeatworkportal.com/	1969-12-31 23:59:59	Name: origURL Value: ""
.hcarewards.lifeatworkportal.com/	1969-12-31 23:59:59	Name: origtargetURL Value: ""
.hcarewards.lifeatworkportal.com/	1969-12-31 23:59:59	Name: MWFRQWEA Value: 029a849977-b7d5-40RWIr84s6b7s2BSNSJhLk3FBajUVQKsnf3BxZo7IH_RVE3J9WoPx4uerTwrwMKUDHld8
.lifeatworkportal.com/	1969-12-31 23:59:59	Name: WT_FPC Value: id=2a36fc9aecb37f169d31729712228744:lv=1729712228744:ss=1729712228744
.cd.lifeatworkportal.com/	1970-01-21 00:30:23	Name: LB Value: 81.95.5.37:51662
.sdc.lifeatworkportal.com/	1970-01-21 00:30:23	Name: LB Value: 81.95.5.37:39660
sdc.lifeatworkportal.com/	1969-12-31 23:59:59	Name: SPPOEAMH Value: 025e396da3-15db-4aH9ZdiW_jfnMsJSdDdVK6oeOKcPHv-TpcAPqxrG8sU6Wczwp3nB2QBRJMUZ4nV4eBP9Y

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://hcarewards.lifeatworkportal.com/login/v3/pub/logonlw.jsp?client=hcamfa Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://hcarewards.lifeatworkportal.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 (403)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cd.lifeatworkportal.com
hcarewards.lifeatworkportal.com
sdc.lifeatworkportal.com
www.google.com
www.gstatic.com
www.hcarewards.com
138.69.15.115
138.69.15.189
138.69.15.195
142.250.185.228
216.58.206.67
45.223.60.234
0c272d2b984c68692b4941e355dc7fb4c3e142c6cd2905786fc754e75af6016d
1e1166fd3ed57bf8d3a1cea6495d073bfd5f4ec885636fe741d85e78802a6e8b
232e728160543b17104516d09403f808fdaf84fc0cdf6ba0c0ba4dc55e69dd17
38ca7c48de33fb31ae7dfe8b2963024ab33be876a88453781e369ebb02e55b06
3d41c0a45347c804f819fd05d5a3cc2a653970431b155b0b4818e0556b494112
4f4e8fb1d562cf041c81eba325ad02c81c660513b11111081908e0f029ac344b
5d4c91b363e30da25daa508c3de5cfb7d92de1e1df79a6f20453b3ff9bf493d1
6297ee2a54577b9ce5494bf16cbd584a27ea194de38354f3cb37de0e87bf3ff9
7058211e5216ebad63799d12378357a75369454d3f8711690ffb22f52d143b4a
7efe892fa4ab4622102e8df4c7c4da906139fce1d4d25bb5c7a1224b8fa798cc
92eb21896a049a28187bad1cfdfac82dada53ae76be469a59395cb6b78b4e6c9
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57
9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af
9bf47bc53ccc2a090ac0cdc2acde06c1347660fc48cf4b97d48f08536cf13a2b
a22c3070ed376c37b68a7c6e33de72c06054feb66048160908a782b819d40922
b67979b90e715c26c924d8bc42def234cf5d84276018fdda8fab4514a61f74da
cb37bca8bda6339946a7d30765bc9185ca47c3a07a1bdcd705d762aeda50b284
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

hcarewards.lifeatworkportal.com Open in urlscan Pro 45.223.60.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

95 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

5 IPs

1 Countries

385 kBTransfer

982 kBSize

19 Cookies

4 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

19 Cookies

2 Console Messages

Security Headers

Indicators

hcarewards.lifeatworkportal.com Open in urlscan Pro
45.223.60.234 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

95 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

1
Countries

385 kB
Transfer

982 kB
Size

19
Cookies

19 HTTP transactions
0 data transactions