pingfed.merck.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 34.233.17.74, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is pingfed.merck.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 4th 2019. Valid for: 2 years.

This is the only time pingfed.merck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	54.169.181.207 54.169.181.207	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5	34.233.17.74 34.233.17.74	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
6	2

3 54.169.181.207 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-169-181-207.ap-southeast-1.compute.amazonaws.com

vchate.msdwechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.233.17.74 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-233-17-74.compute-1.amazonaws.com

pingfed.merck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	merck.com pingfed.merck.com	288 KB
3	msdwechat.com 2 redirects vchate.msdwechat.com	2 KB
6	2

	Domain	Requested by
5	pingfed.merck.com	vchate.msdwechat.com pingfed.merck.com
3	vchate.msdwechat.com	2 redirects
6	2

This site contains no links.

Subject Issuer	Validity	Valid
pingfed.merck.com COMODO RSA Organization Validation Secure Server CA	`2019-01-04` - `2021-01-03`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://pingfed.merck.com/as/authorization.oauth2?client_id=VChatOAuthPrd&client_secret=nV3hAMPyKHSg2G1tvG7bHfmWaGGUabBXoEx7N2h1tdQ27bw73BbjhJpGUve5iVFt&response_type=code&redirect_uri=http%3a%2f%2fvchate.msdwechat.com%2fWechatMessageProcessor%2fDownstreamSystem%2fOauth2ExtGetCodeMMD%3fcallurl%3dhttp%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&pfidpadapterid=ADPRODFormGeneric
Frame ID: 2ECDC8ECCBC242F963D7015E32086A9E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://vchate.msdwechat.com/WeixinPlat/Account/Login HTTP 302
http://vchate.msdwechat.com/WeixinPlat/Oauth2LoginAccount/OAuth2Login HTTP 302
http://vchate.msdwechat.com/WechatMessageProcessor/DownstreamSystem/Oauth2ExtGetCodeMMD?callurl=http%3a%... Page URL
https://pingfed.merck.com/as/authorization.oauth2?client_id=VChatOAuthPrd&client_secret=nV3hAMPyKHSg2G... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

289 kB
Transfer

287 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vchate.msdwechat.com/WeixinPlat/Account/Login HTTP 302
http://vchate.msdwechat.com/WeixinPlat/Oauth2LoginAccount/OAuth2Login HTTP 302
http://vchate.msdwechat.com/WechatMessageProcessor/DownstreamSystem/Oauth2ExtGetCodeMMD?callurl=http%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&internal=true Page URL
https://pingfed.merck.com/as/authorization.oauth2?client_id=VChatOAuthPrd&client_secret=nV3hAMPyKHSg2G1tvG7bHfmWaGGUabBXoEx7N2h1tdQ27bw73BbjhJpGUve5iVFt&response_type=code&redirect_uri=http%3a%2f%2fvchate.msdwechat.com%2fWechatMessageProcessor%2fDownstreamSystem%2fOauth2ExtGetCodeMMD%3fcallurl%3dhttp%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&pfidpadapterid=ADPRODFormGeneric Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://vchate.msdwechat.com/WeixinPlat/Account/Login HTTP 302
http://vchate.msdwechat.com/WeixinPlat/Oauth2LoginAccount/OAuth2Login HTTP 302
http://vchate.msdwechat.com/WechatMessageProcessor/DownstreamSystem/Oauth2ExtGetCodeMMD?callurl=http%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&internal=true

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Oauth2ExtGetCodeMMD vchate.msdwechat.com/WechatMessageProcessor/DownstreamSystem/ Redirect Chain http://vchate.msdwechat.com/WeixinPlat/Account/Login http://vchate.msdwechat.com/WeixinPlat/Oauth2LoginAccount/OAuth2Login http://vchate.msdwechat.com/WechatMessageProcessor/DownstreamSystem/Oauth2ExtGetCodeMMD?callurl=http%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&internal=true	615 B 874 B	229ms 228ms	Document text/html	54.169.181.207 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://vchate.msdwechat.com/WechatMessageProcessor/DownstreamSystem/Oauth2ExtGetCodeMMD?callurl=http%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&internal=true Protocol HTTP/1.1 Server 54.169.181.207 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-169-181-207.ap-southeast-1.compute.amazonaws.com Software Microsoft-IIS/7.5 / ASP.NET Resource Hash Request headers Host vchate.msdwechat.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Cookie ASP.NET_SessionId=nyo1g11yrwooxjrzw1ocf4uu Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Cache-Control private Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Thu, 05 Sep 2019 02:06:46 GMT Server Microsoft-IIS/7.5 Vary Accept-Encoding X-AspNet-Version 4.0.30319 X-AspNetMvc-Version 3.0 X-Powered-By ASP.NET Content-Length 557 Connection keep-alive Redirect headers Access-Control-Allow-Headers x-requested-with,content-type Access-Control-Allow-Methods OPTIONS,POST,GET Access-Control-Allow-Origin * Cache-Control private Content-Type text/html; charset=utf-8 Date Thu, 05 Sep 2019 02:06:46 GMT Location http://vchate.msdwechat.com/WechatMessageProcessor/DownstreamSystem/Oauth2ExtGetCodeMMD?callurl=http%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&internal=true Server Microsoft-IIS/7.5 X-AspNet-Version 4.0.30319 X-AspNetMvc-Version 3.0 X-Powered-By ASP.NET transfer-encoding chunked Connection keep-alive
POST H/1.1	200 OK	Primary Request Cookie set authorization.oauth2 Show response pingfed.merck.com/as/	7 KB 7 KB	709ms 171ms	Document text/html	34.233.17.74 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://pingfed.merck.com/as/authorization.oauth2?client_id=VChatOAuthPrd&client_secret=nV3hAMPyKHSg2G1tvG7bHfmWaGGUabBXoEx7N2h1tdQ27bw73BbjhJpGUve5iVFt&response_type=code&redirect_uri=http%3a%2f%2fvchate.msdwechat.com%2fWechatMessageProcessor%2fDownstreamSystem%2fOauth2ExtGetCodeMMD%3fcallurl%3dhttp%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&pfidpadapterid=ADPRODFormGeneric Requested by Host: vchate.msdwechat.com URL: http://vchate.msdwechat.com/WechatMessageProcessor/DownstreamSystem/Oauth2ExtGetCodeMMD?callurl=http%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&internal=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.17.74 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-233-17-74.compute-1.amazonaws.com Software / Resource Hash `8f3de948e741a8f91ecbf97c9bf24ab81c4957a966afdcf8a2bd982b748c207d` Request headers Host pingfed.merck.com Connection keep-alive Content-Length 15 Pragma no-cache Cache-Control no-cache Origin http://vchate.msdwechat.com Upgrade-Insecure-Requests 1 Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer http://vchate.msdwechat.com/WechatMessageProcessor/DownstreamSystem/Oauth2ExtGetCodeMMD?callurl=http%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&internal=true Accept-Encoding gzip, deflate, br Origin http://vchate.msdwechat.com Upgrade-Insecure-Requests 1 Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Referer http://vchate.msdwechat.com/WechatMessageProcessor/DownstreamSystem/Oauth2ExtGetCodeMMD?callurl=http%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&internal=true Response headers Date Thu, 05 Sep 2019 02:06:47 GMT Referrer-Policy origin Cache-Control no-cache, no-store Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT Content-Type text/html;charset=utf-8 Set-Cookie PF=8mDOjQ44ocd90pQEJAxvLu;Path=/;Secure;HttpOnly Content-Length 7037
GET H/1.1	200 OK	main.css pingfed.merck.com/assets/css/	150 KB 150 KB	209ms 208ms	Stylesheet text/css	34.233.17.74 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://pingfed.merck.com/assets/css/main.css Requested by Host: pingfed.merck.com URL: https://pingfed.merck.com/as/authorization.oauth2?client_id=VChatOAuthPrd&client_secret=nV3hAMPyKHSg2G1tvG7bHfmWaGGUabBXoEx7N2h1tdQ27bw73BbjhJpGUve5iVFt&response_type=code&redirect_uri=http%3a%2f%2fvchate.msdwechat.com%2fWechatMessageProcessor%2fDownstreamSystem%2fOauth2ExtGetCodeMMD%3fcallurl%3dhttp%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&pfidpadapterid=ADPRODFormGeneric Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.17.74 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-233-17-74.compute-1.amazonaws.com Software / Resource Hash `b71cd6c585b8d1dc6f3069da74fbeb0cd7416b6122fc4f45b3714d23fcca9b0a` Request headers Sec-Fetch-Mode no-cors Referer https://pingfed.merck.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 05 Sep 2019 02:06:48 GMT Cache-Control max-age=0, must-revalidate Referrer-Policy origin Last-Modified Tue, 27 Feb 2018 03:11:54 GMT Content-Length 153571 Content-Type text/css
GET H/1.1	200 OK	mrk_icn_rgb_tl.png pingfed.merck.com/assets/images/	7 KB 7 KB	439ms 246ms	Image image/png	34.233.17.74 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://pingfed.merck.com/assets/images/mrk_icn_rgb_tl.png Requested by Host: pingfed.merck.com URL: https://pingfed.merck.com/as/authorization.oauth2?client_id=VChatOAuthPrd&client_secret=nV3hAMPyKHSg2G1tvG7bHfmWaGGUabBXoEx7N2h1tdQ27bw73BbjhJpGUve5iVFt&response_type=code&redirect_uri=http%3a%2f%2fvchate.msdwechat.com%2fWechatMessageProcessor%2fDownstreamSystem%2fOauth2ExtGetCodeMMD%3fcallurl%3dhttp%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&pfidpadapterid=ADPRODFormGeneric Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.17.74 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-233-17-74.compute-1.amazonaws.com Software / Resource Hash `63939b9d14bacf63e2c89de90f37c33f244ade7cc5a04a4a312865afed3e87c0` Request headers Sec-Fetch-Mode no-cors Referer https://pingfed.merck.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 05 Sep 2019 02:06:48 GMT Cache-Control max-age=0, must-revalidate Referrer-Policy origin Last-Modified Fri, 07 Sep 2018 15:38:52 GMT Content-Length 7285 Content-Type image/png
GET H/1.1	200 OK	ProximaNova-Light.otf pingfed.merck.com/assets/fonts/proxima-nova/	61 KB 62 KB	210ms 210ms	Font application/vnd.oasis.opendocument.formula-template	34.233.17.74 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://pingfed.merck.com/assets/fonts/proxima-nova/ProximaNova-Light.otf Requested by Host: pingfed.merck.com URL: https://pingfed.merck.com/as/authorization.oauth2?client_id=VChatOAuthPrd&client_secret=nV3hAMPyKHSg2G1tvG7bHfmWaGGUabBXoEx7N2h1tdQ27bw73BbjhJpGUve5iVFt&response_type=code&redirect_uri=http%3a%2f%2fvchate.msdwechat.com%2fWechatMessageProcessor%2fDownstreamSystem%2fOauth2ExtGetCodeMMD%3fcallurl%3dhttp%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&pfidpadapterid=ADPRODFormGeneric Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.17.74 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-233-17-74.compute-1.amazonaws.com Software / Resource Hash `0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20` Request headers Sec-Fetch-Mode cors Referer https://pingfed.merck.com/ Origin https://pingfed.merck.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 05 Sep 2019 02:06:48 GMT Cache-Control max-age=0, must-revalidate Referrer-Policy origin Last-Modified Tue, 27 Feb 2018 03:09:18 GMT Content-Length 62968 Content-Type application/vnd.oasis.opendocument.formula-template
GET H/1.1	200 OK	ProximaNova-Regular.otf pingfed.merck.com/assets/fonts/proxima-nova/	61 KB 62 KB	118ms 117ms	Font application/vnd.oasis.opendocument.formula-template	34.233.17.74 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://pingfed.merck.com/assets/fonts/proxima-nova/ProximaNova-Regular.otf Requested by Host: pingfed.merck.com URL: https://pingfed.merck.com/as/authorization.oauth2?client_id=VChatOAuthPrd&client_secret=nV3hAMPyKHSg2G1tvG7bHfmWaGGUabBXoEx7N2h1tdQ27bw73BbjhJpGUve5iVFt&response_type=code&redirect_uri=http%3a%2f%2fvchate.msdwechat.com%2fWechatMessageProcessor%2fDownstreamSystem%2fOauth2ExtGetCodeMMD%3fcallurl%3dhttp%3a%2f%2fvchate.msdwechat.com%2fWeixinPlat%2fOauth2LoginAccount%2fOAuth2Login&pfidpadapterid=ADPRODFormGeneric Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.17.74 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-233-17-74.compute-1.amazonaws.com Software / Resource Hash `2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9` Request headers Sec-Fetch-Mode cors Referer https://pingfed.merck.com/ Origin https://pingfed.merck.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 05 Sep 2019 02:06:48 GMT Cache-Control max-age=0, must-revalidate Referrer-Policy origin Last-Modified Tue, 27 Feb 2018 03:09:18 GMT Content-Length 62892 Content-Type application/vnd.oasis.opendocument.formula-template

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pingfed.merck.com/	1969-12-31 23:59:59	Name: PF Value: 8mDOjQ44ocd90pQEJAxvLu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pingfed.merck.com
vchate.msdwechat.com
34.233.17.74
54.169.181.207
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20
2b80fbe521e07e4e84eb52e707b364c3e6c05c57e483276dc4b3be93a9794ba9
63939b9d14bacf63e2c89de90f37c33f244ade7cc5a04a4a312865afed3e87c0
8f3de948e741a8f91ecbf97c9bf24ab81c4957a966afdcf8a2bd982b748c207d
b71cd6c585b8d1dc6f3069da74fbeb0cd7416b6122fc4f45b3714d23fcca9b0a

pingfed.merck.com Open in urlscan Pro 34.233.17.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

289 kBTransfer

287 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

1 Cookies

Indicators

pingfed.merck.com Open in urlscan Pro
34.233.17.74 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

289 kB
Transfer

287 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions