urlscan.io logo urlscan.io
SecurityTrails logo

buyatsso4.ppg.com Open in urlscan Pro
141.189.250.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ppg.aspcl6.medgate.com/gx2/safetycompliancefindingassignee/login.rails?args=!%3aZS%2bd8IyHa8CeLl%2bMedshMLiRzX8xYDnTKnN...
Effective URL: https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
Submission: On April 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 141.189.250.153, located in Pittsburgh, United States and belongs to PPG-INDUSTRIES, US. The main domain is buyatsso4.ppg.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 26th 2022. Valid for: a year.
This is the only time buyatsso4.ppg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.227.46 16509 (AMAZON-02)
6 141.189.250.153 17011 (PPG-INDUS...)
6 2
Apex Domain
Subdomains		 Transfer
6 ppg.com
buyatsso4.ppg.com
65 KB
1 medgate.com
ppg.aspcl6.medgate.com
2 KB
6 2
Domain Requested by
6 buyatsso4.ppg.com buyatsso4.ppg.com
1 ppg.aspcl6.medgate.com 1 redirects
6 2

This site contains no links.

Subject Issuer Validity Valid
buyatsso4.ppg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-26 -
2023-11-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
Frame ID: E6FFCFBBF8D80ACA0FB7A830071381FF
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Startbereichsermittlung

Page URL History Show full URLs

  1. https://ppg.aspcl6.medgate.com/gx2/safetycompliancefindingassignee/login.rails?args=!%3aZS%2bd8IyHa8CeLl%2b... HTTP 302
    https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

65 kB
Transfer

65 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ppg.aspcl6.medgate.com/gx2/safetycompliancefindingassignee/login.rails?args=!%3aZS%2bd8IyHa8CeLl%2bMedshMLiRzX8xYDnTKnNGk29InOlGxCfKQPQuOjU5FwKxNDVV HTTP 302
    https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request idpinitiatedsignon.aspx
buyatsso4.ppg.com/adfs/ls/
Redirect Chain
  • https://ppg.aspcl6.medgate.com/gx2/safetycompliancefindingassignee/login.rails?args=!%3aZS%2bd8IyHa8CeLl%2bMedshMLiRzX8xYDnTKnNGk29InOlGxCfKQPQuOjU5FwKxNDVV
  • https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
46 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.189.250.153 Pittsburgh, United States, ASN17011 (PPG-INDUSTRIES, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8dbaf750a5ea85ddc6d737b1f058cc5fbc95363a717730ea5db1a96293c92c3e
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Content-Length
47265
Content-Type
text/html; charset=utf-8
Date
Thu, 20 Apr 2023 12:49:08 GMT
Expires
-1
Include-Referred-Token-Binding-ID
true
P3P
ADFS doesn't have P3P policy, please contact your site's admin for more details
Pragma
no-cache
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
X-Frame-Options
DENY

Redirect headers

access-control-allow-headers
cookie,authorization,cache-control,pragma,corityauthorization,content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
set-cookie
cache-control
no-cache, no-store
content-length
219
content-security-policy
frame-ancestors 'self';sandbox allow-scripts allow-forms allow-same-origin allow-popups allow-downloads allow-popups-to-escape-sandbox allow-modals; frame-src 'self' https: ; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; default-src none; connect-src 'self' https: ; img-src 'self' https: data: blob:; font-src 'self' data:; script-src-elem 'self' 'unsafe-inline' https://app.pendo.io https://pendo-io-static.storage.googleapis.com https://pendo-static-5272838437339136.storage.googleapis.com; style-src-elem 'self' 'unsafe-inline' https://pendo-static-5272838437339136.storage.googleapis.com
content-type
text/html; charset=utf-8
date
Thu, 20 Apr 2023 12:49:04 GMT
etag
5784858,1709044
expires
-1
location
https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
p3p
CP='IE'
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Content-Encoding
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
style.css
buyatsso4.ppg.com/adfs/portal/css/ 		8 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buyatsso4.ppg.com/adfs/portal/css/style.css?id=BA90AB5AF6B8BC262DEB76F15AAE797F6A68CE3AE6B9D72D0FB926B21D8982DF
Requested by
Host: buyatsso4.ppg.com
URL: https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.189.250.153 Pittsburgh, United States, ASN17011 (PPG-INDUSTRIES, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
727ad28507f1c686f15a240c4c47e8791cbdbc8059fb8e9181568e6604efe8a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
Sat, 20 May 2023 12:49:09 GMT
Date
Thu, 20 Apr 2023 12:49:08 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
BA90AB5AF6B8BC262DEB76F15AAE797F6A68CE3AE6B9D72D0FB926B21D8982DF
Content-Length
8468
Content-Type
text/css
logo.png
buyatsso4.ppg.com/adfs/portal/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buyatsso4.ppg.com/adfs/portal/logo/logo.png?id=AD67E86F521F2BAE2BF0B70FFF9599B51F35FC4816816E1AA314BFA2C2589C33
Requested by
Host: buyatsso4.ppg.com
URL: https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.189.250.153 Pittsburgh, United States, ASN17011 (PPG-INDUSTRIES, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ad67e86f521f2bae2bf0b70fff9599b51f35fc4816816e1aa314bfa2c2589c33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
Sat, 20 May 2023 12:49:09 GMT
Date
Thu, 20 Apr 2023 12:49:08 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
AD67E86F521F2BAE2BF0B70FFF9599B51F35FC4816816E1AA314BFA2C2589C33
Content-Length
2244
Content-Type
image/png
idp.png
buyatsso4.ppg.com/adfs/portal/images/idp/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buyatsso4.ppg.com/adfs/portal/images/idp/idp.png?id=25040120B7892CA078A2182D6FD17832DA7005A59997F751B5B94A6848ACEA7A
Requested by
Host: buyatsso4.ppg.com
URL: https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.189.250.153 Pittsburgh, United States, ASN17011 (PPG-INDUSTRIES, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
25040120b7892ca078a2182d6fd17832da7005a59997f751b5b94a6848acea7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
Sat, 20 May 2023 12:49:09 GMT
Date
Thu, 20 Apr 2023 12:49:08 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
25040120B7892CA078A2182D6FD17832DA7005A59997F751B5B94A6848ACEA7A
Content-Length
1038
Content-Type
image/png
localsts.png
buyatsso4.ppg.com/adfs/portal/images/idp/ 		257 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buyatsso4.ppg.com/adfs/portal/images/idp/localsts.png?id=B94577A0DB76C64A088035F85BD98A22DC0411915DAF25ABA6B79840C9917F7F
Requested by
Host: buyatsso4.ppg.com
URL: https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.189.250.153 Pittsburgh, United States, ASN17011 (PPG-INDUSTRIES, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b94577a0db76c64a088035f85bd98a22dc0411915daf25aba6b79840c9917f7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
Sat, 20 May 2023 12:49:09 GMT
Date
Thu, 20 Apr 2023 12:49:08 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
B94577A0DB76C64A088035F85BD98A22DC0411915DAF25ABA6B79840C9917F7F
Content-Length
257
Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44c09a1300a946429d86582c5416de91810a9fe3cf55b31f852510fd0fe01a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
illustration.png
buyatsso4.ppg.com/adfs/portal/illustration/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buyatsso4.ppg.com/adfs/portal/illustration/illustration.png?id=79B1861772B0BB416DF4C8847CAD2F2CA50BF1B5AB8F33505DDB309836D81B04
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
141.189.250.153 Pittsburgh, United States, ASN17011 (PPG-INDUSTRIES, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
79b1861772b0bb416df4c8847cad2f2ca50bf1b5ab8f33505ddb309836d81b04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buyatsso4.ppg.com/adfs/ls/idpinitiatedsignon.aspx?LoginToRP=https://ppg.aspcl6.medgate.com/gx2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
Sat, 20 May 2023 12:49:09 GMT
Date
Thu, 20 Apr 2023 12:49:08 GMT
Server
Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
ETag
79B1861772B0BB416DF4C8847CAD2F2CA50BF1B5AB8F33505DDB309836D81B04
Content-Length
4286
Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| HRDErrors function| InputUtil function| HRD object| urlParams string| env string| etemplateUrl string| ebizDomain string| SSOShort string| ADShort string| resetPW undefined| updateProfile undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| SetIllustrationImage string| browserLang object| cr undefined| referringWeb object| linkNode undefined| customDiv object| listAllSpanForIdp number| inc object| listAlldivIdp number| dv function| getADUsername function| addDynamicText function| dynamicTextResponse function| adResponse function| processLogin function| getFirstBrowserLanguage function| setTranslationText

6 Cookies

Domain/Path Name / Value
buyatsso4.ppg.com/adfs Name: MSISSamlRequest
Value: QmFzZVVybD1odHRwcyUzYSUyZiUyZmJ1eWF0c3NvNC5wcGcuY29tJTJmYWRmcyUyZmxzJTJmXFNBTUxSZXF1ZXN0PWxWSlBTOE13RlA4cUpmYzJXWnV1Tm5TRjRTNER2YWg0OENKWmttMkJOb2w1aWN4dmI5cWhROFNCdCUyYlR4JTJiJTJmdDRIZkJ4Y0d3ZHc5RThxTGVvSUdUYnpRcTlWb3NsSjQyNHlVblZpSnhTMmVZNzJWVDVvcTRvYmVxYTBsYWk3Rmw1ME5hc1VGa1FsRzBCb3RvYUNOeUVOQ0psbFJPYWwlMmJScFVUTGFNbElYN1pLJTJib0d5VFhMVGhZV1llUTNEQU1ON0ZEeDRBTEMyY094VENqcGpMUGVBQk1NcHVyUUUxYVVadm1PV2dnUmslMmJLbUJCc01mMSUyZlIxTDlreWNRU3dhY0Vyb3ZWWXA0R2tjRExDNTVIVzI4elpZWVFmVWQzTU5mNlplSjNFQTVhY2FxSjlxJTJmTjBpd2Q2MVVJQ0RqeEE2Zkxib3UxUk02a2tBJTJmbW5YcmFQVXlnajFrSGJwdFppbWwySCUyZnRkUXBCQWNuaG1VeEtubmdRYzJaRHFleXc5JTJmZ3klMmZPSEdMNkVTNSUyZmZkOUolMmZBZyUzZCUzZFxQcm90b2NvbEJpbmRpbmc9dXJuJTNhb2FzaXMlM2FuYW1lcyUzYXRjJTNhU0FNTCUzYTIuMCUzYWJpbmRpbmdzJTNhSFRUUC1SZWRpcmVjdFxTaWduYXR1cmU9ZUx5VXQ4dnBxUVpPZURZTmN4YUpHblE1c214aTJLamFZTUxldTROdkEyMUdzOHM0VHNOajhvMk9rU3N1ZVJzVHRvVUhpNFRaTmYlMmIxRDB1d2UxJTJiT1RvVkx2NWFtQVBrUVo4NWUwemZZZkhZa2R6bVVVa2Z0WDRlYlB5YUhwdnlKY3FJR05QYUdZbm9zQVglMmJha3o3VE5yd1pvSERwcm50bnpqQmVUZll2ZWtYYVg3Q0twMFJETzJOJTJiNFUzOGh6Z2Z6TXdETURhTHhHNmtJREJQT0ElMmZlODBtdWhCVlE5dU1zciUyZjElMmJ3aXpjNG9FM0JKaXNEYnclMmIxUVUlMmJhM1hTRXJRTGVFVGpLSjE3eXJHNExyTTlMRFhUTWNSWkxHTFVpdlBtSHZ3TlRJOG1hQzB5NnZqOUJFUUI1aWdBS1FjcCUyYjFNJTJiWGt6Z011WWdGcnZGZWl5UEdWTk96ZyUzZCUzZFxTaWdBbGc9aHR0cCUzYSUyZiUyZnd3dy53My5vcmclMmYyMDAxJTJmMDQlMmZ4bWxkc2lnLW1vcmUlMjNyc2Etc2hhMjU2XFF1ZXJ5U3RyaW5nSGFzaD1vdUpuWE52cXZlODglMmZTaU1yYzRlaGRSZTElMmI2Vlk2MW9XRno2RkprTlB2VSUzZA==
ppg.aspcl6.medgate.com/ Name: ASP.NET_SessionId
Value: e3yj5ciosiw0hxzsqqydndjk
ppg.aspcl6.medgate.com/ Name: userSystemSettingKey
Value: 300c20821047f8d9cddca3f39401598a08ebdbec85bf85c6776250d750f062ce
ppg.aspcl6.medgate.com/ Name: loginToken
Value: J8Lgh1laR7AinA5fDaEkX5IZvf2C+OpLSh4IVtQ2swHIrOzMN3Ry2C5XyhMQuU6Ff419eX9XFac9d6Gi4BgAAkluNiTcacHRx7p/MOyvdWV7kuFv7h4YrnjZlv5rDoaY9kJF/vvIG64tDxBGwI0tGfFHVgEcgorIj1IQyOmCP/PWMJtPkJQL6RPNXPZbIoUT0pH+HAisIal1rNCWW4GivtQKvq8yUb+Vr+g7O+AVC7y3FEL1XT781KilYyJDDfVDbWZ6bsTarOZS2hkKLeiuF8MNxIqLNDquemThQljKOdTqw7WRvbmLVC3EfdodEVfu8vQM7DL4ee9+LvwTS50sDg==
ppg.aspcl6.medgate.com/ Name: languageLoginSetting
Value: English
ppg.aspcl6.medgate.com/ Name: saml_standalone_login_url
Value: safetycompliancefindingassignee/login.rails?args=!:ZS+d8IyHa8CeLl+MedshMLiRzX8xYDnTKnNGk29InOlGxCfKQPQuOjU5FwKxNDVV

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY