merck.advantageclub.co Open in urlscan Pro
18.141.21.86 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://merck.advantageclub.co/forgot_Password/9dSRqijxNPSMstijx-yt
Submission: On May 17 via manual (May 17th 2024, 7:46:29 am UTC) from IN — Scanned from SG

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 5 domains to perform 16 HTTP transactions. The main IP is 18.141.21.86, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is merck.advantageclub.co.
TLS certificate: Issued by Amazon RSA 2048 M01 on September 27th 2023. Valid for: a year.

This is the only time merck.advantageclub.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	18.141.21.86 18.141.21.86	16509 (AMAZON-02) (AMAZON-02)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4003:c01::5f	15169 (GOOGLE) (GOOGLE)
4	65.0.206.38 65.0.206.38	16509 (AMAZON-02) (AMAZON-02)
1	43.205.102.246 43.205.102.246	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20c... 2600:9000:20c7:0:15:24c5:bfc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20c... 2600:9000:20c7:5800:15:24c5:bfc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4003:c1a::5e	15169 (GOOGLE) (GOOGLE)
16	8

3 18.141.21.86 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-21-86.ap-southeast-1.compute.amazonaws.com

merck.advantageclub.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c01::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.0.206.38 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-65-0-206-38.ap-south-1.compute.amazonaws.com

secure.workadvantage.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.205.102.246 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-205-102-246.ap-south-1.compute.amazonaws.com

www.advantageclub.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c7:0:15:24c5:bfc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn2.workadvantage.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20c7:5800:15:24c5:bfc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn1.workadvantage.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.workadvantage.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	workadvantage.in secure.workadvantage.in — Cisco Umbrella Rank: 767257 cdn2.workadvantage.in — Cisco Umbrella Rank: 451774 cdn1.workadvantage.in — Cisco Umbrella Rank: 480814 cdn3.workadvantage.in — Cisco Umbrella Rank: 469994	2 MB
4	advantageclub.co merck.advantageclub.co www.advantageclub.co	5 MB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	44 KB
1	gstatic.com fonts.gstatic.com	32 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	846 B
16	5

	Domain	Requested by
4	secure.workadvantage.in	merck.advantageclub.co
3	merck.advantageclub.co	merck.advantageclub.co
2	cdn1.workadvantage.in	merck.advantageclub.co
2	cdnjs.cloudflare.com	merck.advantageclub.co cdnjs.cloudflare.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn3.workadvantage.in
1	cdn2.workadvantage.in
1	www.advantageclub.co
1	fonts.googleapis.com	merck.advantageclub.co
16	9

This site contains no links.

Subject Issuer	Validity	Valid
*.advantageclub.co Amazon RSA 2048 M01	`2023-09-27` - `2024-10-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
advantageclub.co Amazon RSA 2048 M02	`2024-02-01` - `2025-03-01`	a year	crt.sh
*.workadvantage.in Amazon RSA 2048 M03	`2024-03-15` - `2025-04-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://merck.advantageclub.co/forgot_Password/9dSRqijxNPSMstijx-yt
Frame ID: D2239F5D028D3A1404E6DF521B47DAB5
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Advantage Club

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

9
Subdomains

8
IPs

4
Countries

6723 kB
Transfer

6794 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 9dSRqijxNPSMstijx-yt Show response
merck.advantageclub.co/forgot_Password/ 945 B
1 KB 43ms
9ms Document
text/html 18.141.21.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://merck.advantageclub.co/forgot_Password/9dSRqijxNPSMstijx-yt
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.141.21.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-21-86.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: ce6acec4e9c4a59915f025fadb0711bc5506b70031a867449c6a5624afeb21ff

Request headers

Accept-Language: zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=0
content-length: 945
content-type: text/html; charset=UTF-8
date: Fri, 17 May 2024 07:46:22 GMT
etag: W/"3b1-18f62522a18"
last-modified: Fri, 10 May 2024 11:45:03 GMT
server: nginx/1.20.0
x-powered-by: Express

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/ 100 KB
19 KB 47ms
29ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css

Requested by

Host: merck.advantageclub.co
URL: https://merck.advantageclub.co/forgot_Password/9dSRqijxNPSMstijx-yt

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://merck.advantageclub.co
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 07:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 55541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18716
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6373d4a6-491c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9YIXc4uHlTfNdNJaIHvijde1sfiri8tV4jWXaswwTb3%2Fvsf2WI5FIU%2BcWweecOa6PGCwSzDVVSN%2F9wBMjmPzdFhVGTgCMThh9vxWzBmPIXs5qjGM2X4hymcAI%2BFxYWyQMl2fWxzU"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8851fe493eed9c99-SIN
expires: Wed, 07 May 2025 07:46:22 GMT

GET
H2 200 main.454db733.js Show response
merck.advantageclub.co/static/js/ 4 MB
4 MB 39ms
38ms Script
application/javascript 18.141.21.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://merck.advantageclub.co/static/js/main.454db733.js
Requested by: Host: merck.advantageclub.co
URL: https://merck.advantageclub.co/forgot_Password/9dSRqijxNPSMstijx-yt
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.141.21.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-21-86.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 32387ac4c57248b605751bf5655e048e26865e5f6ae4e2098a8e495eaa5e6927

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://merck.advantageclub.co/forgot_Password/9dSRqijxNPSMstijx-yt
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 07:46:22 GMT
last-modified: Fri, 10 May 2024 11:45:03 GMT
server: nginx/1.20.0
x-powered-by: Express
etag: W/"40ac65-18f62522a18"
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4238437

GET
H2 200 main.4bb2c328.css
merck.advantageclub.co/static/css/ 561 KB
562 KB 15ms
15ms Stylesheet
text/css 18.141.21.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://merck.advantageclub.co/static/css/main.4bb2c328.css
Requested by: Host: merck.advantageclub.co
URL: https://merck.advantageclub.co/forgot_Password/9dSRqijxNPSMstijx-yt
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.141.21.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-21-86.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: b680bb98f62ad171f239a1d9d927571cb4ed538d2b6d9793d49efa42c9dbf07f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://merck.advantageclub.co/forgot_Password/9dSRqijxNPSMstijx-yt
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 07:46:22 GMT
last-modified: Fri, 10 May 2024 11:45:03 GMT
server: nginx/1.20.0
x-powered-by: Express
etag: W/"8c2f0-18f62522a18"
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 574192

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
846 B 46ms
19ms Stylesheet
text/css 2404:6800:4003:c01::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Outfit:wght@400;500;600;700&display=swap

Requested by

Host: merck.advantageclub.co
URL: https://merck.advantageclub.co/static/css/main.4bb2c328.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

165c553dc2534021e08a5cf4738c55b05e20e74e79afa6b512a3020a269dba19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://merck.advantageclub.co/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 07:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 07:27:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 07:46:22 GMT

OPTIONS
H2 200 profiles
secure.workadvantage.in/api/v1/ 0
0 224ms
67ms Preflight 65.0.206.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.workadvantage.in/api/v1/profiles
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.0.206.38 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-65-0-206-38.ap-south-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: token
Access-Control-Request-Method: GET
Origin: https://merck.advantageclub.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: token
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://merck.advantageclub.co
access-control-expose-headers
access-control-max-age: 1728000
cache-control: no-cache
content-encoding: gzip
date: Fri, 17 May 2024 07:46:23 GMT
vary: Accept-Encoding
x-request-id: 49c74d39-e6a2-4371-af78-db50630445ba
x-runtime: 0.000831

OPTIONS
H2 200 profiles
secure.workadvantage.in/api/v1/ 0
0 223ms
68ms Preflight 65.0.206.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.workadvantage.in/api/v1/profiles
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.0.206.38 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-65-0-206-38.ap-south-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: token
Access-Control-Request-Method: GET
Origin: https://merck.advantageclub.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: token
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: https://merck.advantageclub.co
access-control-expose-headers
access-control-max-age: 1728000
cache-control: no-cache
content-encoding: gzip
date: Fri, 17 May 2024 07:46:23 GMT
vary: Accept-Encoding
x-request-id: 437357c7-39c6-4bab-bae8-5eaf1b7ce47d
x-runtime: 0.000774

GET
H2 200 profiles Show response
secure.workadvantage.in/api/v1/ 51 B
1 KB 441ms
440ms XHR
application/json 65.0.206.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.workadvantage.in/api/v1/profiles

Requested by

Host: merck.advantageclub.co
URL: https://merck.advantageclub.co/static/js/main.454db733.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.0.206.38 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-65-0-206-38.ap-south-1.compute.amazonaws.com

Software

Resource Hash

1672f852be5a5107b917c0f1fabc627663e006913ca6e32bac78b72f337390ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .flock.com .advantageclub.co https://teams.microsoft.com .microsoft.com .live.com .outlook.com .office365.com .office.com .greythr.com *.repute.net
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Security-Policy	frame-ancestors https://teams.microsoft.com .microsoft.com .live.com .outlook.com .office365.com *.office.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://merck.advantageclub.co/
token
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors https://teams.microsoft.com *.microsoft.com *.live.com *.outlook.com *.office365.com *.office.com
date: Fri, 17 May 2024 07:46:23 GMT
access-control-request-method: *
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.flock.com *.advantageclub.co https://teams.microsoft.com *.microsoft.com *.live.com *.outlook.com *.office365.com *.office.com *.greythr.com *.repute.net
content-encoding: gzip
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000;includeSubDomains
remember_user_token
x-xss-protection: 1; mode=block
x-request-id: 0faa5348-285f-4027-bc50-907d9579b615
pragma: no-cache
x-runtime: 0.174110
referrer-policy: unsafe-url
etag: W/"1672f852be5a5107b917c0f1fabc6276"
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://merck.advantageclub.co
access-control-expose-headers
cache-control: no-store
vary: Origin,Accept-Encoding
access-control-allow-headers: Content-Type
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 profiles Show response
secure.workadvantage.in/api/v1/ 51 B
1 KB 539ms
97ms XHR
application/json 65.0.206.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.workadvantage.in/api/v1/profiles

Requested by

Host: merck.advantageclub.co
URL: https://merck.advantageclub.co/static/js/main.454db733.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.0.206.38 Mumbai, India, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-65-0-206-38.ap-south-1.compute.amazonaws.com

Software

Resource Hash

1672f852be5a5107b917c0f1fabc627663e006913ca6e32bac78b72f337390ec

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .flock.com .advantageclub.co https://teams.microsoft.com .microsoft.com .live.com .outlook.com .office365.com .office.com .greythr.com *.repute.net
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Security-Policy	frame-ancestors https://teams.microsoft.com .microsoft.com .live.com .outlook.com .office365.com *.office.com
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://merck.advantageclub.co/
token
sec-ch-ua-platform: "Win32"

Response headers

x-content-security-policy: frame-ancestors https://teams.microsoft.com *.microsoft.com *.live.com *.outlook.com *.office365.com *.office.com
date: Fri, 17 May 2024 07:46:23 GMT
access-control-request-method: *
x-content-type-options: nosniff
content-security-policy: frame-ancestors *.flock.com *.advantageclub.co https://teams.microsoft.com *.microsoft.com *.live.com *.outlook.com *.office365.com *.office.com *.greythr.com *.repute.net
content-encoding: gzip
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000;includeSubDomains
remember_user_token
x-xss-protection: 1; mode=block
x-request-id: 0de367c8-ec68-44ae-9d74-00f15756200e
pragma: no-cache
x-runtime: 0.026726
referrer-policy: unsafe-url
etag: W/"1672f852be5a5107b917c0f1fabc6276"
x-download-options: noopen
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://merck.advantageclub.co
access-control-expose-headers
cache-control: no-store
vary: Origin,Accept-Encoding
access-control-allow-headers: Content-Type
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon-196x196.png
www.advantageclub.co// 6 KB
6 KB 208ms
62ms Other
image/png 43.205.102.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.advantageclub.co//favicon-196x196.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 43.205.102.246 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-43-205-102-246.ap-south-1.compute.amazonaws.com
Software: /
Resource Hash: cfad3e15e648edee40eb1d9ac5c957d0a9c06af8515e9f65df41c452d8197497

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://merck.advantageclub.co/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 07:46:23 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2024 17:30:45 GMT
vary: Accept-Encoding
content-type: image/png

GET
H/1.1 200
OK 5484eadabf.svg
cdn2.workadvantage.in/images/cdn_upload/cdn/936/ 26 KB
26 KB 86ms
6ms Image
image/svg+xml 2600:9000:20c7:0:15:24c5:bfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.workadvantage.in/images/cdn_upload/cdn/936/5484eadabf.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:0:15:24c5:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e91ce587f4b5ffc030a8676e92a4ad12e65bbbeb0d20660ea255566350ec3bd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://merck.advantageclub.co/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 16 May 2024 10:41:04 GMT
x-amz-version-id: ho0ARW2d3n1eiV8yczLj4fAlSAjcfwrO
Via: 1.1 65572e59b8765f5b1f17936c65131ad6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN5-C1
Age: 75920
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 26207
Last-Modified: Wed, 15 May 2024 11:28:23 GMT
Server: AmazonS3
ETag: "b5d8abb8656685014822670700afd37f"
Vary: Origin
Content-Type: image/svg+xml
Accept-Ranges: bytes
X-Amz-Cf-Id: NVldNX8ONtmJSRGDnf0EeHJWr8-41fOoPy9GJLdhibmuDoaB9PGAwg==

GET
H/1.1 200
OK 00993a16ef.svg
cdn1.workadvantage.in/images/cdn_upload/cdn/945/ 325 KB
325 KB 158ms
5ms Image
image/svg+xml 2600:9000:20c7:5800:15:24c5:bfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.workadvantage.in/images/cdn_upload/cdn/945/00993a16ef.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:5800:15:24c5:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 529ebb9efdaaedf320e36a560052ad1c1e552f78b84aeb1e093dea8e6abc05c7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://merck.advantageclub.co/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 16 May 2024 13:06:37 GMT
x-amz-version-id: usG7XEdEg2oikDJgrIjLMRfQjfFDU2Bp
Via: 1.1 682a73fb2198f321ef89332a6cb933ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN5-C1
Age: 67188
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 332450
Last-Modified: Wed, 15 May 2024 11:28:24 GMT
Server: AmazonS3
ETag: "a9e1db3ed9200171590bc4ae64480918"
Vary: Origin
Content-Type: image/svg+xml
Accept-Ranges: bytes
X-Amz-Cf-Id: ruGjwkgS8AUOXB2Rs_EADasjXKJMkR1GjzAQMRelWPoiiGWVGjenoA==

GET
H/1.1 200
OK 06333ffdac.svg
cdn3.workadvantage.in/images/img/image/1949704/ 2 MB
2 MB 208ms
166ms Image
image/svg+xml 2600:9000:20c7:5800:15:24c5:bfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn3.workadvantage.in/images/img/image/1949704/06333ffdac.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:5800:15:24c5:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ea0e01acc02e6b014d88115dece843b3ef054f36b729d505a6ab81c43f6a806

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://merck.advantageclub.co/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 07:46:25 GMT
x-amz-version-id: Kbs1dKGUhzWSgZ8RzJrGryC8YeGyZr_X
Via: 1.1 fa00891de7530b64fd59452dc928b0b6.cloudfront.net (CloudFront)
Last-Modified: Wed, 15 May 2024 11:42:25 GMT
Server: AmazonS3
X-Amz-Cf-Pop: SIN5-C1
ETag: "ed52759c35a41f43a1a732497ffff7e5"
x-amz-server-side-encryption: AES256
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1614481
X-Amz-Cf-Id: Z1fr9V476moVPfETKkVHW7JIQKC5dhz9DzCKnoy0lOUNmUD-Mri7fg==

GET
H/1.1 200
OK 5893ceb3bd.svg
cdn1.workadvantage.in/images/img/image/1949705/ 1 KB
2 KB 154ms
4ms Image
image/svg+xml 2600:9000:20c7:5800:15:24c5:bfc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.workadvantage.in/images/img/image/1949705/5893ceb3bd.svg
Requested by: Host: merck.advantageclub.co
URL: https://merck.advantageclub.co/static/css/main.4bb2c328.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c7:5800:15:24c5:bfc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 797a6a7cfeff9738a4ca38b4907303d092226718404b191d0e4746b10f5bc542

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://merck.advantageclub.co/
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 16 May 2024 13:06:38 GMT
x-amz-version-id: Jj9iEBXhYYSLd6DQIz0l8gihZUQhBApK
Via: 1.1 7d8cd6b1cab0712d291c381dc839b042.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN5-C1
Age: 67187
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1153
Last-Modified: Wed, 15 May 2024 11:42:26 GMT
Server: AmazonS3
ETag: "2c0af54ce4edc05b748c3a39bf913664"
Vary: Origin
Content-Type: image/svg+xml
Accept-Ranges: bytes
X-Amz-Cf-Id: LkU3BfTsBpc914HKyhy21msBh0Lz0AHfy3l2_csNxoBPyRaTM-LhZg==

GET
H2 200 QGYvz_MVcBeNP4NJtEtq.woff2
fonts.gstatic.com/s/outfit/v11/ 32 KB
32 KB 16ms
4ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/outfit/v11/QGYvz_MVcBeNP4NJtEtq.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Outfit:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://merck.advantageclub.co
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 07:48:06 GMT
x-content-type-options: nosniff
age: 172697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32272
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 23:30:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 07:48:06 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/ 25 KB
25 KB 35ms
35ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da313b0467f7c1b18d981672b23461add31e3ad41988c30101bdaabb074e446

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
Origin: https://merck.advantageclub.co
Accept-Language: zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 07:46:23 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 208843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25236
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6373d4a6-6294"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PeA8n0hcg%2F4b2jWfL809mEBC%2FBhmsemiDY2bRW%2FSsLPybNDjjMczBerszAPuOAqQx6GZLxeEYV4IrTQQJBuc44VBMOJxArEjaiA2yGMdOvwKXRXvWnV1thH%2BmdEZawO5k%2Fsb96h9"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8851fe538dd89c99-SIN
expires: Wed, 07 May 2025 07:46:23 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.advantageclub.co/	1970-01-20 20:48:56	Name: AWSALB Value: z6pPBBXBVxxb2l3WJrM7qAG1WUPwpyc9gMW1MvpRbL7Q+Cb9Y4xfjbOza8/F8FfyvaJB3T1/Lvt+4fu1KwNhG2dWnfTmkbXyPtUGVovyXMaZWDIjQDR4c+bb5XfE
			www.advantageclub.co/	1970-01-20 20:48:56	Name: AWSALBCORS Value: z6pPBBXBVxxb2l3WJrM7qAG1WUPwpyc9gMW1MvpRbL7Q+Cb9Y4xfjbOza8/F8FfyvaJB3T1/Lvt+4fu1KwNhG2dWnfTmkbXyPtUGVovyXMaZWDIjQDR4c+bb5XfE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://merck.advantageclub.co/forgot_Password/9dSRqijxNPSMstijx-yt Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://merck.advantageclub.co/forgot_Password/9dSRqijxNPSMstijx-yt Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn1.workadvantage.in
cdn2.workadvantage.in
cdn3.workadvantage.in
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
merck.advantageclub.co
secure.workadvantage.in
www.advantageclub.co
104.17.25.14
18.141.21.86
2404:6800:4003:c01::5f
2404:6800:4003:c1a::5e
2600:9000:20c7:0:15:24c5:bfc0:93a1
2600:9000:20c7:5800:15:24c5:bfc0:93a1
43.205.102.246
65.0.206.38
0e91ce587f4b5ffc030a8676e92a4ad12e65bbbeb0d20660ea255566350ec3bd
165c553dc2534021e08a5cf4738c55b05e20e74e79afa6b512a3020a269dba19
1672f852be5a5107b917c0f1fabc627663e006913ca6e32bac78b72f337390ec
2ea0e01acc02e6b014d88115dece843b3ef054f36b729d505a6ab81c43f6a806
32387ac4c57248b605751bf5655e048e26865e5f6ae4e2098a8e495eaa5e6927
45447a2b45991ea4e67ff0866444ca07fcf62c28dbfd5fa072ab76d3d0c46390
529ebb9efdaaedf320e36a560052ad1c1e552f78b84aeb1e093dea8e6abc05c7
5da313b0467f7c1b18d981672b23461add31e3ad41988c30101bdaabb074e446
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5
797a6a7cfeff9738a4ca38b4907303d092226718404b191d0e4746b10f5bc542
b680bb98f62ad171f239a1d9d927571cb4ed538d2b6d9793d49efa42c9dbf07f
ce6acec4e9c4a59915f025fadb0711bc5506b70031a867449c6a5624afeb21ff
cfad3e15e648edee40eb1d9ac5c957d0a9c06af8515e9f65df41c452d8197497

merck.advantageclub.co Open in urlscan Pro 18.141.21.86 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

50 %IPv6

5 Domains

9 Subdomains

8 IPs

4 Countries

6723 kBTransfer

6794 kBSize

2 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

merck.advantageclub.co Open in urlscan Pro
18.141.21.86 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

50 %
IPv6

5
Domains

9
Subdomains

8
IPs

4
Countries

6723 kB
Transfer

6794 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions