urlscan.io logo urlscan.io
SecurityTrails logo

idp.workhuman.com Open in urlscan Pro
52.222.149.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cloud.workhuman.com/microsites/t/il/merck/awards/135494711
Effective URL: https://idp.workhuman.com/sp/ACS.saml2
Submission: On July 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 4 HTTP transactions. The main IP is 52.222.149.91, located in United States and belongs to AMAZON-02, US. The main domain is idp.workhuman.com. The Cisco Umbrella rank of the primary domain is 36436.
TLS certificate: Issued by Amazon RSA 2048 M02 on January 27th 2023. Valid for: a year.
This is the only time idp.workhuman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 65.9.95.26 16509 (AMAZON-02)
2 52.222.149.91 16509 (AMAZON-02)
1 2 34.233.17.74 14618 (AMAZON-AES)
1 65.9.95.53 16509 (AMAZON-02)
4 3
1    65.9.95.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-26.prg50.r.cloudfront.net
cloud.workhuman.com
2    52.222.149.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-91.cdg52.r.cloudfront.net
idp.workhuman.com
2    34.233.17.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-17-74.compute-1.amazonaws.com
pingfed.merck.com
pingfed.msd.com
1    65.9.95.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-53.prg50.r.cloudfront.net
idp.globoforce.net
Apex Domain
Subdomains		 Transfer
3 workhuman.com
cloud.workhuman.com — Cisco Umbrella Rank: 21336
idp.workhuman.com — Cisco Umbrella Rank: 36436
6 KB
1 globoforce.net
idp.globoforce.net — Cisco Umbrella Rank: 565097
1 msd.com
pingfed.msd.com
5 KB
1 merck.com
pingfed.merck.com — Cisco Umbrella Rank: 920562
142 B
4 4
Domain Requested by
2 idp.workhuman.com
1 idp.globoforce.net idp.workhuman.com
1 pingfed.msd.com
1 pingfed.merck.com 1 redirects
1 cloud.workhuman.com 1 redirects
4 5

This site contains no links.

Subject Issuer Validity Valid
*.workhuman.com
Amazon RSA 2048 M02		 2023-01-27 -
2024-02-25		 a year crt.sh
pingfed.merck.com
Sectigo RSA Organization Validation Secure Server CA		 2023-04-15 -
2024-04-14		 a year crt.sh
*.globoforce.net
Amazon RSA 2048 M01		 2023-04-11 -
2024-05-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://idp.workhuman.com/sp/ACS.saml2
Frame ID: 818CEB3889D79B92F3F48F43FBECC837
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign On Error

Page URL History Show full URLs

  1. https://cloud.workhuman.com/microsites/t/il/merck/awards/135494711 HTTP 302
    https://idp.workhuman.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fpingfed.merck.com%2Fsaml2%2Fidp&... Page URL
  2. https://pingfed.merck.com/idp/SSO.saml2 HTTP 307
    https://pingfed.msd.com/idp/SSO.saml2 Page URL
  3. https://idp.workhuman.com/sp/ACS.saml2 Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

10 kB
Transfer

9 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cloud.workhuman.com/microsites/t/il/merck/awards/135494711 HTTP 302
    https://idp.workhuman.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fpingfed.merck.com%2Fsaml2%2Fidp&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dmerck%26TARGET%3D Page URL
  2. https://pingfed.merck.com/idp/SSO.saml2 HTTP 307
    https://pingfed.msd.com/idp/SSO.saml2 Page URL
  3. https://idp.workhuman.com/sp/ACS.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cloud.workhuman.com/microsites/t/il/merck/awards/135494711 HTTP 302
  • https://idp.workhuman.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fpingfed.merck.com%2Fsaml2%2Fidp&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dmerck%26TARGET%3D
Request Chain 1
  • https://pingfed.merck.com/idp/SSO.saml2 HTTP 307
  • https://pingfed.msd.com/idp/SSO.saml2

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
startSSO.ping
idp.workhuman.com/sp/
Redirect Chain
  • https://cloud.workhuman.com/microsites/t/il/merck/awards/135494711
  • https://idp.workhuman.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fpingfed.merck.com%2Fsaml2%2Fidp&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dm...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://idp.workhuman.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fpingfed.merck.com%2Fsaml2%2Fidp&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dmerck%26TARGET%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-91.cdg52.r.cloudfront.net
Software
/
Resource Hash
11572cbdbbaa0509ba5e097e662d449d6842c97782ed546aeed3aaf1db4dfed0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
1323
content-type
text/html;charset=utf-8
date
Tue, 25 Jul 2023 21:33:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
referrer-policy
origin
via
1.1 d1ac9c701cd8b36557cb10a31c9b36d0.cloudfront.net (CloudFront)
x-amz-cf-id
rFMbnnl8ScCzkrCQITzRI0IrRYRAtuq9CaqUGhZEzP5rByEG9wj7TA==
x-amz-cf-pop
CDG52-P1
x-cache
Miss from cloudfront
x-frame-options
SAMEORIGIN

Redirect headers

content-length
0
content-security-policy
frame-ancestors 'self' *.quicksight.aws.amazon.com outlook.office365.com outlook.office.com teams.microsoft.com.mcas.ms teams.microsoft.com; report-uri https://68cebcfc7e2f58b08b59066f1.report-uri.com/r/d/csp/enforce
date
Tue, 25 Jul 2023 21:33:47 GMT
location
https://idp.workhuman.com/sp/startSSO.ping?PartnerIdpId=https%3A%2F%2Fpingfed.merck.com%2Fsaml2%2Fidp&TARGET=https%3A%2F%2Fcloud.workhuman.com%2Fmicrosites%2Fmotivation%2FSSOEntryPoint%3Fclient%3Dmerck%26TARGET%3D
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
x-amz-cf-id
9rykyxozO-ezhgKmMNXeED-A0ekgZS3jjtkEWoa7TGei2VRe37Iz2A==
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
SSO.saml2
pingfed.msd.com/idp/
Redirect Chain
  • https://pingfed.merck.com/idp/SSO.saml2
  • https://pingfed.msd.com/idp/SSO.saml2
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pingfed.msd.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.17.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-17-74.compute-1.amazonaws.com
Software
/
Resource Hash
0f48a350fd72c3e2ef547bb321eaf99476642e261548d34d7ae8c7d5bb085ce5
Security Headers
Name Value
Content-Security-Policy script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' https://*.merck.com http://*.merck.com; style-src 'self' https://*.merck.com http://*.merck.com; base-uri 'self' https://*.merck.com http://*.merck.com; object-src 'self' https://*.merck.com http://*.merck.com; frame-ancestors 'self' http://*.merck.com https://*.merck.com https://*.kneatgx.com https://*.kneatgxtest.com https://*.jaggaer.com https://merck-promomats-ghh.veevavault.com http://*.ariba.com https://*.ariba.com;

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://idp.workhuman.com
Referer
https://idp.workhuman.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Length
4771
Content-Security-Policy
script-src 'unsafe-inline' 'unsafe-eval' 'self'; img-src 'self' https://*.merck.com http://*.merck.com; style-src 'self' https://*.merck.com http://*.merck.com; base-uri 'self' https://*.merck.com http://*.merck.com; object-src 'self' https://*.merck.com http://*.merck.com; frame-ancestors 'self' http://*.merck.com https://*.merck.com https://*.kneatgx.com https://*.kneatgxtest.com https://*.jaggaer.com https://merck-promomats-ghh.veevavault.com http://*.ariba.com https://*.ariba.com;
Content-Type
text/html;charset=utf-8
Date
Tue, 25 Jul 2023 21:33:49 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://pingfed.msd.com/idp/SSO.saml2
Server
BigIP
Primary Request ACS.saml2
idp.workhuman.com/sp/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://idp.workhuman.com/sp/ACS.saml2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.149.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-91.cdg52.r.cloudfront.net
Software
/
Resource Hash
96221f7aca4b27882b89e5f39056c0a3ef2f4a0654133837233ec3dc8c5881ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://pingfed.msd.com
Referer
https://pingfed.msd.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-length
2650
content-type
text/html;charset=utf-8
date
Tue, 25 Jul 2023 21:33:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
referrer-policy
origin
via
1.1 d1ac9c701cd8b36557cb10a31c9b36d0.cloudfront.net (CloudFront)
x-amz-cf-id
k4E0_Ee4HrP4PyBrXzt2_r1dKDC9G6XwWQ71r93fVoDou53215muwQ==
x-amz-cf-pop
CDG52-P1
x-cache
Miss from cloudfront
x-frame-options
SAMEORIGIN
main.css
idp.globoforce.net/assets/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://idp.globoforce.net/assets/css/main.css
Requested by
Host: idp.workhuman.com
URL: https://idp.workhuman.com/sp/ACS.saml2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-53.prg50.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://idp.workhuman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Domain/Path Name / Value
cloud.workhuman.com/ Name: AWSALB
Value: ApkIYiNtkvO4L6AgrEoOseNYIcjXe5ufDTEMPzJRLOfQOZGTZNGDjQWM8Adi6TIiOYmT/RuesMeFueOp8BsGOJ1KNo6SD1g+yZOZ7VWyWFmdHlXBEpFmdRTdna9Y
cloud.workhuman.com/ Name: AWSALBCORS
Value: ApkIYiNtkvO4L6AgrEoOseNYIcjXe5ufDTEMPzJRLOfQOZGTZNGDjQWM8Adi6TIiOYmT/RuesMeFueOp8BsGOJ1KNo6SD1g+yZOZ7VWyWFmdHlXBEpFmdRTdna9Y
cloud.workhuman.com/ Name: JSESSIONID
Value: 0ED4DCCFDDDC648E348A0A064598BD8A
cloud.workhuman.com/ Name: cf_client
Value: merck
cloud.workhuman.com/ Name: GFDL
Value: %2Fmicrosites%2Ft%2Fhome%3Fclient%3Dmerck%26aid%3D135494711
idp.workhuman.com/ Name: PF
Value: 5rtQ8IgnFYzzb6nHtREuk7
pingfed.msd.com/ Name: PF
Value: az5xl7Nn7RUfyvDKul66e4

1 Console Messages

Source Level URL
Text
network error URL: https://idp.globoforce.net/assets/css/main.css
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN