click.mercer.finupdates.com Open in urlscan Pro
34.250.84.247 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://click.mercer.finupdates.com/viewinbrowser?d=Yz02NDA4Ng%3D%3D&t=AB12ABCDEFGHIJKLMNOPQDA%3D&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14...
Submission: On September 06 via api (September 6th 2022, 2:32:39 pm UTC) from CH — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 2 domains to perform 8 HTTP transactions. The main IP is 34.250.84.247, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is click.mercer.finupdates.com.

This is the only time click.mercer.finupdates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	34.250.84.247 34.250.84.247	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:249... 2600:9000:2490:ac00:1b:72bf:cb80:21	16509 (AMAZON-02) (AMAZON-02)
1	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	3

2 34.250.84.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-84-247.eu-west-1.compute.amazonaws.com

click.mercer.finupdates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2490:ac00:1b:72bf:cb80:21 (United States)

ASN16509 (AMAZON-02, US)

images.finupdates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

info.mercer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	finupdates.com click.mercer.finupdates.com images.finupdates.com	29 KB
1	mercer.com info.mercer.com — Cisco Umbrella Rank: 820816	39 KB
8	2

	Domain	Requested by
5	images.finupdates.com	click.mercer.finupdates.com
2	click.mercer.finupdates.com	click.mercer.finupdates.com
1	info.mercer.com	click.mercer.finupdates.com
8	3

This site contains no links.

Subject Issuer	Validity	Valid
info.mercer.com Cloudflare Inc ECC CA-3	`2022-08-12` - `2023-08-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://click.mercer.finupdates.com/viewinbrowser?d=Yz02NDA4Ng%3D%3D&t=AB12ABCDEFGHIJKLMNOPQDA%3D&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14&m=EMAIL_ID%3D1809340
Frame ID: B79AA859973074A909D85D97EEBEB141
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mercer

Page Statistics

8
Requests

13 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

68 kB
Transfer

107 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request viewinbrowser Show response
click.mercer.finupdates.com/ 52 KB
10 KB 591ms
461ms Document
text/html 34.250.84.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://click.mercer.finupdates.com/viewinbrowser?d=Yz02NDA4Ng%3D%3D&t=AB12ABCDEFGHIJKLMNOPQDA%3D&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14&m=EMAIL_ID%3D1809340
Protocol: HTTP/1.1
Server: 34.250.84.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-84-247.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1e7e66cf25d3541c4fdc338d0c28b2b74be22dd0616945cdc7ad261d7e0ea992

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 10107
Content-Type: text/html; charset=utf-8
Date: Tue, 06 Sep 2022 14:32:33 GMT
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

GET
H/1.1 200
OK mercer.png
images.finupdates.com/live/64086/ 5 KB
5 KB 82ms
8ms Image
image/png 2600:9000:2490:ac00:1b:72bf:cb80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.finupdates.com/live/64086/mercer.png
Requested by: Host: click.mercer.finupdates.com
URL: http://click.mercer.finupdates.com/viewinbrowser?d=Yz02NDA4Ng%3D%3D&t=AB12ABCDEFGHIJKLMNOPQDA%3D&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14&m=EMAIL_ID%3D1809340
Protocol: HTTP/1.1
Server: 2600:9000:2490:ac00:1b:72bf:cb80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebec8f8a713337e5c24aca882f2a52264d38e9f2bbd26de9e8b8ddcebc6757b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click.mercer.finupdates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 13:01:38 GMT
Via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
Last-Modified: Tue, 06 Sep 2022 08:40:43 GMT
Server: AmazonS3
Age: 5457
ETag: "033f02f8c3242a8b444b52a26be512ce"
X-Cache: Hit from cloudfront
x-amz-version-id: ZAa0RXBpchtx_80StdHxY5F0rh.tBGLq
Connection: keep-alive
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA56-P6
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 4877
X-Amz-Cf-Id: s3M_Te_4YM-h7uwGerB4eMHQDldyBEOT2uG7n2LuAsX6g2dVDsrU-Q==

GET
H/1.1 200
OK logo.png
images.finupdates.com/live/64086/ 2 KB
2 KB 80ms
7ms Image
image/png 2600:9000:2490:ac00:1b:72bf:cb80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.finupdates.com/live/64086/logo.png
Requested by: Host: click.mercer.finupdates.com
URL: http://click.mercer.finupdates.com/viewinbrowser?d=Yz02NDA4Ng%3D%3D&t=AB12ABCDEFGHIJKLMNOPQDA%3D&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14&m=EMAIL_ID%3D1809340
Protocol: HTTP/1.1
Server: 2600:9000:2490:ac00:1b:72bf:cb80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe28d790d4a08f29002c0f894784ffef57a7f361f4fb1b5f61dc0a52ea31b8ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click.mercer.finupdates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 13:01:38 GMT
Via: 1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
Last-Modified: Tue, 06 Sep 2022 08:40:43 GMT
Server: AmazonS3
Age: 5457
ETag: "649894f258545d361af7cfec5976257a"
X-Cache: Hit from cloudfront
x-amz-version-id: vUIGeiprNglZkq7SkfoxWCj1ukvnV5ED
Connection: keep-alive
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA56-P6
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1725
X-Amz-Cf-Id: MrbYZ-46ObYu9L9MhZQN2EosjiWORZ4m90lwa20R_WlJg1Ls21pBlA==

GET
H/1.1 200
OK facebook.png
images.finupdates.com/live/64086/ 2 KB
3 KB 64ms
9ms Image
image/png 2600:9000:2490:ac00:1b:72bf:cb80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.finupdates.com/live/64086/facebook.png
Requested by: Host: click.mercer.finupdates.com
URL: http://click.mercer.finupdates.com/viewinbrowser?d=Yz02NDA4Ng%3D%3D&t=AB12ABCDEFGHIJKLMNOPQDA%3D&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14&m=EMAIL_ID%3D1809340
Protocol: HTTP/1.1
Server: 2600:9000:2490:ac00:1b:72bf:cb80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20b08ac58c48e2d8e5ba4303e435be971beb8cf00561306dd741eb929f5cc2ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click.mercer.finupdates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 13:01:38 GMT
Via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
Last-Modified: Tue, 06 Sep 2022 08:40:43 GMT
Server: AmazonS3
Age: 5457
ETag: "890f13e2b1739df0dff1db6b02cc9766"
X-Cache: Hit from cloudfront
x-amz-version-id: Mcv5YVGcsPneYTp.7A_J4jcM8hmEtc11
Connection: keep-alive
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA56-P6
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2261
X-Amz-Cf-Id: Hp_zpomycbQgiKbJ5uARZD4YhJXvK1ac7zHUywaMIrzXNnQX3UCcTA==

GET
H/1.1 200
OK linkedin.png
images.finupdates.com/live/64086/ 3 KB
3 KB 63ms
8ms Image
image/png 2600:9000:2490:ac00:1b:72bf:cb80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.finupdates.com/live/64086/linkedin.png
Requested by: Host: click.mercer.finupdates.com
URL: http://click.mercer.finupdates.com/viewinbrowser?d=Yz02NDA4Ng%3D%3D&t=AB12ABCDEFGHIJKLMNOPQDA%3D&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14&m=EMAIL_ID%3D1809340
Protocol: HTTP/1.1
Server: 2600:9000:2490:ac00:1b:72bf:cb80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 685e6787c4264b09cb3b70df3b626d58e80542c8730dcea115bf129ece1b3de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click.mercer.finupdates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 13:01:38 GMT
Via: 1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
Last-Modified: Tue, 06 Sep 2022 08:40:43 GMT
Server: AmazonS3
Age: 5457
ETag: "e4303a2d1b39d037274385659dffaff6"
X-Cache: Hit from cloudfront
x-amz-version-id: iZUxFP6zHPxQAJAwluKB.k9nv7L3BBda
Connection: keep-alive
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA56-P6
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2980
X-Amz-Cf-Id: lkSWYoYfDCaUxxGL5Iqm6UKaejE3uYFZjqCFdS2FYYfCi8rzJFBbnA==

GET
H/1.1 200
OK twitter.png
images.finupdates.com/live/64086/ 4 KB
5 KB 65ms
9ms Image
image/png 2600:9000:2490:ac00:1b:72bf:cb80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images.finupdates.com/live/64086/twitter.png
Requested by: Host: click.mercer.finupdates.com
URL: http://click.mercer.finupdates.com/viewinbrowser?d=Yz02NDA4Ng%3D%3D&t=AB12ABCDEFGHIJKLMNOPQDA%3D&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14&m=EMAIL_ID%3D1809340
Protocol: HTTP/1.1
Server: 2600:9000:2490:ac00:1b:72bf:cb80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44f3d98837310736df2c90b1fdf431c9e4b9731097969ad526ca0df8125ffb8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click.mercer.finupdates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Tue, 06 Sep 2022 13:01:38 GMT
Via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
Last-Modified: Tue, 06 Sep 2022 08:40:43 GMT
Server: AmazonS3
Age: 5457
ETag: "e328d241c1fc62de0279c034d8ac1e5b"
X-Cache: Hit from cloudfront
x-amz-version-id: p_lV1rCre9T0upZgi8Xp_ERClV1Uulwv
Connection: keep-alive
x-amz-replication-status: COMPLETED
X-Amz-Cf-Pop: FRA56-P6
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 4199
X-Amz-Cf-Id: eH4iR7Jeu_j7LiOCGfKppEA5L_mnzJQYDLIhocyxVRmQIXOh7gL2wQ==

GET
H/1.1 200
OK open
click.mercer.finupdates.com/ 67 B
327 B 147ms
147ms Image
image/png 34.250.84.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://click.mercer.finupdates.com/open?t=AB12ABCDEFGHIJKLMNOPQDA=&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14
Requested by: Host: click.mercer.finupdates.com
URL: http://click.mercer.finupdates.com/viewinbrowser?d=Yz02NDA4Ng%3D%3D&t=AB12ABCDEFGHIJKLMNOPQDA%3D&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14&m=EMAIL_ID%3D1809340
Protocol: HTTP/1.1
Server: 34.250.84.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-84-247.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click.mercer.finupdates.com/viewinbrowser?d=Yz02NDA4Ng%3D%3D&t=AB12ABCDEFGHIJKLMNOPQDA%3D&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14&m=EMAIL_ID%3D1809340
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Sep 2022 14:32:34 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 67
Expires: -1

GET
H2 200 wm-hero-740.jpg
info.mercer.com/rs/521-DEV-513/images/ 38 KB
39 KB 635ms
190ms Image
image/jpeg 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.mercer.com/rs/521-DEV-513/images/wm-hero-740.jpg

Requested by

Host: click.mercer.finupdates.com
URL: http://click.mercer.finupdates.com/viewinbrowser?d=Yz02NDA4Ng%3D%3D&t=AB12ABCDEFGHIJKLMNOPQDA%3D&h=AB12ABCDEFGHIJKLMNOPQ6BABADD0D14&m=EMAIL_ID%3D1809340

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d058b306836c5126cc405303fcf4d0b933b209d10cd57e60c54b88c1a58e9adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click.mercer.finupdates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 14:32:35 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Fri, 02 Sep 2022 09:03:59 GMT
server: cloudflare
etag: "24f63-99f3-5e7ae02b243f2"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 7467ea345d136903-FRA
content-length: 39411
expires: Tue, 06 Sep 2022 14:33:35 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.info.mercer.com/	1970-01-20 05:47:56	Name: __cf_bm Value: MFeuAgddpuhN0wzJmPYnG9xXc27KBK97q.dUNKZSvN4-1662474755-0-AXlD33DSdwgf8DdyjA0ulW/md/n9e/tpHoA49w0z20m34qCMnCBiHImiizDdxuVczQKUJi2NnJVeRz/EVK5uDiY=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.mercer.finupdates.com
images.finupdates.com
info.mercer.com
104.17.72.206
2600:9000:2490:ac00:1b:72bf:cb80:21
34.250.84.247
1e7e66cf25d3541c4fdc338d0c28b2b74be22dd0616945cdc7ad261d7e0ea992
20b08ac58c48e2d8e5ba4303e435be971beb8cf00561306dd741eb929f5cc2ba
44f3d98837310736df2c90b1fdf431c9e4b9731097969ad526ca0df8125ffb8f
685e6787c4264b09cb3b70df3b626d58e80542c8730dcea115bf129ece1b3de0
d058b306836c5126cc405303fcf4d0b933b209d10cd57e60c54b88c1a58e9adf
e0ee6ce31a24984036bfd39b55ea8d696734e1eaa40c30010cf12c63fd04e196
ebec8f8a713337e5c24aca882f2a52264d38e9f2bbd26de9e8b8ddcebc6757b1
fe28d790d4a08f29002c0f894784ffef57a7f361f4fb1b5f61dc0a52ea31b8ff

click.mercer.finupdates.com Open in urlscan Pro 34.250.84.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

13 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

3 IPs

3 Countries

68 kBTransfer

107 kBSize

1 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

1 Cookies

Indicators

click.mercer.finupdates.com Open in urlscan Pro
34.250.84.247 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

13 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

3
Countries

68 kB
Transfer

107 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions