urlscan.io logo urlscan.io
SecurityTrails logo

tpm.ansira.com Open in urlscan Pro
20.112.213.88  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mckesson-health-mart.zendesk.com/
Effective URL: https://tpm.ansira.com/SSO/Error.aspx?id=179040&e=80
Submission: On February 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 20.112.213.88, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is tpm.ansira.com. The Cisco Umbrella rank of the primary domain is 910458.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 15th 2023. Valid for: a year.
This is the only time tpm.ansira.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 104.16.51.111 13335 (CLOUDFLAR...)
4 20.112.213.88 8075 (MICROSOFT...)
4 1
Apex Domain
Subdomains		 Transfer
4 ansira.com
tpm.ansira.com — Cisco Umbrella Rank: 910458
13 KB
2 zendesk.com
mckesson-health-mart.zendesk.com
2 KB
4 2
Domain Requested by
4 tpm.ansira.com tpm.ansira.com
2 mckesson-health-mart.zendesk.com 2 redirects
4 2

This site contains no links.

Subject Issuer Validity Valid
*.ansira.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-15 -
2024-06-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://tpm.ansira.com/SSO/Error.aspx?id=179040&e=80
Frame ID: EB097AE4F76EB3D77C33BD987BE6396A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ansira SSO Error

Page URL History Show full URLs

  1. https://mckesson-health-mart.zendesk.com/ HTTP 301
    https://mckesson-health-mart.zendesk.com/access HTTP 302
    https://tpm.ansira.com/SSO/zendesk/ssoout.aspx?brand_id=25840390071315&locale_id=1&return_to=https%... Page URL
  2. https://tpm.ansira.com/SSO/Error.aspx?id=179040&e=80 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)
  • <input[^>]+name="__VIEWSTATE

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

13 kB
Transfer

17 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mckesson-health-mart.zendesk.com/ HTTP 301
    https://mckesson-health-mart.zendesk.com/access HTTP 302
    https://tpm.ansira.com/SSO/zendesk/ssoout.aspx?brand_id=25840390071315&locale_id=1&return_to=https%3A%2F%2Fmckesson-health-mart.zendesk.com&timestamp=1706823607 Page URL
  2. https://tpm.ansira.com/SSO/Error.aspx?id=179040&e=80 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://mckesson-health-mart.zendesk.com/ HTTP 301
  • https://mckesson-health-mart.zendesk.com/access HTTP 302
  • https://tpm.ansira.com/SSO/zendesk/ssoout.aspx?brand_id=25840390071315&locale_id=1&return_to=https%3A%2F%2Fmckesson-health-mart.zendesk.com&timestamp=1706823607

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ssoout.aspx
tpm.ansira.com/SSO/zendesk/
Redirect Chain
  • https://mckesson-health-mart.zendesk.com/
  • https://mckesson-health-mart.zendesk.com/access
  • https://tpm.ansira.com/SSO/zendesk/ssoout.aspx?brand_id=25840390071315&locale_id=1&return_to=https%3A%2F%2Fmckesson-health-mart.zendesk.com&timestamp=1706823607
571 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpm.ansira.com/SSO/zendesk/ssoout.aspx?brand_id=25840390071315&locale_id=1&return_to=https%3A%2F%2Fmckesson-health-mart.zendesk.com&timestamp=1706823607
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.112.213.88 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Access-Control-Request-Headers
origin, x-requested-with
Access-Control-Request-Method
POST
Cache-Control
private
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Feb 2024 21:40:07 GMT
Origin
https://tpm.ansira.com
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
84ed59d94cd6336e-MIA
content-length
238
content-type
text/html; charset=utf-8
date
Thu, 01 Feb 2024 21:40:07 GMT
location
https://tpm.ansira.com/SSO/zendesk/ssoout.aspx?brand_id=25840390071315&locale_id=1&return_to=https%3A%2F%2Fmckesson-health-mart.zendesk.com&timestamp=1706823607
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI DSP COR NID ADMa OPTa OUR NOR"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9i3JbyfHczBJp2SBULOTYyIWUtGQsIOTxzdr7qWmD2PUqVB086del%2FGyOc2MzYxoT1XdcfcQ%2FG%2F%2FKJwSRd%2FNY%2Bd9pCNRTR8JqkMWkWaCMiPK0q%2B23EyknSZDKEI8EkS6mZzt0QpE9L4QnBp6E4Su%2Fvu"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=259200; includeSubDomains
x-request-id
84ed59d94cd6336e-MIA 84ed59d94cd6336e-MIA
x-runtime
0.090044
x-zendesk-origin-server
classic-app-server-5f65fd7469-6clbf
x-zendesk-zorg
yes
Primary Request Error.aspx
tpm.ansira.com/SSO/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpm.ansira.com/SSO/Error.aspx?id=179040&e=80
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.112.213.88 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0d4ba7d0199cb91b965a4db2d20f355b63ea74d1d83a7109413f503a0136a64f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://tpm.ansira.com
Referer
https://tpm.ansira.com/SSO/zendesk/ssoout.aspx?brand_id=25840390071315&locale_id=1&return_to=https%3A%2F%2Fmckesson-health-mart.zendesk.com&timestamp=1706823607
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Access-Control-Request-Headers
origin, x-requested-with
Access-Control-Request-Method
POST
Cache-Control
private
Content-Encoding
gzip
Content-Length
1732
Content-Type
text/html; charset=utf-8
Date
Thu, 01 Feb 2024 21:40:07 GMT
Origin
https://tpm.ansira.com
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
main.css
tpm.ansira.com/SSO/App_Themes/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tpm.ansira.com/SSO/App_Themes/main.css
Requested by
Host: tpm.ansira.com
URL: https://tpm.ansira.com/SSO/Error.aspx?id=179040&e=80
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.112.213.88 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e8d04320ba0b78b09ad2f8f972ad04098317f7c7a0e3871d1e6f5c88ca7a2eae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpm.ansira.com/SSO/Error.aspx?id=179040&e=80
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 21:40:07 GMT
Content-Encoding
gzip
Access-Control-Request-Method
POST
X-Content-Type-Options
nosniff
Last-Modified
Tue, 31 Oct 2023 21:50:02 GMT
Origin
https://tpm.ansira.com
ETag
"ff4a6f3344cda1:0"
Vary
Accept-Encoding
X-Frame-Options
DENY
Content-Type
text/css
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
2561
Access-Control-Request-Headers
origin, x-requested-with
ansira_logo.png
tpm.ansira.com/SSO/App_Themes/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpm.ansira.com/SSO/App_Themes/ansira_logo.png
Requested by
Host: tpm.ansira.com
URL: https://tpm.ansira.com/SSO/Error.aspx?id=179040&e=80
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.112.213.88 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d9d1020245ab7b06fe2766ca69bb236a41903ece9d63ee7982bc8b66ed52eaca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpm.ansira.com/SSO/Error.aspx?id=179040&e=80
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 01 Feb 2024 21:40:07 GMT
Access-Control-Request-Method
POST
X-Content-Type-Options
nosniff
Origin
https://tpm.ansira.com
Last-Modified
Tue, 31 Oct 2023 21:50:02 GMT
ETag
"ff4a6f3344cda1:0"
X-Frame-Options
DENY
Content-Type
image/png
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
6080
Access-Control-Request-Headers
origin, x-requested-with

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
mckesson-health-mart.zendesk.com/ Name: _zendesk_shared_session
Value: -QXlNc3Q0dVdPTW00MU9JUVZlbHQzRnl6ejNnR08zZkM3UEd5djVlQW9sSk1TbTlQaVMyT1UrdVJkZGo4Z00wbVFwMnl0eXM2U3JDbTJ3MkNzMm04TE1XVFo0S05HaFdSOWgxWk5aWFBPdkdrR2d0TVpXWEo1ZTY5MTJZMEVSNGQ5QitZZUhZWUdtbm5xaTB4SHpmek13PT0tLVoydnRITUM1UEZkUUc3VjRiaWo5bnc9PQ%3D%3D--1f379a3391a0090dce476e5ca059a81ac0dc8e99
.mckesson-health-mart.zendesk.com/ Name: __cfruid
Value: 3782acfee61858cefbb6bd263bd509b99acf57e7-1706823607
mckesson-health-mart.zendesk.com/ Name: _zendesk_session
Value: LrzMw3kqKoVnQsqQp6myAp29Qhh0FWZhCH6T5KzgeFHpHswXdJ47GepqtKSJfx8ttk8tFFhP7J2C0zx59cwhXERbZmlKKPGFeq6k5kEoB%2FG1ybUIxje2umf%2B%2F1IqmbU4fdnEKkY7h02H9HNzYaipTjIyEUH06AEbx5pi7dQmmPCICExm2xh5Yx2vcA9C7maA%2Fin%2B1hmVaeX4ENuQtKr4CBZjed0DPmmVLdOl%2FzkEq%2Fz0GPT0vudRMnjUZpktGwueMjpyu0CLt%2FQG3CsVs2pFC8UjY6Nkpr4ULT5oCet124LdMN4mDLiCp4xTNfmt3Aj%2BJCvvqrkrAoys8PHh573itmVXJ4rkLZMp3uFygeHr0MuP9YHIcRQqJFUefJwkDmzZHxAUIS9ao0hWAyzrpUotSA%3D%3D--NmwW4Ym8LsplZZr8--rEbNQdsiVsPRqOQH3xDI5A%3D%3D
tpm.ansira.com/ Name: TS01d6e56a
Value: 01adfa1b01cda9b66b399901c228b48316705f89a556b875ece8ca3d34575c1ef84556e99260bf2dd6ba64560073c27f1816a16941
tpm.ansira.com/ Name: TS01d6e56a028
Value: 01f2e662a7adc1b2b8b36a458dd115b18bb9cc4164d8324f1b1e65a84293edf25384762374bc69b0da056e021bb948b826e689fc3a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mckesson-health-mart.zendesk.com
tpm.ansira.com
104.16.51.111
20.112.213.88
0d4ba7d0199cb91b965a4db2d20f355b63ea74d1d83a7109413f503a0136a64f
d9d1020245ab7b06fe2766ca69bb236a41903ece9d63ee7982bc8b66ed52eaca
e8d04320ba0b78b09ad2f8f972ad04098317f7c7a0e3871d1e6f5c88ca7a2eae