fedsso3.gilead.com
Open in
urlscan Pro
192.156.237.215
Public Scan
Submitted URL: https://gsf.my.salesforce.com/?c=OF73UJX.arMSC1EsLk2Lt7vEJ.CKvjlw0_.qwHeFCqgNkJ.yicQCMvFkQZo3p6cn41vMoLmkDDtpSQ4J8ix2UkX.SJecs...
Effective URL: https://fedsso3.gilead.com/idp/SSO.saml2?SAMLRequest=fZJdc6owEIb%2FCpN7MEBLkSl2Ara2pyryobXeOBEDYiEREkD99cfqcY7nXHRn9mJn9919...
Submission: On November 03 via manual from US — Scanned from DE
Effective URL: https://fedsso3.gilead.com/idp/SSO.saml2?SAMLRequest=fZJdc6owEIb%2FCpN7MEBLkSl2Ara2pyryobXeOBEDYiEREkD99cfqcY7nXHRn9mJn9919...
Submission: On November 03 via manual from US — Scanned from DE
Summary
This website contacted 1 IPs
in 1 countries
across 2 domains to perform 6 HTTP transactions.
The main IP is 192.156.237.215, located in
Corona, United States and
belongs to CENTURYLINK-LEGACY-LVLT-203, US.
The main domain is fedsso3.gilead.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 3rd 2020. Valid for: 2 years.
This is the only time fedsso3.gilead.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 3rd 2020. Valid for: 2 years.
This is the only time fedsso3.gilead.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 2 | 13.110.2.46 13.110.2.46 | 14340 (SALESFORCE) (SALESFORCE) | |
| 6 | 192.156.237.215 192.156.237.215 | 203 (CENTURYLI...) (CENTURYLINK-LEGACY-LVLT-203) | |
| 6 | 1 |
2
13.110.2.46
(United States)
ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg0-phx3.na81-ph2.my.salesforce.com
ASN14340 (SALESFORCE, US)
PTR: dcl5-ncg0-phx3.na81-ph2.my.salesforce.com
| gsf.my.salesforce.com |
6
192.156.237.215
(Corona, United States)
ASN203 (CENTURYLINK-LEGACY-LVLT-203, US)
ASN203 (CENTURYLINK-LEGACY-LVLT-203, US)
| fedsso3.gilead.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 6 |
gilead.com
fedsso3.gilead.com |
24 KB |
| 2 |
salesforce.com
2 redirects
gsf.my.salesforce.com |
3 KB |
| 6 | 2 |
| Domain | Requested by | |
|---|---|---|
| 6 | fedsso3.gilead.com |
fedsso3.gilead.com
|
| 2 | gsf.my.salesforce.com | 2 redirects |
| 6 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| mfa.gilead.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.gilead.com DigiCert SHA2 Secure Server CA |
2020-02-03 - 2022-04-11 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://fedsso3.gilead.com/idp/SSO.saml2?SAMLRequest=fZJdc6owEIb%2FCpN7MEBLkSl2Ara2pyryobXeOBEDYiEREkD99cfqcY7nXHRn9mJn9919J3ken%2FZFLjWk4hmjNlAVCCRCY7bOaGqDafQim%2BCp98hxke8sVIsNDUhZEy6kk45y69ywQV1Ri2GecYvignBLxFaIRkNLU6C1q5hgMcuBhDgnlTgdchnldUGqkFRNFpNpMLTBRogdtzqdlCdKcVA4zglPWBUTJWbFE2c2hH3dgOdoSrQFUv9kI6NYnJ1f5QlZc850Jc1ygtff2k623nXC0FO%2BvWpAeuvbYKm56BRzFZYzh476qP0%2Fv9tG%2FuzEbfU%2B9h78QbSj5j5GPi7uofy8YHpdJ4Nj33FLcTT9iuxbUQ4Io9XmgN67L4324o1GjjzI0dxzm7s4fYhnZhCYjavF9Ze%2FTkPnaHwOvHYyNFJ3OQu54fSD6TYbxb9WbXm3KnNjVSw%2BAi0Lk5lvavkQy3etQ3R2HxwgrmDu7lq8nM%2BDT1SUr0l53%2F1Kmq0rhybdjtN3CEXu7qGPTKNZ0bFYfRSm45RouWEmTo4bddMsDmm0nXYL1Xs71MVyDR8wYl%2BjeoY84msfun96Lc5r8ka5wFTYQIOaKquqDPUIGpamW6quqGZ3AaTJn192Mnph5yckVpchbr1G0USeeGEEpNmVwdMAuBBnnY9XN6j9vBZf%2BQK9W5r%2BovDYuVnbu1T%2FYt37DQ%3D%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=WuOwlVeBYfB5AZN8%2BScZtUVfS%2BhpD0%2FIf92vOqvVeTRCfODGAwajn15WzaddQL1a5eNA8x95sBCK81zn2js3sbj9ROSA0r2X8wTfU4QOwiSDX7kv4fiZUt7NfPh5A9yTVknKEL5psCROwnuY5MoUxe4d93YygWMvL77Rz4qMlZ1aSLaBtTqunf6OF54vLbbjPI0gcXYHx6Aroo%2BgzisfmejDDUwrd%2FYUF1TkydYsOxm2BT6TtWkBfPVRINs4fadDX7voC3ZRZtJwoLYazyCyHglkmFmJtBofhcWRqMeBNcTiy1MJOzuiUc88bxEqjRRKUZBmo6FNRb4%2FG4ktydJFygCU4fgL4j249WdOyQSK6uLUVgNhF%2BcZWfXFazWu31sLWxcaT4er702QhbaLz5VxsN8%2BcOaP9aiyL2qW1L9tBUkgbyg521l%2Bi7t%2F3LR8G0XhRxRub7QttjYSelhQK0eM5gc2ong0DPX%2FOBIOPhzZZdP25nRGxIua5aU5pYO0A100YUTNDCFCiZcDzHCOzv39e%2BSVXG4y%2BMo9x69ua7YwC%2BSkMqDXvy8xkFGRoYOE0dOCOnUm7FhWppEOPevTf1RJiJsFRkiK49CGkWbEk3h6b%2FCu6IYlBn%2B2vFOE9dkLseYoRuRmzY1xdhdblGZQYc88%2FWxMERwqx%2B0aG68eHv67XF0%3D
Frame ID: A5A993DE3CC67AE98D1591916C561A46
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Sign OnPage URL History Show full URLs
-
https://gsf.my.salesforce.com/?c=OF73UJX.arMSC1EsLk2Lt7vEJ.CKvjlw0_.qwHeFCqgNkJ.yicQCMvFkQZo3p6cn41vMoLmkD...
HTTP 302
https://gsf.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX10qVBnMDAwMDAwMDAwMDAwMDAwAAA... HTTP 302
https://fedsso3.gilead.com/idp/SSO.saml2?SAMLRequest=fZJdc6owEIb%2FCpN7MEBLkSl2Ara2pyryobXeOBEDYiEREkD9... Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://mfa.gilead.com/mfaportal/
Title: Change Access Preferences
Title: Change Access Preferences
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://gsf.my.salesforce.com/?c=OF73UJX.arMSC1EsLk2Lt7vEJ.CKvjlw0_.qwHeFCqgNkJ.yicQCMvFkQZo3p6cn41vMoLmkDDtpSQ4J8ix2UkX.SJecsdZfiKsV3zT24kAHxlBhcr30yW.ly.bLYwsaAOgzZIqG
HTTP 302
https://gsf.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAX10qVBnMDAwMDAwMDAwMDAwMDAwAAAA6lEBcwrKNO7QGTpn8xcAQam50-EZo3uufGzDBCqtz8QrexwtqGeonrhyAK9Fv2FOMMB-GlAXOCv4cg7cV8RR8vC2cukQdgSBz6YGOwPL6gC_VSs6BDRUjiMcJbwq4bql6bmZWR2iSfVQ82lLa-4wBe3o5Ry0ar0lCpwa_XXRYAmqHfq59kfvjC-S8njNgK00tlCx0QA86vbnNtbWm8BBqA_ho8afzh1hvZygTjU9m1OIyum_d07aAokMuVAOeQ2W3Q&saml_acs=https%3A%2F%2Fgsf.my.salesforce.com%3Fso%3D00D36000000vqAj&saml_binding_type=HttpRedirect&Issuer=https%3A%2F%2Fgsf.gilead.com&samlSsoConfig=0LE360000004Low&RelayState=%2F HTTP 302
https://fedsso3.gilead.com/idp/SSO.saml2?SAMLRequest=fZJdc6owEIb%2FCpN7MEBLkSl2Ara2pyryobXeOBEDYiEREkD99cfqcY7nXHRn9mJn9919J3ken%2FZFLjWk4hmjNlAVCCRCY7bOaGqDafQim%2BCp98hxke8sVIsNDUhZEy6kk45y69ywQV1Ri2GecYvignBLxFaIRkNLU6C1q5hgMcuBhDgnlTgdchnldUGqkFRNFpNpMLTBRogdtzqdlCdKcVA4zglPWBUTJWbFE2c2hH3dgOdoSrQFUv9kI6NYnJ1f5QlZc850Jc1ygtff2k623nXC0FO%2BvWpAeuvbYKm56BRzFZYzh476qP0%2Fv9tG%2FuzEbfU%2B9h78QbSj5j5GPi7uofy8YHpdJ4Nj33FLcTT9iuxbUQ4Io9XmgN67L4324o1GjjzI0dxzm7s4fYhnZhCYjavF9Ze%2FTkPnaHwOvHYyNFJ3OQu54fSD6TYbxb9WbXm3KnNjVSw%2BAi0Lk5lvavkQy3etQ3R2HxwgrmDu7lq8nM%2BDT1SUr0l53%2F1Kmq0rhybdjtN3CEXu7qGPTKNZ0bFYfRSm45RouWEmTo4bddMsDmm0nXYL1Xs71MVyDR8wYl%2BjeoY84msfun96Lc5r8ka5wFTYQIOaKquqDPUIGpamW6quqGZ3AaTJn192Mnph5yckVpchbr1G0USeeGEEpNmVwdMAuBBnnY9XN6j9vBZf%2BQK9W5r%2BovDYuVnbu1T%2FYt37DQ%3D%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=WuOwlVeBYfB5AZN8%2BScZtUVfS%2BhpD0%2FIf92vOqvVeTRCfODGAwajn15WzaddQL1a5eNA8x95sBCK81zn2js3sbj9ROSA0r2X8wTfU4QOwiSDX7kv4fiZUt7NfPh5A9yTVknKEL5psCROwnuY5MoUxe4d93YygWMvL77Rz4qMlZ1aSLaBtTqunf6OF54vLbbjPI0gcXYHx6Aroo%2BgzisfmejDDUwrd%2FYUF1TkydYsOxm2BT6TtWkBfPVRINs4fadDX7voC3ZRZtJwoLYazyCyHglkmFmJtBofhcWRqMeBNcTiy1MJOzuiUc88bxEqjRRKUZBmo6FNRb4%2FG4ktydJFygCU4fgL4j249WdOyQSK6uLUVgNhF%2BcZWfXFazWu31sLWxcaT4er702QhbaLz5VxsN8%2BcOaP9aiyL2qW1L9tBUkgbyg521l%2Bi7t%2F3LR8G0XhRxRub7QttjYSelhQK0eM5gc2ong0DPX%2FOBIOPhzZZdP25nRGxIua5aU5pYO0A100YUTNDCFCiZcDzHCOzv39e%2BSVXG4y%2BMo9x69ua7YwC%2BSkMqDXvy8xkFGRoYOE0dOCOnUm7FhWppEOPevTf1RJiJsFRkiK49CGkWbEk3h6b%2FCu6IYlBn%2B2vFOE9dkLseYoRuRmzY1xdhdblGZQYc88%2FWxMERwqx%2B0aG68eHv67XF0%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
SSO.saml2
fedsso3.gilead.com/idp/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
screen.1.css
fedsso3.gilead.com/assets/css/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fluid.1.css
fedsso3.gilead.com/assets/css/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fluid.landscape.1.css
fedsso3.gilead.com/assets/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gilead_logo1.gif
fedsso3.gilead.com/gilead/assets/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bg_sprite.1.png
fedsso3.gilead.com/assets/images/ |
2 KB 2 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| postOk function| postCancel function| postOnReturn function| setFocus7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .gsf.my.salesforce.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
| .gsf.my.salesforce.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
| .salesforce.com/ | Name: BrowserId Value: ha-bqjxuEeyzhUvO5Ja8-w |
|
| .salesforce.com/ | Name: BrowserId_sec Value: ha-bqjxuEeyzhUvO5Ja8-w |
|
| gsf.my.salesforce.com/ | Name: QCQQ Value: 7YLAZrR7A78 |
|
| fedsso3.gilead.com/ | Name: PF Value: ZSDTgsCzsCAnOu1bXQoJsOMRz92WBYOmbbgVejqyhEcB |
|
| .fedsso3.gilead.com/ | Name: TS01c06694 Value: 017598cca9ba1dc5138545a62a75c451551ee33f4f3e73eb087a9bcf0b135a98d1b1006432dcc3477b17b1d0d3fba6cfd21a076befb061a4793884c177da9de331f8830dfc |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fedsso3.gilead.com
gsf.my.salesforce.com
13.110.2.46
192.156.237.215
42efe84b9f1e1cc4aa584cae60c436c9882cef3338d5d1220c0b9421ff846040
4a1e324bcce1e0a67b8bfc1f698b175d3c48d2769bf05739f3d0bfff775649b3
4bc18c2a3724b61d8aa698669d3c7c5443bb8d10aa5dfaf0414f4d5dab056654
6b8ed5ffa2ac0d9d0d92f6dbada43f9c42cddf409e9048fe49aa498475c1673d
9ed69ebbe2819041a5fe89c068f9a777025f7558324b550208e596a1421e4619
b924523d619b5a660d779b438e80dfa97846d64d515911bd296e8b05544b6b92