urlscan.io logo urlscan.io
SecurityTrails logo

access.gsk.com Open in urlscan Pro
104.109.84.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gskrxna.my.salesforce.com/00T1Q00004iLhgL
Effective URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=htt...
Submission: On October 04 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 104.109.84.248, located in Netherlands and belongs to AKAMAI-ASN1, US. The main domain is access.gsk.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 7th 2018. Valid for: a year.
This is the only time access.gsk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 13.110.8.174 14340 (SALESFORCE)
1 1 23.8.5.241 20940 (AKAMAI-ASN1)
13 104.109.84.248 20940 (AKAMAI-ASN1)
14 2
Apex Domain
Subdomains		 Transfer
14 gsk.com
federation.gsk.com
access.gsk.com
118 KB
2 salesforce.com
gskrxna.my.salesforce.com
4 KB
14 2
Domain Requested by
13 access.gsk.com gskrxna.my.salesforce.com
access.gsk.com
2 gskrxna.my.salesforce.com 1 redirects
1 federation.gsk.com 1 redirects
14 3

This site contains no links.

Subject Issuer Validity Valid
*.my.salesforce.com
DigiCert SHA2 Secure Server CA		 2017-12-03 -
2020-12-02		 3 years crt.sh
access.gsk.com
DigiCert SHA2 Extended Validation Server CA		 2018-08-07 -
2019-11-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Frame ID: 43A2FDEB4A6D3132C0084514E378498B
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://gskrxna.my.salesforce.com/00T1Q00004iLhgL Page URL
  2. https://gskrxna.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAW4oYm3iME8wMVEwMDAwMDA4T0k3AAA... HTTP 302
    https://federation.gsk.com/idp/SSO.saml2?SAMLRequest=hZJbc6IwGIb%2FCpN7kYOtwBQ7KFTYgljA443DIdYoBEiCaH%2... HTTP 302
    https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping... Page URL

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

119 kB
Transfer

162 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gskrxna.my.salesforce.com/00T1Q00004iLhgL Page URL
  2. https://gskrxna.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAW4oYm3iME8wMVEwMDAwMDA4T0k3AAAA3GIzOkqrMpRsYADjbFdZxP_IwKqiQ92pKeN89d2KYotcYNXocbdrb7wXkbjwv6z2XSAjERDH9DtIbXrRodiyJ9RhXW1ip8C73FOH3SYW5n8AS-ibtI7TL0Q1Ho_aQ1Lj3nZUh5OEBBHh3e3-cGrxGsRVPq0vT8auGuM9tplEyiCtrGesNiTvikLgTqfMxZL1_6P-5qOWV1wEMVkxHlHN0pXdmVBcEp3eOCj1v2niytOqsLY7lUUfIOcuO_U9i81rHw&saml_acs=https%3A%2F%2Fgskrxna.my.salesforce.com%3Fso%3D00D36000001GRwm&saml_binding_type=HttpRedirect&Issuer=https%3A%2F%2Fgskrxna.my.salesforce.com&samlSsoConfig=0LE360000004NMB&RelayState=%2F00T1Q00004iLhgL HTTP 302
    https://federation.gsk.com/idp/SSO.saml2?SAMLRequest=hZJbc6IwGIb%2FCpN7kYOtwBQ7KFTYgljA443DIdYoBEiCaH%2F9om5nuje730wuku%2FwvvPleXm9FDl3hoSiEutA5AXAQZyWGcKfOlhEbz0FvI5eaFzklWY07IADWDeQMq7rw1S7J3TQEKyVMUVUw3EBqcZSLTQ8V5N4QatIycq0zAFnUAoJ64QmJaZNAUkIyRmlcBG4OjgwVlGt3%2F%2BkJ3LBMV9ceRrnkO5LkkI%2BLYtXWuqCYMrPwi3EadAWgDM7KwjH7O7%2Be8QeZpDc3%2Fhu2q23j7KqH4Y%2Bf%2FMrAc4xdbCTJkYXq0G5KWTkWUrrLa3WM43bGUTCSb6l5anz5Z9q4lUB3RjmMXnLtpf5zmnfa%2FShStU7nClqJr1vSpZuZusyTTKSDNv1KTm25%2BcvaR0aRyswbdVkTrImQbfZ6y81OKxXIqqUyVB%2B82053KyesGKEPZQwZxi5wodol7v4Q3SPMt4uDk%2B%2BNR7bBxnKvXRKLlMaLOe1cI6UuJk2nsqq3LqiCSNTSGcoOqOT%2BxnVe%2B%2BydcXd87z3VPurpdha3vJ0sXN7JlTrrFiOU6uSoT85imcJoyvza%2BpuhvlisXf8tPF3CxUpIrHbbluUNtDBlMWY6UASRLUnCj1hEImqJkraQOVVWdoCbv7np8cIP%2Fj5FxbJo4hqdhTNe3M%2FjAC3%2FOawKwAP6rS7OPmB27%2FHxt%2BMgdF%2FiXrp%2F1AYPW5%2FUz76DQ%3D%3D&RelayState=%2F00T1Q00004iLhgL&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EoBqlw%2BbZVmDH%2BuHKZD79bN5TyspARcd%2BGnEoFA%2Fbdz2rgWoHWI0UvJBDqzIrg2QUCwiNOKADfIuH6tDZ3%2Bktku%2Bou7aZ5QrdxBMuUYp9sHPoNfrzxs%2FZGRNfg%2FdO5yqA9epcchVo5ao4TM6PSrFiLOQ0ItCFsY%2BcP9dfymSSS4ZCIuL47Z9MHxNQtjicmMO%2FqZGkEfJAKGycwg15d7HPVXN5IUkEVWOa6BZX3YIzj50Ee9dKa5id%2FpV9OLPAppf%2BxkEr8dkNHvfdvb318%2FgRyz8XNg1ZUutmma8jzPSd3Q4BjiY81oTMNw95XZPJiOCqC3%2FLh7d51fvURTdifQTkFRx6zgAjPOMD94pWLKi%2FC9xC%2Bw9rZU4BeH6IOqijLf4PYkMVZxxXgAwy0CXjG6ZcxmPLXXNc%2F8PH%2Fzcim7K6VGZ2O2a9Lr4UQAm7Q8YT0p%2BZx8o1WD%2FQIspzO5vjP1Gcb2s25oneC3I4OHg3HU0KLd7qDnxLUzxUqeEXpiNGNx1kfdOvQFxoAtVrtP0UCM7LaOpb7SLUmcVjiiIuA%2BZhYlH0FfZZEO4y%2BgM2ifq%2Bx1l19Mz5jglHguzSrsia0uHSh%2B3MByGHiXWlFdLlidHKEAX3t1PFdIXpLubfoFyyMOhhomEKD%2BDf%2FqnFPBECvQL3C%2FTUsHZXk7AB%2FTMppc2Sjs%3D HTTP 302
    https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set 00T1Q00004iLhgL
gskrxna.my.salesforce.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gskrxna.my.salesforce.com/00T1Q00004iLhgL
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.8.174 , United States, ASN14340 (SALESFORCE - Salesforce.com, Inc., US),
Reverse DNS
dcl2-ncg0-iad3.na81-ia2.my.salesforce.com
Software
/
Resource Hash
1f41349662a2212fa74558a741b6c912c65f6ec7b6de7e12c06f90f158f94514
Security Headers
Name Value
Strict-Transport-Security max-age=31536002; includeSubDomains

Request headers

Host
gskrxna.my.salesforce.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Set-Cookie
BrowserId=sXo2pQdTTMmnL2FWhuwOdw;Path=/;Domain=.salesforce.com;Expires=Tue, 03-Dec-2019 19:12:49 GMT;Max-Age=5184000
Strict-Transport-Security
max-age=31536002; includeSubDomains
Public-Key-Pins-Report-Only
pin-sha256="9n0izTnSRF+W4W4JTq51avSXkWhQB8duS2bxVLfzXsY="; pin-sha256="5kJvNEMw0KjrCAu7eXY5HZdvyCS13BbA0VJG1RSP91w="; pin-sha256="njN4rRG+22dNXAi+yb8e3UMypgzPUPHlv4+foULwl1g="; max-age=86400; includeSubDomains; report-uri="https://a.forcesslreports.com/hpkp-report/00D36000001GRwmm";
Expect-CT
max-age=86400; report-uri="https://a.forcesslreports.com/Expect-CT-report/00D36000001GRwmm";
X-Robots-Tag
none
Referrer-Policy
origin-when-cross-origin
Cache-Control
no-cache,must-revalidate,max-age=0,no-store,private
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Connection
close
Primary Request Cookie set login.jsp
access.gsk.com/selfservice/static/
Redirect Chain
  • https://gskrxna.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAW4oYm3iME8wMVEwMDAwMDA4T0k3AAAA3GIzOkqrMpRsYADjbFdZxP_IwKqiQ92pKeN89d2KYotcYNXocbdrb7wXkbjwv6z2XSAjERDH9DtIbXrRodiyJ9...
  • https://federation.gsk.com/idp/SSO.saml2?SAMLRequest=hZJbc6IwGIb%2FCpN7kYOtwBQ7KFTYgljA443DIdYoBEiCaH%2F9om5nuje730wuku%2FwvvPleXm9FDl3hoSiEutA5AXAQZyWGcKfOlhEbz0FvI5eaFzklWY07IADWDeQMq7rw1S7J3TQEK...
  • https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Requested by
Host: gskrxna.my.salesforce.com
URL: https://gskrxna.my.salesforce.com/00T1Q00004iLhgL
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23dca15413c7ba5de70056e23e82df05930998b061ce83570703865dfb6168b2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
access.gsk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://gskrxna.my.salesforce.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://gskrxna.my.salesforce.com/

Response headers

X-FRAME-OPTIONS
DENY
X-Robots-Tag
noindex, nofollow
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Cache-Control
no-store, no-cache, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Content-Language
en
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 04 Oct 2019 19:12:50 GMT
Content-Length
2674
Connection
keep-alive
Set-Cookie
SMTARGET=resumePath%3D%2Fidp%2Fpm5DO%2FresumeSAML20%2Fidp%2FSSO.ping%26PartnerEntityID%3Dhttps%3A%2F%2Fgskrxna.my.salesforce.com; Domain=.gsk.com; Path=/selfservice/; secure; HttpOnly PA_S=AQFL; Path=/; Secure; HttpOnly BIGipServerGSK-ACCESS-UK-PROXY-443=401872770.47873.0000; path=/; Httponly; Secure TS01d3ecda=01cc2b8db3d4c9600bbeeeb8ea4eb105852cb0ee3f0be35eae32fc2c58983d828b4d870a9ed0b8ac5d43e0717fcaad9c5cbc8df9cf9b63b24f01ff1d25f0b4337cc4f44f616007a1916f888088c07e714e7565dede; Path=/; Secure; HTTPOnly TS01785011=01cc2b8db35a2c3c255de19ead7213ee7e7fd117520be35eae32fc2c58983d828b4d870a9e0d72377c4ff16ef930bda4781e40c95ba0f7108abb69b259c513f24eedf83b00; path=/selfservice/; domain=.gsk.com; HTTPonly; Secure

Redirect headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Location
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Content-Length
0
Date
Fri, 04 Oct 2019 19:12:50 GMT
Connection
keep-alive
Set-Cookie
PF=fQb9ClfkhyzumSNbIZh7SLuaqK7kAoeG2NXlYfDy2Jpv;Path=/;Secure;HttpOnly BIGipServerGSK-UK1-Services-Proxy-443=385095554.47873.0000; path=/; Httponly; Secure TS01045d0d=01cc2b8db3120f8f1a37e1a0ef07001b98262a67312851325e0f0b0243c3251a515e3c6df46f7a5200881c4fd3b889a69292638b18f21ab1bda84aabdfdb85e77a4b1a8bf02858a77bb095da8ee2c8cb3dc65153f8; Path=/; Domain=.federation.gsk.com; Secure; HTTPOnly
localizedStrings.min.js
access.gsk.com/selfservice/branding/scripts/ 		73 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/branding/scripts/localizedStrings.min.js?v=2.0.992
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d1edc11070d9434542695f1dbe0e05e8f717969a00d1039a374be26a0fc5d16
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
74452
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Tue, 03 Sep 2019 19:23:14 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
ETag
W/"74452-1567538594000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sat, 12 Sep 2020 18:01:45 GMT
util.min.js
access.gsk.com/selfservice/branding/scripts/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/branding/scripts/util.min.js?v=2.0.992
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
071795205bd0cc4ea66f3929cf1cec3463422d257974139fb05e34f0c4c117d1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
9418
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 18:00:44 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
ETag
W/"32606-1565287244000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sat, 12 Sep 2020 18:01:45 GMT
spin.min.js
access.gsk.com/selfservice/branding/scripts/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/branding/scripts/spin.min.js
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
edf0824fc48c27620b71bb7a646704d10391b3293912663f38817ad9f5462703
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2043
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:44 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
ETag
W/"4143-1565269244000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sat, 12 Sep 2020 21:19:02 GMT
layoutStaticDefault.min.css
access.gsk.com/selfservice/branding/css/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
525de07d0a6200e8ac3ae78a2d386d357f139294eda445ca2e0fa133fd6ad63c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
6521
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Last-Modified
Thu, 08 Aug 2019 13:19:24 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=0, no-cache, no-store
ETag
W/"29189-1565270364000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Fri, 04 Oct 2019 19:12:50 GMT
close.png
access.gsk.com/selfservice/branding/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/close.png
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
80fec70c6d92ceb4dd2a2df567e7628a7ee2bef19226d31442acb30cbf68b944
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
1475
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
public, max-age=31536000
ETag
W/"1475-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 03:50:07 GMT
layoutStaticMobile.min.css
access.gsk.com/selfservice/branding/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/branding/css/layoutStaticMobile.min.css?v=2.0.992
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e7128336cf257976580cf3a7c4192d0ca61a121f5b3bda7f47c879cf312a1f3e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1687
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Last-Modified
Thu, 08 Aug 2019 13:00:46 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=0, no-cache, no-store
ETag
W/"6424-1565269246000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Fri, 04 Oct 2019 19:12:50 GMT
ticker-spacer.png
access.gsk.com/selfservice/branding/images/ 		218 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/ticker-spacer.png
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c796951ac82a878ed93602b8178cbb07d790d131fb91141a0f94e1e0e1b26b5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
218
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
public, max-age=31536000
ETag
W/"218-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 02:39:33 GMT
ticker-leftside.png
access.gsk.com/selfservice/branding/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/ticker-leftside.png
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3ef78e366fe3b8e7de690599e5e1c555ebfcea7f64f2fab412be00911a87523
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
1615
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
public, max-age=31536000
ETag
W/"1615-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 08:54:07 GMT
ticker-mid.png
access.gsk.com/selfservice/branding/images/ 		239 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/ticker-mid.png
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cd06ceb3c37182e6c47aebbe4940da0af51c149d94e96fbb7630ab97403dd14
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
239
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
public, max-age=31536000
ETag
W/"239-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 02:39:33 GMT
bannerimg-left-static.jpg
access.gsk.com/selfservice/branding/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/bannerimg-left-static.jpg
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65306b4840b0fe33cad5ee90f2a86b888852d59d447bfb13df3b75e5b4abd10b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
3626
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
ETag
W/"3626-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 02:39:33 GMT
bannerimg-logo-static.jpg
access.gsk.com/selfservice/branding/images/ 		842 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/bannerimg-logo-static.jpg
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32065e8f45db418a42d6fb535183a0a6c264206d484190030bd9483024869203
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
842
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
ETag
W/"842-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 09:58:37 GMT
sprites.png
access.gsk.com/selfservice/branding/images/icons/png/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/icons/png/sprites.png
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/pm5DO/resumeSAML20/idp/SSO.ping&PartnerEntityID=https://gskrxna.my.salesforce.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.84.248 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-84-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9113ca2776fa2560a7efaae38183c1981b2b6c47c38a24f6699d977a7c617440
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
2455
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Fri, 04 Oct 2019 19:12:50 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
public, max-age=31536000
ETag
W/"2455-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 02:39:33 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| g_availableLocales object| g_localizedStrings object| g_validateTimeout object| iOS number| iCount string| deviceType function| existsInArray function| setUpLocale function| doPopup function| focusField function| emulateDisabled function| restoreEmulateDisabled function| addEmulation function| trimQuestions function| confirmAppSubscription function| disableField function| hideLoadingMask function| showLoadingMask function| disableForm function| toggleChildElements function| validateApprovalQuestionAnswer function| doValidatePhoneNumber function| setMessage function| doVerifySMSTestCode function| doSMSSendTestCode function| disableSubmit function| validatePhoneNumber function| validateMobile function| doValidateFirstName function| validateFirstName function| doValidateLastName function| validateLastName function| doValidateUsername function| validateUsername function| doValidatePassword function| validatePassword function| doValidateConfirmPassword function| validateConfirmPassword function| validateSubmit function| validEmail function| isExternal function| ensureMatch function| doTrim function| trim function| enableFields function| removeEmptyOptions string| currentLayer function| showLayer function| hideLayer function| showPrev function| showNext function| selectCountry function| getElementsByClassName function| highlightTabsWithErrors function| changeLocale function| logout function| isDefined function| getDOMElementById function| setElementText function| setElementHTML function| replaceWithLocaleText function| hideOverlay function| overlay function| loadCssFile function| isTouchDevice boolean| supportsPassive object| opts function| touchScroll function| disableFormAutoComplete function| findPosition function| setCheckbox function| prepareInputsForHints function| selectFirstItem function| preloadImages function| preLoginCheck function| init function| Spinner string| g_localeLanguage string| g_localeCountry boolean| g_submitting

5 Cookies

Domain/Path Name / Value
access.gsk.com/ Name: TS01d3ecda
Value: 01cc2b8db3d4c9600bbeeeb8ea4eb105852cb0ee3f0be35eae32fc2c58983d828b4d870a9ed0b8ac5d43e0717fcaad9c5cbc8df9cf9b63b24f01ff1d25f0b4337cc4f44f616007a1916f888088c07e714e7565dede
access.gsk.com/ Name: PA_S
Value: AQFL
.gsk.com/selfservice/ Name: TS01785011
Value: 01cc2b8db35a2c3c255de19ead7213ee7e7fd117520be35eae32fc2c58983d828b4d870a9e0d72377c4ff16ef930bda4781e40c95ba0f7108abb69b259c513f24eedf83b00
access.gsk.com/ Name: BIGipServerGSK-ACCESS-UK-PROXY-443
Value: 401872770.47873.0000
.gsk.com/selfservice/ Name: SMTARGET
Value: resumePath%3D%2Fidp%2Fpm5DO%2FresumeSAML20%2Fidp%2FSSO.ping%26PartnerEntityID%3Dhttps%3A%2F%2Fgskrxna.my.salesforce.com

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536002; includeSubDomains