urlscan.io logo urlscan.io
SecurityTrails logo

access.gsk.com Open in urlscan Pro
104.108.47.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ignitegsk.com/justdoit-ard
Effective URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spi...
Submission: On October 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 104.108.47.35, located in Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is access.gsk.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 7th 2018. Valid for: a year.
This is the only time access.gsk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 173.203.138.83 27357 (RACKSPACE)
1 1 104.109.66.237 20940 (AKAMAI-ASN1)
13 104.108.47.35 16625 (AKAMAI-AS)
13 1
Apex Domain
Subdomains		 Transfer
14 gsk.com
federation.gsk.com
access.gsk.com
118 KB
1 ignitegsk.com
ignitegsk.com
944 B
13 2
Domain Requested by
13 access.gsk.com access.gsk.com
1 federation.gsk.com 1 redirects
1 ignitegsk.com 1 redirects
13 3

This site contains no links.

Subject Issuer Validity Valid
access.gsk.com
DigiCert SHA2 Extended Validation Server CA		 2018-08-07 -
2019-11-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Frame ID: E9F05B2F306CF62DC6CFB1CAFFDD9437
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ignitegsk.com/justdoit-ard HTTP 302
    https://federation.gsk.com/idp/SSO.saml2?SAMLRequest=fZHNboMwEIRfBfkebExJFCsg0eTQSGmDCu2hlwiMA1bBpl7Tn7... HTTP 302
    https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping... Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

2
Countries

117 kB
Transfer

161 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ignitegsk.com/justdoit-ard HTTP 302
    https://federation.gsk.com/idp/SSO.saml2?SAMLRequest=fZHNboMwEIRfBfkebExJFCsg0eTQSGmDCu2hlwiMA1bBpl7Tn7cvgaZNL7nuzn47O7uCvG06Fve2Vo%2FirRdgnc%2B2UcDGRoh6o5jOQQJTeSuAWc7S%2BH7HqEtYZ7TVXDfIiQGEsVKrtVbQt8KkwrxLLp4edyGqre2AYSwrJa2o4NXlusVpLYtCN8LWLoDGJyjFyT7NkLMZXEiVn3h%2F00dRCjPW3DNClh1O0717skqRs92E6LAsAurP%2FTkJ6JEIXiy5Vywo9QJy4we8KAcZQC%2B2CmyubIgo8ZYzj8yIn3kLRgIWLF6Qk%2FxcditVKVV1PYZiEgG7y7JkNp3wLAyM9gcBilYnh2xcbC7ivY7Nz5miCDpZSXv4DXCFL4ATvWMPA2G7SXQj%2BZcTN43%2BWBuRWxEiD%2BFoGvn%2F6egb&RelayState=ss%3Amem%3Ab318f48d9679f8a94775b1af8ace5e8fd77e8b4ac8c9488ee9eb79b949f85163 HTTP 302
    https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set login.jsp
access.gsk.com/selfservice/static/
Redirect Chain
  • https://ignitegsk.com/justdoit-ard
  • https://federation.gsk.com/idp/SSO.saml2?SAMLRequest=fZHNboMwEIRfBfkebExJFCsg0eTQSGmDCu2hlwiMA1bBpl7Tn7cvgaZNL7nuzn47O7uCvG06Fve2Vo%2FirRdgnc%2B2UcDGRoh6o5jOQQJTeSuAWc7S%2BH7HqEtYZ7TVXDfIiQGEsVKrtV...
  • https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6ae79acbfb8ba5338a8fcf4160908d4bb7839680e6afb6c7172265370f5f33c7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
access.gsk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

X-FRAME-OPTIONS
DENY
X-Robots-Tag
noindex, nofollow
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Strict-Transport-Security
max-age=31536000
Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Cache-Control
no-store, no-cache, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Content-Language
en
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Thu, 03 Oct 2019 17:05:57 GMT
Content-Length
2649
Connection
keep-alive
Set-Cookie
SMTARGET=resumePath%3D%2Fidp%2FruiYz%2FresumeSAML20%2Fidp%2FSSO.ping%26PartnerEntityID%3Dspigit_ignitegsk; Domain=.gsk.com; Path=/selfservice/; secure; HttpOnly PA_S=AQFL; Path=/; Secure; HttpOnly BIGipServerGSK-ACCESS-UK-PROXY-443=401872770.47873.0000; path=/; Httponly; Secure TS01d3ecda=01cc2b8db3065a0bf7ed1957fd060a96410acef899c7d4605f15a14ad93524d6fcebb9a6297b527da3e49235444b1886233ca85ca93a0214777ad6ac651be0b293dd4a86c028872d1ca611e8e5c3dc21533e66b591; Path=/; Secure; HTTPOnly TS01785011=01cc2b8db33976a2e655db2f4266eb9214b558ece3c7d4605f15a14ad93524d6fcebb9a6296ff839ab81d54955c8ea036cdcbf42b79154bd1d3cafae62125609e0072d5898; path=/selfservice/; domain=.gsk.com; HTTPonly; Secure

Redirect headers

Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Location
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Content-Length
0
Date
Thu, 03 Oct 2019 17:05:57 GMT
Connection
keep-alive
Set-Cookie
PF=8h8RE1JSytj5AehLUyVdfa0rHTMkbCO5sDjxjS1ylgeC;Path=/;Secure;HttpOnly BIGipServerGSK-UK1-Services-Proxy-443=401872770.47873.0000; path=/; Httponly; Secure TS01045d0d=01cc2b8db3950cea293b52d0d7022dbaf6e87498bf1940057d2501a0e54774905da6a620c10f5f56b986cca44e7ac6f20d50ca4075510094bf9b105320c820911bfa44c84c2ffe9e2055e30b3d2e735ce757763e61; Path=/; Domain=.federation.gsk.com; Secure; HTTPOnly
localizedStrings.min.js
access.gsk.com/selfservice/branding/scripts/ 		73 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/branding/scripts/localizedStrings.min.js?v=2.0.992
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d1edc11070d9434542695f1dbe0e05e8f717969a00d1039a374be26a0fc5d16
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
74452
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Tue, 03 Sep 2019 14:23:14 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
ETag
W/"74452-1567520594000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sat, 12 Sep 2020 18:14:01 GMT
util.min.js
access.gsk.com/selfservice/branding/scripts/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/branding/scripts/util.min.js?v=2.0.992
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
071795205bd0cc4ea66f3929cf1cec3463422d257974139fb05e34f0c4c117d1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
9418
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:44 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
ETag
W/"32606-1565269244000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sat, 12 Sep 2020 18:14:01 GMT
spin.min.js
access.gsk.com/selfservice/branding/scripts/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/branding/scripts/spin.min.js
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
edf0824fc48c27620b71bb7a646704d10391b3293912663f38817ad9f5462703
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2043
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:44 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Cache-Control
public, max-age=31536000
ETag
W/"4143-1565269244000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 02:17:56 GMT
layoutStaticDefault.min.css
access.gsk.com/selfservice/branding/css/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
525de07d0a6200e8ac3ae78a2d386d357f139294eda445ca2e0fa133fd6ad63c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
6521
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Last-Modified
Thu, 08 Aug 2019 13:19:24 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=0, no-cache, no-store
ETag
W/"29189-1565270364000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Thu, 03 Oct 2019 17:05:57 GMT
close.png
access.gsk.com/selfservice/branding/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/close.png
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
80fec70c6d92ceb4dd2a2df567e7628a7ee2bef19226d31442acb30cbf68b944
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
1475
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
public, max-age=31536000
ETag
W/"1475-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 02:17:56 GMT
layoutStaticMobile.min.css
access.gsk.com/selfservice/branding/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://access.gsk.com/selfservice/branding/css/layoutStaticMobile.min.css?v=2.0.992
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e7128336cf257976580cf3a7c4192d0ca61a121f5b3bda7f47c879cf312a1f3e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1687
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Pragma
no-cache
Last-Modified
Thu, 08 Aug 2019 13:00:46 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
Cache-Control
max-age=0, no-cache, no-store
ETag
W/"6424-1565269246000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Thu, 03 Oct 2019 17:05:57 GMT
ticker-spacer.png
access.gsk.com/selfservice/branding/images/ 		218 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/ticker-spacer.png
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c796951ac82a878ed93602b8178cbb07d790d131fb91141a0f94e1e0e1b26b5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
218
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
public, max-age=31536000
ETag
W/"218-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 05:04:28 GMT
ticker-leftside.png
access.gsk.com/selfservice/branding/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/ticker-leftside.png
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f3ef78e366fe3b8e7de690599e5e1c555ebfcea7f64f2fab412be00911a87523
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
1615
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
public, max-age=31536000
ETag
W/"1615-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 05:04:28 GMT
ticker-mid.png
access.gsk.com/selfservice/branding/images/ 		239 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/ticker-mid.png
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cd06ceb3c37182e6c47aebbe4940da0af51c149d94e96fbb7630ab97403dd14
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
239
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
public, max-age=31536000
ETag
W/"239-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 05:04:28 GMT
bannerimg-left-static.jpg
access.gsk.com/selfservice/branding/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/bannerimg-left-static.jpg
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65306b4840b0fe33cad5ee90f2a86b888852d59d447bfb13df3b75e5b4abd10b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
3626
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
ETag
W/"3626-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 05:04:28 GMT
bannerimg-logo-static.jpg
access.gsk.com/selfservice/branding/images/ 		842 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/bannerimg-logo-static.jpg
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
32065e8f45db418a42d6fb535183a0a6c264206d484190030bd9483024869203
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
842
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
public, max-age=31536000
ETag
W/"842-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 07:52:33 GMT
sprites.png
access.gsk.com/selfservice/branding/images/icons/png/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://access.gsk.com/selfservice/branding/images/icons/png/sprites.png
Requested by
Host: access.gsk.com
URL: https://access.gsk.com/selfservice/static/login.jsp?resumePath=/idp/ruiYz/resumeSAML20/idp/SSO.ping&PartnerEntityID=spigit_ignitegsk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.47.35 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-47-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9113ca2776fa2560a7efaae38183c1981b2b6c47c38a24f6699d977a7c617440
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://access.gsk.com/selfservice/branding/css/layoutStaticDefault.min.css?v=2.0.992
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Security-Policy
default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
2455
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Last-Modified
Thu, 08 Aug 2019 13:00:42 GMT
X-FRAME-OPTIONS
DENY
Date
Thu, 03 Oct 2019 17:05:57 GMT
X-Download-Options
noopen
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
public, max-age=31536000
ETag
W/"2455-1565269242000"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Sun, 13 Sep 2020 05:04:28 GMT

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| g_availableLocales object| g_localizedStrings object| g_validateTimeout object| iOS number| iCount string| deviceType function| existsInArray function| setUpLocale function| doPopup function| focusField function| emulateDisabled function| restoreEmulateDisabled function| addEmulation function| trimQuestions function| confirmAppSubscription function| disableField function| hideLoadingMask function| showLoadingMask function| disableForm function| toggleChildElements function| validateApprovalQuestionAnswer function| doValidatePhoneNumber function| setMessage function| doVerifySMSTestCode function| doSMSSendTestCode function| disableSubmit function| validatePhoneNumber function| validateMobile function| doValidateFirstName function| validateFirstName function| doValidateLastName function| validateLastName function| doValidateUsername function| validateUsername function| doValidatePassword function| validatePassword function| doValidateConfirmPassword function| validateConfirmPassword function| validateSubmit function| validEmail function| isExternal function| ensureMatch function| doTrim function| trim function| enableFields function| removeEmptyOptions string| currentLayer function| showLayer function| hideLayer function| showPrev function| showNext function| selectCountry function| getElementsByClassName function| highlightTabsWithErrors function| changeLocale function| logout function| isDefined function| getDOMElementById function| setElementText function| setElementHTML function| replaceWithLocaleText function| hideOverlay function| overlay function| loadCssFile function| isTouchDevice boolean| supportsPassive object| opts function| touchScroll function| disableFormAutoComplete function| findPosition function| setCheckbox function| prepareInputsForHints function| selectFirstItem function| preloadImages function| preLoginCheck function| init function| Spinner string| g_localeLanguage string| g_localeCountry boolean| g_submitting

5 Cookies

Domain/Path Name / Value
access.gsk.com/ Name: TS01d3ecda
Value: 01cc2b8db3065a0bf7ed1957fd060a96410acef899c7d4605f15a14ad93524d6fcebb9a6297b527da3e49235444b1886233ca85ca93a0214777ad6ac651be0b293dd4a86c028872d1ca611e8e5c3dc21533e66b591
access.gsk.com/ Name: PA_S
Value: AQFL
.gsk.com/selfservice/ Name: TS01785011
Value: 01cc2b8db33976a2e655db2f4266eb9214b558ece3c7d4605f15a14ad93524d6fcebb9a6296ff839ab81d54955c8ea036cdcbf42b79154bd1d3cafae62125609e0072d5898
access.gsk.com/ Name: BIGipServerGSK-ACCESS-UK-PROXY-443
Value: 401872770.47873.0000
.gsk.com/selfservice/ Name: SMTARGET
Value: resumePath%3D%2Fidp%2FruiYz%2FresumeSAML20%2Fidp%2FSSO.ping%26PartnerEntityID%3Dspigit_ignitegsk

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; script-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-eval' 'unsafe-inline'; connect-src 'self'; img-src *.gsk.com www.google.com www.gstatic.com 'self' data:; style-src *.gsk.com www.google.com www.gstatic.com 'self' 'unsafe-inline'; frame-src www.google.com www.gstatic.com 'self';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block