federation.gsk.com Open in urlscan Pro
23.206.18.141 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ramosng.gsk.com/trident/collectVisitDate.seam
Effective URL:
https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus
Submission Tags: falconsandbox
Submission: On February 02 via api (February 2nd 2024, 12:57:57 pm UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 10 HTTP transactions. The main IP is 23.206.18.141, located in Düsseldorf, Germany and belongs to AKAMAI-AS, US. The main domain is federation.gsk.com. The Cisco Umbrella rank of the primary domain is 500689.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 17th 2023. Valid for: a year.

This is the only time federation.gsk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	152.51.24.86 152.51.24.86	14306 (GLAXOSMIT...) (GLAXOSMITHKLINE)
10	23.206.18.141 23.206.18.141	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2

1 152.51.24.86 (United States) 1 redirects

ASN14306 (GLAXOSMITHKLINE, US)

ramosng.gsk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.206.18.141 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-18-141.deploy.static.akamaitechnologies.com

federation.gsk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	gsk.com 1 redirects ramosng.gsk.com federation.gsk.com — Cisco Umbrella Rank: 500689	832 KB
10	1

	Domain	Requested by
10	federation.gsk.com	federation.gsk.com
1	ramosng.gsk.com	1 redirects
10	2

This site contains links to these domains. Also see Links.

Domain
access.gsk.com

Subject Issuer	Validity	Valid
*.gsk.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-10-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus
Frame ID: 81F6A512DEE7F43886B3AA16085167A8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden

Page URL History Show full URLs

https://ramosng.gsk.com/trident/collectVisitDate.seam HTTP 302
https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

862 kB
Transfer

1050 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://access.gsk.com/help/
Title: Brauche Hilfe?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ramosng.gsk.com/trident/collectVisitDate.seam HTTP 302
https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request startSSO.ping Show response federation.gsk.com/idp/ Redirect Chain https://ramosng.gsk.com/trident/collectVisitDate.seam https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus	50 KB 8 KB	378ms 183ms	Document text/html	23.206.18.141 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.206.18.141 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-18-141.deploy.static.akamaitechnologies.com Software / Resource Hash `18cf2dab16030c2c92c34f78128d54074106740f22b34772ef60d86db635d4aa` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache, no-store Connection keep-alive Content-Encoding gzip Content-Length 7239 Content-Type text/html;charset=utf-8 Date Fri, 02 Feb 2024 12:57:51 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Vary Accept-Encoding Redirect headers Content-Length 0 Date Fri, 02 Feb 2024 12:57:50 GMT Location https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus
GET H/1.1	200 OK	webcomponents-loader.js Show response federation.gsk.com/modules/webcomponentsjs/	6 KB 6 KB	54ms 52ms	Script application/javascript	23.206.18.141 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://federation.gsk.com/modules/webcomponentsjs/webcomponents-loader.js Requested by Host: federation.gsk.com URL: https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.206.18.141 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-18-141.deploy.static.akamaitechnologies.com Software / Resource Hash `028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6` Request headers accept-language de-DE,de;q=0.9 Referer https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Fri, 02 Feb 2024 12:57:51 GMT Last-Modified Thu, 12 Oct 2023 18:37:22 GMT Connection keep-alive Accept-Ranges bytes ETag W/"2HSaGgywHzI2HSbkSmd1WI" Content-Length 6272 Content-Type application/javascript
GET H/1.1	200 OK	styles.js Show response federation.gsk.com/modules/	172 KB 172 KB	145ms 50ms	Script application/javascript	23.206.18.141 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://federation.gsk.com/modules/styles.js?v=1.0.342 Requested by Host: federation.gsk.com URL: https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.206.18.141 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-18-141.deploy.static.akamaitechnologies.com Software / Resource Hash `d28203cb980a41c5a1c6482c1bd2a704bb67c551af2997a057a9f16cff9becad` Request headers accept-language de-DE,de;q=0.9 Referer https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Fri, 02 Feb 2024 12:57:51 GMT Last-Modified Thu, 12 Oct 2023 18:37:22 GMT Connection keep-alive Accept-Ranges bytes ETag W/"LXhCoIdwe68LXhDK6JfBvI" Content-Length 176013 Content-Type application/javascript
GET H/1.1	200 OK	main.css federation.gsk.com/assets/css/	170 KB 22 KB	125ms 70ms	Stylesheet text/css	23.206.18.141 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://federation.gsk.com/assets/css/main.css Requested by Host: federation.gsk.com URL: https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.206.18.141 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-18-141.deploy.static.akamaitechnologies.com Software / Resource Hash `e24e09eecf328a0204326e2a8db591c4579827d2a113f0cfd857a992f0c87760` Request headers accept-language de-DE,de;q=0.9 Referer https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Fri, 02 Feb 2024 12:57:51 GMT Content-Encoding gzip Last-Modified Wed, 23 Mar 2022 18:04:32 GMT Vary Accept-Encoding Content-Type text/css Cache-Control max-age=0, must-revalidate Connection keep-alive Content-Length 22359
GET H/1.1	200 OK	gsk_logo.png federation.gsk.com/assets/images/	6 KB 7 KB	48ms 46ms	Image image/png	23.206.18.141 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://federation.gsk.com/assets/images/gsk_logo.png?v=1.0.342 Requested by Host: federation.gsk.com URL: https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.206.18.141 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-18-141.deploy.static.akamaitechnologies.com Software / Resource Hash `3eb1f1fb295481e84935f372019628b5b51e66c5920ecbe0c7b5ac1d7e38274c` Request headers accept-language de-DE,de;q=0.9 Referer https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Fri, 02 Feb 2024 12:57:51 GMT Cache-Control max-age=0, must-revalidate Last-Modified Thu, 12 Oct 2023 18:37:22 GMT Connection keep-alive Content-Length 6517 Content-Type image/png
GET H/1.1	200 OK	app.es5.js Show response federation.gsk.com/modules/	576 KB 576 KB	145ms 51ms	Script application/javascript	23.206.18.141 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://federation.gsk.com/modules/app.es5.js?v=1.0.342 Requested by Host: federation.gsk.com URL: https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.206.18.141 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-18-141.deploy.static.akamaitechnologies.com Software / Resource Hash `e7c16ccf0f78d4a3b767a7237e822d1f05648fc53d07f66438cb1a6607b1ca44` Request headers accept-language de-DE,de;q=0.9 Referer https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Fri, 02 Feb 2024 12:57:51 GMT Last-Modified Thu, 12 Oct 2023 18:37:22 GMT Connection keep-alive Accept-Ranges bytes ETag W/"gY5vm5Fc54MgY5uELR5yrQ" Content-Length 589799 Content-Type application/javascript
GET H/1.1	200 OK	loginHelper.js Show response federation.gsk.com/modules/	6 KB 6 KB	145ms 48ms	Script application/javascript	23.206.18.141 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://federation.gsk.com/modules/loginHelper.js?v=1.0.342 Requested by Host: federation.gsk.com URL: https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.206.18.141 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-18-141.deploy.static.akamaitechnologies.com Software / Resource Hash `c0bb6269ac6b420cd4677cea3c185ab007edc9806da558435c84050e5f648d3f` Request headers accept-language de-DE,de;q=0.9 Referer https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Fri, 02 Feb 2024 12:57:51 GMT Last-Modified Thu, 12 Oct 2023 18:37:22 GMT Connection keep-alive Accept-Ranges bytes ETag W/"m56n7PK1GmYm56mZ9eY3tw" Content-Length 5738 Content-Type application/javascript
GET H/1.1	200 OK	fingerprint2-2.1.4.min.js Show response federation.gsk.com/assets/scripts/	30 KB 30 KB	123ms 120ms	Script application/javascript	23.206.18.141 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://federation.gsk.com/assets/scripts/fingerprint2-2.1.4.min.js Requested by Host: federation.gsk.com URL: https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.206.18.141 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-18-141.deploy.static.akamaitechnologies.com Software / Resource Hash `6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e` Request headers accept-language de-DE,de;q=0.9 Referer https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Fri, 02 Feb 2024 12:57:51 GMT Cache-Control max-age=0, must-revalidate Last-Modified Tue, 21 Mar 2023 18:40:24 GMT Connection keep-alive Content-Length 30685 Content-Type application/javascript
GET H/1.1	200 OK	pingone-risk-management-profiling.js Show response federation.gsk.com/assets/scripts/	2 KB 2 KB	55ms 54ms	Script application/javascript	23.206.18.141 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://federation.gsk.com/assets/scripts/pingone-risk-management-profiling.js Requested by Host: federation.gsk.com URL: https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.206.18.141 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-18-141.deploy.static.akamaitechnologies.com Software / Resource Hash `a7362048801c6922a07ae186bf07b18b708c602c7b9307862eaec2a5b35c77ba` Request headers accept-language de-DE,de;q=0.9 Referer https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Fri, 02 Feb 2024 12:57:51 GMT Cache-Control max-age=0, must-revalidate Last-Modified Tue, 21 Mar 2023 18:40:24 GMT Connection keep-alive Content-Length 2077 Content-Type application/javascript
GET H/1.1	200 OK	pingone-risk-management-embedded.js Show response federation.gsk.com/assets/scripts/	1 KB 2 KB	77ms 47ms	Script application/javascript	23.206.18.141 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://federation.gsk.com/assets/scripts/pingone-risk-management-embedded.js Requested by Host: federation.gsk.com URL: https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.206.18.141 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-206-18-141.deploy.static.akamaitechnologies.com Software / Resource Hash `bf17a02bde3cd684e25b2a7b6f0f253904e00f0813ef1dd28fb6e752eafc29c5` Request headers accept-language de-DE,de;q=0.9 Referer https://federation.gsk.com/idp/startSSO.ping?PartnerSpId=https://ramosng.gsk.com/trident/SsoService/eus User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Fri, 02 Feb 2024 12:57:51 GMT Cache-Control max-age=0, must-revalidate Last-Modified Tue, 21 Mar 2023 18:40:24 GMT Connection keep-alive Content-Length 1454 Content-Type application/javascript
GET DATA	200 OK	truncated /	31 KB 31 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3e2f7b7cc526ac4512a8c732760d12be084789e3fc31c4081cda9518a9b86cfe` Request headers Referer Origin https://federation.gsk.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ramosng.gsk.com/trident	1969-12-31 23:59:59	Name: JSESSIONID Value: E2835851E0C5E1FE28247EC8F1773B28
ramosng.gsk.com/trident	1969-12-31 23:59:59	Name: TS012339e5 Value: 0161c29cd7086f6435f8c5ed647c9d9973effa4d46476f6bc7d18997c350254796f558f0f6bc3a9783ee37540ddf61e0e76c5ed273
.ramosng.gsk.com/	1969-12-31 23:59:59	Name: TS018e3836 Value: 0161c29cd7086f6435f8c5ed647c9d9973effa4d46476f6bc7d18997c350254796f558f0f6bc3a9783ee37540ddf61e0e76c5ed273
.gsk.com/	1969-12-31 23:59:59	Name: PF-Prod Value: tn2X28Nvwl5jQC9hoMJA5E
federation.gsk.com/	1969-12-31 23:59:59	Name: PA_S Value: AQGf
federation.gsk.com/	1969-12-31 23:59:59	Name: BIGipServerGSK-UK1-Services-Proxy-443 Value: 385095554.47873.0000
.federation.gsk.com/	1969-12-31 23:59:59	Name: TS01045d0d Value: 01cc2b8db393502630e256fc1b2676a5e5f3fce9e238d26a7dc3124bca113a1245fadbc61253432840dac468f23bcd1290bf202f07

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

federation.gsk.com
ramosng.gsk.com
152.51.24.86
23.206.18.141
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
18cf2dab16030c2c92c34f78128d54074106740f22b34772ef60d86db635d4aa
3e2f7b7cc526ac4512a8c732760d12be084789e3fc31c4081cda9518a9b86cfe
3eb1f1fb295481e84935f372019628b5b51e66c5920ecbe0c7b5ac1d7e38274c
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
a7362048801c6922a07ae186bf07b18b708c602c7b9307862eaec2a5b35c77ba
bf17a02bde3cd684e25b2a7b6f0f253904e00f0813ef1dd28fb6e752eafc29c5
c0bb6269ac6b420cd4677cea3c185ab007edc9806da558435c84050e5f648d3f
d28203cb980a41c5a1c6482c1bd2a704bb67c551af2997a057a9f16cff9becad
e24e09eecf328a0204326e2a8db591c4579827d2a113f0cfd857a992f0c87760
e7c16ccf0f78d4a3b767a7237e822d1f05648fc53d07f66438cb1a6607b1ca44

federation.gsk.com Open in urlscan Pro 23.206.18.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

2 IPs

2 Countries

862 kBTransfer

1050 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

7 Cookies

Indicators

federation.gsk.com Open in urlscan Pro
23.206.18.141 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

862 kB
Transfer

1050 kB
Size

7
Cookies

10 HTTP transactions
1 data transactions