auth-qa.gsk.com
Open in
urlscan Pro
152.51.24.120
Public Scan
Effective URL: https://auth-qa.gsk.com:9032/idp/fFGuJ/resumeSAML20/idp/SSO.ping
Submission: On January 09 via api from US — Scanned from US
Summary
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 25th 2022. Valid for: a year.
This is the only time auth-qa.gsk.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 35.204.26.114 35.204.26.114 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 4 | 23.35.149.72 23.35.149.72 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 96.6.29.169 96.6.29.169 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
6 | 152.51.24.120 152.51.24.120 | 14306 (GLAXOSMIT...) (GLAXOSMITHKLINE) | |
10 | 3 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.26.204.35.bc.googleusercontent.com
origin-glaxosmith2-preprod.plateau.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-35-149-72.deploy.static.akamaitechnologies.com
performancemanager.successfactors.eu |
ASN16625 (AKAMAI-AS, US)
PTR: a96-6-29-169.deploy.static.akamaitechnologies.com
federation-qa.gsk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
gsk.com
1 redirects
federation-qa.gsk.com auth-qa.gsk.com |
248 KB |
4 |
successfactors.eu
1 redirects
performancemanager.successfactors.eu — Cisco Umbrella Rank: 79400 |
11 KB |
3 |
plateau.com
2 redirects
origin-glaxosmith2-preprod.plateau.com |
3 KB |
10 | 3 |
Domain | Requested by | |
---|---|---|
6 | auth-qa.gsk.com |
auth-qa.gsk.com
|
4 | performancemanager.successfactors.eu |
1 redirects
performancemanager.successfactors.eu
|
3 | origin-glaxosmith2-preprod.plateau.com | 2 redirects |
1 | federation-qa.gsk.com | 1 redirects |
10 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
access.gsk.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
plateau.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-06-16 - 2023-06-16 |
a year | crt.sh |
eu-only.successfactors.eu DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-04-14 - 2023-04-14 |
a year | crt.sh |
auth-qa.gsk.com Sectigo RSA Organization Validation Secure Server CA |
2022-01-25 - 2023-01-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth-qa.gsk.com:9032/idp/fFGuJ/resumeSAML20/idp/SSO.ping
Frame ID: 9F6808695236B729A977CED2DD5319DB
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
AccessGSKPage URL History Show full URLs
-
http://origin-glaxosmith2-preprod.plateau.com/
HTTP 302
https://origin-glaxosmith2-preprod.plateau.com/ Page URL
-
https://origin-glaxosmith2-preprod.plateau.com/learning/user/login.jsp
HTTP 302
https://performancemanager.successfactors.eu/login?company=glaxosmithP2 HTTP 302
https://performancemanager.successfactors.eu/saml2/Login?company=glaxosmithP2&RelayState=/login?company=glaxosmithP2&_s.c... Page URL
-
https://federation-qa.gsk.com/idp/SSO.saml2?SAMLRequest=fZLBTuMwEIZfxfLdTmyCSK2mqEuFqMQu0TZw4LJynUlrkdjB42...
HTTP 302
https://auth-qa.gsk.com:9032/idp/fFGuJ/resumeSAML20/idp/SSO.ping Page URL
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Forgot your username or password?
Search URL Search Domain Scan URL
Title: Need Help?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://origin-glaxosmith2-preprod.plateau.com/
HTTP 302
https://origin-glaxosmith2-preprod.plateau.com/ Page URL
-
https://origin-glaxosmith2-preprod.plateau.com/learning/user/login.jsp
HTTP 302
https://performancemanager.successfactors.eu/login?company=glaxosmithP2 HTTP 302
https://performancemanager.successfactors.eu/saml2/Login?company=glaxosmithP2&RelayState=/login?company=glaxosmithP2&_s.crb=ERSJOYNMksa100Sv%252fTDb85GMoZZx2KckoYOcxj%252b%252fTss%253d Page URL
-
https://federation-qa.gsk.com/idp/SSO.saml2?SAMLRequest=fZLBTuMwEIZfxfLdTmyCSK2mqEuFqMQu0TZw4LJynUlrkdjB42zh7QlpWbEHuI7%2FmW%2F82fPLl64lfyGg9a6ggqeUgDO%2Btm5X0PvqmuX0cjFH3bWyV8sh7t1veB4AIxkbHarjSUGH4JTXaFE53QGqaNRm%2BfNWSZ6qPvjojW8pWY2N1uk4wfYx9qiSpIEawlRjz5rv8Ikb3yW27pPN5o5PAEqufTAw8Qva6BaBkvWqoH%2FyLchse54zqXPDsmw7Y7NMNywVmZC5aC5m%2BmKMIg6wdhi1iwWVqTwbAyydVeJMCaHOU55J8UhJedr0h3VHA99da3sMobqpqpKVd5uKkocPk2OAnrypiR4%2BC%2Ft%2BsEaE8O6DLj4cHQ4HjoMxgNhoE31ADkOya%2FWLx87GfSnnyWfYvyf7NU5fr0rfWvNKlm3rD1cBdISCxjDA5LXT8et9BBdTxdasmaJqcNiDsY2FmiaLE%2Fb%2Fv7F4Aw%3D%3D&RelayState=%2Flogin%3Fcompany%3DglaxosmithP2&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=A%2BI6PI8FzFootLXwcwDdN0jyN1afugQLiFU77my4GUV8eC4qBFcK1k0DaaaC%2FdvR%2F0UthjWs7D8zpRQZfnBNNwkBhADND2Vee5dgpjkcWcxYvQFYheE6GgzPdjcx%2Fn3NN5mz8%2B64YZjsYpxXLsNfUTgr2GFfMWNRSC7Y5ZJJVQQ%3D
HTTP 302
https://auth-qa.gsk.com:9032/idp/fFGuJ/resumeSAML20/idp/SSO.ping Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://origin-glaxosmith2-preprod.plateau.com/ HTTP 302
- https://origin-glaxosmith2-preprod.plateau.com/
- https://origin-glaxosmith2-preprod.plateau.com/learning/user/login.jsp HTTP 302
- https://performancemanager.successfactors.eu/login?company=glaxosmithP2 HTTP 302
- https://performancemanager.successfactors.eu/saml2/Login?company=glaxosmithP2&RelayState=/login?company=glaxosmithP2&_s.crb=ERSJOYNMksa100Sv%252fTDb85GMoZZx2KckoYOcxj%252b%252fTss%253d
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
origin-glaxosmith2-preprod.plateau.com/ Redirect Chain
|
68 B 459 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Login
performancemanager.successfactors.eu/saml2/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XMLHttpRequest.js
performancemanager.successfactors.eu/ui/extlib/XMLHttpRequest_1.0.5_sf.18/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
perflog_6afbc835fd7bc8ec51a93324df511558.js
performancemanager.successfactors.eu/ui/perflog/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
SSO.ping
auth-qa.gsk.com/idp/fFGuJ/resumeSAML20/idp/ Redirect Chain
|
58 KB 58 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webcomponents-loader.js
auth-qa.gsk.com/modules/webcomponentsjs/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.js
auth-qa.gsk.com/modules/ |
171 KB 171 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gsk_logo.png
auth-qa.gsk.com/assets/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.es5.js
auth-qa.gsk.com/modules/ |
400 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
loginHelper.js
auth-qa.gsk.com/modules/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| WebComponents14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
origin-glaxosmith2-preprod.plateau.com/learning | Name: JSESSIONID Value: DAA0BFBAFDD4F46E1743AE3F09593B17 |
|
origin-glaxosmith2-preprod.plateau.com/ | Name: BIGipServerP_lms_sapsf_com_80 Value: !CPVnVRCEIcWH9Ft8v4KArBS8hpbV4RWHRjOR1fz/rUijPFSPk9+XYeODOuLumE+2LzcH8EbtKx2W3w== |
|
origin-glaxosmith2-preprod.plateau.com/ | Name: route Value: b980aa2eab941369a371c0191a420b993cd458a1 |
|
origin-glaxosmith2-preprod.plateau.com/ | Name: BIGipServerlms.plateau.com-learning-help-pqe Value: 228145418.20480.0000 |
|
performancemanager.successfactors.eu/ | Name: route Value: 321832ff1e97706f7357f4c56db3caffd2f035a3 |
|
performancemanager.successfactors.eu/ | Name: %2Flogin-markFromServer Value: true |
|
performancemanager.successfactors.eu/ | Name: bizxCompanyId Value: glaxosmithP2 |
|
performancemanager.successfactors.eu/ | Name: JSESSIONID Value: 539069193FB98DFAA87D7986B596A0A2.pc57bcf161 |
|
performancemanager.successfactors.eu/ | Name: BIGipServerhcm57.sapsf.com Value: 445135114.20480.0000 |
|
performancemanager.successfactors.eu/ | Name: oiosaml-fragment Value: |
|
.gsk.com/ | Name: PF-QA Value: rIqKS16ax6 |
|
federation-qa.gsk.com/ | Name: PAQA_S Value: AQF6 |
|
federation-qa.gsk.com/ | Name: BIGipServerGSK-US1-TST-Access-443 Value: 2520920984.47873.0000 |
|
.federation-qa.gsk.com/ | Name: TS019b9332 Value: 0161c29cd7e0515b0ca9dbf26916a16bd24cb519f034e57bd41be7f865ed0fdd509258834fc45c7e847f2c6b48351677db203c5c79 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth-qa.gsk.com
federation-qa.gsk.com
origin-glaxosmith2-preprod.plateau.com
performancemanager.successfactors.eu
152.51.24.120
23.35.149.72
35.204.26.114
96.6.29.169
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
2ee483c6c8ac0a1a070fa2a1af9ef0c46fca385b84ffad5a0abba2b48e226e02
3eb1f1fb295481e84935f372019628b5b51e66c5920ecbe0c7b5ac1d7e38274c
727e1938082548918813af813393f533471c1171a3daa49b3661d0ccd11a91ff
8554dda3f98a875e9763e16c61742990cad9fd143f28b8dcfb63d3b80fa81955
956ad29d3b1686237ef073fde1443667df275c218a25866b0e5b7d7f1c115002
e2aaec9826f489c85b078bbbec0efdb872fcbd16c74677111288bd7b02e807a9
fcd20aaae54934b6f19290bad74ef6f2b207556f42e85a0a2e582e53bfac932c