Submitted URL: https://jnj.csod.com/deeplink/LaunchTraining.aspx?launchLo=5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93
Effective URL: https://fedlogin.jnj.com/idp/SSO.saml2
Submission: On September 26 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 19 HTTP transactions. The main IP is 148.177.145.2, located in United States and belongs to VS-AS, IL. The main domain is fedlogin.jnj.com. The Cisco Umbrella rank of the primary domain is 375662.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on February 9th 2022. Valid for: a year.
This is the only time fedlogin.jnj.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 18.66.120.246 16509 (AMAZON-02)
5 148.177.145.2 198949 (VS-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 91.235.133.4 30286 (THM)
19 6
Apex Domain
Subdomains
Transfer
5 maxconnector.com
content.maxconnector.com — Cisco Umbrella Rank: 73239
87 KB
5 jnj.com
fedlogin.jnj.com — Cisco Umbrella Rank: 375662
237 KB
3 csod.com
jnj.csod.com — Cisco Umbrella Rank: 977327
5 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
43 KB
0 online-metrix.net Failed
h.online-metrix.net Failed
19 6
Domain Requested by
5 content.maxconnector.com fedlogin.jnj.com
content.maxconnector.com
5 fedlogin.jnj.com fedlogin.jnj.com
3 jnj.csod.com 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.googletagmanager.com fedlogin.jnj.com
0 h.online-metrix.net Failed content.maxconnector.com
19 6

This site contains links to these domains. Also see Links.

Domain
pmf.jnj.com
myapps.jnj.com
Subject Issuer Validity Valid
*.csod.com
DigiCert TLS RSA SHA256 2020 CA1
2022-05-16 -
2023-06-16
a year crt.sh
*.jnj.com
Sectigo RSA Organization Validation Secure Server CA
2022-02-09 -
2023-02-09
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh
content.maxconnector.com
Go Daddy Secure Certificate Authority - G2
2022-08-22 -
2023-08-02
a year crt.sh

This page contains 4 frames:

Primary Page: https://fedlogin.jnj.com/idp/SSO.saml2
Frame ID: 669608C4632DA0759824C312C7B699E7
Requests: 10 HTTP requests in this frame

Frame: https://content.maxconnector.com/fp/check.js;CIS3SID=FA10600AF8973BF9AD6B6ABB009B1E12?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77&jb=3539242468736f7735576966666777712e6a7b6f35576966666f75732732303332246a7162753f416a726f6f6d266a7b6035436a7a6f65652d3230393235
Frame ID: 4FF7FAAF7170845A25BF70BA47ABFB96
Requests: 7 HTTP requests in this frame

Frame: https://content.maxconnector.com/fp/ls_fp.html;CIS3SID=FA10600AF8973BF9AD6B6ABB009B1E12?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77
Frame ID: 9231A80017E79294C918D2AC3E575571
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=FA10600AF8973BF9AD6B6ABB009B1E12?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77
Frame ID: 455BA178EE0E91DE08F4AA62E84220EC
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

AnmeldungAnmeldung

Page URL History Show full URLs

  1. https://jnj.csod.com/deeplink/LaunchTraining.aspx?launchLo=5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93 HTTP 302
    https://jnj.csod.com/default.aspx?ReturnUrl=https%3a%2f%2fjnj.csod.com%2fdeeplink%2fLaunchTrainin... HTTP 302
    https://jnj.csod.com/samldefault.aspx?ReturnUrl=https%3a%2f%2fjnj.csod.com%2fdeeplink%2fLaunchTra... Page URL
  2. https://fedlogin.jnj.com/idp/SSO.saml2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

19
Requests

74 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

391 kB
Transfer

903 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://jnj.csod.com/deeplink/LaunchTraining.aspx?launchLo=5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93 HTTP 302
    https://jnj.csod.com/default.aspx?ReturnUrl=https%3a%2f%2fjnj.csod.com%2fdeeplink%2fLaunchTraining.aspx%3flaunchLo%3d5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93 HTTP 302
    https://jnj.csod.com/samldefault.aspx?ReturnUrl=https%3a%2f%2fjnj.csod.com%2fdeeplink%2fLaunchTraining.aspx%3flaunchLo%3d5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93 Page URL
  2. https://fedlogin.jnj.com/idp/SSO.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://jnj.csod.com/deeplink/LaunchTraining.aspx?launchLo=5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93 HTTP 302
  • https://jnj.csod.com/default.aspx?ReturnUrl=https%3a%2f%2fjnj.csod.com%2fdeeplink%2fLaunchTraining.aspx%3flaunchLo%3d5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93 HTTP 302
  • https://jnj.csod.com/samldefault.aspx?ReturnUrl=https%3a%2f%2fjnj.csod.com%2fdeeplink%2fLaunchTraining.aspx%3flaunchLo%3d5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
samldefault.aspx
jnj.csod.com/
Redirect Chain
  • https://jnj.csod.com/deeplink/LaunchTraining.aspx?launchLo=5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93
  • https://jnj.csod.com/default.aspx?ReturnUrl=https%3a%2f%2fjnj.csod.com%2fdeeplink%2fLaunchTraining.aspx%3flaunchLo%3d5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93
  • https://jnj.csod.com/samldefault.aspx?ReturnUrl=https%3a%2f%2fjnj.csod.com%2fdeeplink%2fLaunchTraining.aspx%3flaunchLo%3d5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93
3 KB
3 KB
Document
General
Full URL
https://jnj.csod.com/samldefault.aspx?ReturnUrl=https%3a%2f%2fjnj.csod.com%2fdeeplink%2fLaunchTraining.aspx%3flaunchLo%3d5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.120.246 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-120-246.fra60.r.cloudfront.net
Software
/
Resource Hash
85588f6441d91fd76479da20ba219d51358cf22f1332d65b24016bc47b28af58
Security Headers
Name Value
Strict-Transport-Security max-age=156768000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
correlation_id
71e7fae7-d132-4b39-ae77-76e6f4e474ce
date
Mon, 26 Sep 2022 13:09:28 GMT
expect-ct
enforce
expires
-1
p3p
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
permissions-policy
geolocation=()
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
pragma
no-cache
s-n
ECWT2007
server
strict-transport-security
max-age=156768000; includeSubDomains
true_route
/samldefault.aspx
true_status
Ok
vary
Accept-Encoding
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-amz-cf-id
du4LbK_mBP3McvrzevIfCfRF1Q9i3alZI7KNGSQ9LhCPsij4OGpp2w==
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-robots-tag
noindex

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
254
content-type
text/html; charset=utf-8
correlation_id
54712f31-383a-43b4-ba30-805dfa7c7710
date
Mon, 26 Sep 2022 13:09:28 GMT
expect-ct
enforce
expires
-1
location
/samldefault.aspx?ReturnUrl=https%3a%2f%2fjnj.csod.com%2fdeeplink%2fLaunchTraining.aspx%3flaunchLo%3d5e60f700-e10b-43aa-9fa4-bdaf0cfb5f93
p3p
CP="DSP NON CUR ADM HIS OTP OUR DEL NOR IND DEM UNI TAI STA NAV COM SAM PUR DEV PSA PSD"
permissions-policy
geolocation=()
pics-label
(pics-1.1 "http://www.icra.org/ratingsv02.html" comment "ICRAonline EN v2.0" l r (nz 1 vz 1 lz 1 oz 1 cz 1) "http://www.rsac.org/ratingsv01.html" l r (n 0 s 0 v 0 l 0))
pragma
no-cache
s-n
ECWT2003
server
strict-transport-security
max-age=156768000; includeSubDomains
true_route
/default.aspx
true_status
Ok
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-amz-cf-id
Ae7ymASp4xz1u7YNJXubwy3LYvt1-F3c_VkRPCgo0jHA0hQNPbnBxw==
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
Primary Request SSO.saml2
fedlogin.jnj.com/idp/
12 KB
13 KB
Document
General
Full URL
https://fedlogin.jnj.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.177.145.2 , United States, ASN198949 (VS-AS, IL),
Reverse DNS
prod-rp.eu.jnj.com
Software
/
Resource Hash
4b0f7893bf139888aff622b15b86ee6519c6b5ad8ee268444c1bacd86f6156e0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://jnj.csod.com
Referer
https://jnj.csod.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Content-Length
12729
Content-Type
text/html;charset=utf-8
Date
Mon, 26 Sep 2022 13:09:31 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
X-Frame-Options
SAMEORIGIN
main.css
fedlogin.jnj.com/assets/css/
170 KB
170 KB
Stylesheet
General
Full URL
https://fedlogin.jnj.com/assets/css/main.css
Requested by
Host: fedlogin.jnj.com
URL: https://fedlogin.jnj.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.177.145.2 , United States, ASN198949 (VS-AS, IL),
Reverse DNS
prod-rp.eu.jnj.com
Software
/
Resource Hash
1136be4ae28e3b11db6bfbe0065f25e9dc58880c044228f0746095e16b60927d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedlogin.jnj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 13:09:31 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 17 Dec 2021 13:09:21 GMT
Content-Length
173796
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
id_dataweb_device_profiling.js
fedlogin.jnj.com/assets/scripts/
2 KB
2 KB
Script
General
Full URL
https://fedlogin.jnj.com/assets/scripts/id_dataweb_device_profiling.js
Requested by
Host: fedlogin.jnj.com
URL: https://fedlogin.jnj.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.177.145.2 , United States, ASN198949 (VS-AS, IL),
Reverse DNS
prod-rp.eu.jnj.com
Software
/
Resource Hash
31f05ef9419f63d290036d22c76593187c71bf8fc79f0045f33d290b9791d77e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedlogin.jnj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 13:09:31 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Fri, 03 Dec 2021 10:03:32 GMT
Content-Length
1689
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
jnjlogo.png
fedlogin.jnj.com/assets/images/
31 KB
31 KB
Image
General
Full URL
https://fedlogin.jnj.com/assets/images/jnjlogo.png
Requested by
Host: fedlogin.jnj.com
URL: https://fedlogin.jnj.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.177.145.2 , United States, ASN198949 (VS-AS, IL),
Reverse DNS
prod-rp.eu.jnj.com
Software
/
Resource Hash
f869a2c4035d416fabf273df74599c49c7cd05ff9daa90580b3444cb8df417fb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedlogin.jnj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 13:09:32 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Thu, 26 Aug 2021 12:37:56 GMT
Content-Length
31570
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
gtm.js
www.googletagmanager.com/
111 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WVLBMFN
Requested by
Host: fedlogin.jnj.com
URL: https://fedlogin.jnj.com/idp/SSO.saml2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c89e07a0867fb8461e9d29c5ee119612ef34baabc50aa2f2740d0c16e9712a71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedlogin.jnj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 13:09:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43813
x-xss-protection
0
last-modified
Mon, 26 Sep 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Sep 2022 13:09:32 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WVLBMFN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedlogin.jnj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 11 Sep 2022 13:50:09 GMT
server
Golfe2
age
2520
date
Mon, 26 Sep 2022 12:27:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19826
expires
Mon, 26 Sep 2022 14:27:32 GMT
collect
www.google-analytics.com/j/
1 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j97&a=749280234&t=pageview&_s=1&dl=https%3A%2F%2Ffedlogin.jnj.com%2Fidp%2FSSO.saml2&dr=https%3A%2F%2Fjnj.csod.com%2F&ul=en-us&de=UTF-8&dt=Anmeldung&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2117307056&gjid=1339320378&cid=1562634909.1664197773&tid=UA-134131045-1&_gid=78813731.1664197773&_r=1&gtm=2wg9l0WVLBMFN&z=581025492
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fedlogin.jnj.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Sep 2022 13:09:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fedlogin.jnj.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
tags.js
content.maxconnector.com/fp/
91 KB
12 KB
Script
General
Full URL
https://content.maxconnector.com/fp/tags.js?org_id=716kkpe1&api_key=bvrbl1ev61nw7zq7&pageid=verify&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f
Requested by
Host: fedlogin.jnj.com
URL: https://fedlogin.jnj.com/assets/scripts/id_dataweb_device_profiling.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.4 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
4d34a5f3ad52b37ab0b27a951a439fee3138e692c433a36877798a64fe07e03c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedlogin.jnj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 13:09:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
P3P
CP=IVAa PSAa
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive, Keep-Alive
Content-Type
text/javascript;charset=UTF-8
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
iconfont.ttf
fedlogin.jnj.com/assets/fonts/icons/
21 KB
21 KB
Font
General
Full URL
https://fedlogin.jnj.com/assets/fonts/icons/iconfont.ttf?-sa9xtz
Requested by
Host: fedlogin.jnj.com
URL: https://fedlogin.jnj.com/assets/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.177.145.2 , United States, ASN198949 (VS-AS, IL),
Reverse DNS
prod-rp.eu.jnj.com
Software
/
Resource Hash
2a1e9b5a465c6914ab07ee92191bf992e08da45173602d4be6afde2915fcf235
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://fedlogin.jnj.com/
Origin
https://fedlogin.jnj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 26 Sep 2022 13:09:33 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Thu, 02 Dec 2021 10:09:56 GMT
Content-Length
21676
X-Frame-Options
SAMEORIGIN
check.js;CIS3SID=FA10600AF8973BF9AD6B6ABB009B1E12
content.maxconnector.com/fp/ Frame 4FF7
413 KB
74 KB
Script
General
Full URL
https://content.maxconnector.com/fp/check.js;CIS3SID=FA10600AF8973BF9AD6B6ABB009B1E12?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77&jb=3539242468736f7735576966666777712e6a7b6f35576966666f75732732303332246a7162753f416a726f6f6d266a7b6035436a7a6f65652d3230393235
Requested by
Host: content.maxconnector.com
URL: https://content.maxconnector.com/fp/tags.js?org_id=716kkpe1&api_key=bvrbl1ev61nw7zq7&pageid=verify&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.4 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedlogin.jnj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 13:09:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
tmx-nonce
24425908c7762a77
Connection
Keep-Alive, Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
content.maxconnector.com/fp/ Frame 4FF7
81 B
475 B
Image
General
Full URL
https://content.maxconnector.com/fp/clear.png?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77&ck=0&m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.4 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedlogin.jnj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 13:09:34 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
content.maxconnector.com/fp/ Frame 4FF7
81 B
475 B
Image
General
Full URL
https://content.maxconnector.com/fp/clear.png?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77&ck=0&m=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.4 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fedlogin.jnj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Sep 2022 13:09:34 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
content.maxconnector.com/fp/ Frame 4FF7
0
0

clear.png
h.online-metrix.net/fp/ Frame 4FF7
0
0

ls_fp.html;CIS3SID=FA10600AF8973BF9AD6B6ABB009B1E12
content.maxconnector.com/fp/ Frame 9231
0
0
Document
General
Full URL
https://content.maxconnector.com/fp/ls_fp.html;CIS3SID=FA10600AF8973BF9AD6B6ABB009B1E12?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77
Requested by
Host: content.maxconnector.com
URL: https://content.maxconnector.com/fp/check.js;CIS3SID=FA10600AF8973BF9AD6B6ABB009B1E12?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77&jb=3539242468736f7735576966666777712e6a7b6f35576966666f75732732303332246a7162753f416a726f6f6d266a7b6035436a7a6f65652d3230393235
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.4 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fedlogin.jnj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Mon, 26 Sep 2022 13:09:34 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=98
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
clear.png
content.maxconnector.com/fp/ Frame 4FF7
0
0

es.js
content.maxconnector.com/fp/ Frame 4FF7
0
0

sid_fp.html;CIS3SID=FA10600AF8973BF9AD6B6ABB009B1E12
h.online-metrix.net/fp/ Frame 455B
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
content.maxconnector.com
URL
https://content.maxconnector.com/fp/clear.png
Domain
h.online-metrix.net
URL
https://h.online-metrix.net/fp/clear.png?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77&gttl=155520000
Domain
content.maxconnector.com
URL
https://content.maxconnector.com/fp/clear.png?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77&jb=3336246e71613d643961653c3269613731656d346e31346936303531356639676330366430663b
Domain
content.maxconnector.com
URL
https://content.maxconnector.com/fp/es.js?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77&cb=td_0b
Domain
h.online-metrix.net
URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=FA10600AF8973BF9AD6B6ABB009B1E12?org_id=716kkpe1&session_id=51f2bddc-d593-4790-a8a4-742d70027c1f&nonce=24425908c7762a77

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| setCookie function| getCookie function| eraseCookie string| uuid string| cookieName string| deviceProfilingScriptUrl object| deviceProfilingScript function| postForgotPassword function| postRecoverUsername function| postAlternateAuthnSystem function| postRegistration function| postOk function| submitForm function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width boolean| remember object| checkbox object| td_5i boolean| tmx_profiling_started number| td_i number| td_L number| td_s number| td_Z number| td_g object| td_1B function| td_m function| td_T function| td_C function| td_R function| td_1Y function| td_2x function| td_l function| td_p function| td_N function| td_y function| td_4T function| td_2X function| td_0T function| td_1e function| td_G function| td_w function| td_3n function| td_v function| td_0Q function| tmx_post_session_params_fixed function| tmx_run_page_fingerprinting

8 Cookies

Domain/Path Name / Value
jnj.csod.com/ Name: ASP.NET_SessionId
Value: ru1t4mwhayagwfph1psv51gp
fedlogin.jnj.com/ Name: PF
Value: GKyNRebFG3t6LGAuPlmCsz
.jnj.com/ Name: _ga
Value: GA1.2.1562634909.1664197773
.jnj.com/ Name: _gid
Value: GA1.2.78813731.1664197773
.jnj.com/ Name: _gat_UA-134131045-1
Value: 1
fedlogin.jnj.com/ Name: idDataWebUuid
Value: 51f2bddc-d593-4790-a8a4-742d70027c1f
content.maxconnector.com/ Name: thx_guid
Value: bad58015dc413c21ee05fd8bd98fcc62
content.maxconnector.com/ Name: tmx_guid
Value: AAwkvd0YojGKrW9ig6-9BUwGlYq_j1JSSkKZdTD1bRtyrHuCLlOcEsfFWwIoTZohjE2zRuytvP3z9ep9nKZyeB0o6tm_fg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=156768000; includeSubDomains
X-Content-Type-Options nosniff