origin-auth-st2.test.tiaa.org
Open in
urlscan Pro
143.165.139.124
Public Scan
Effective URL: https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.a...
Submission: On November 30 via manual from US
Summary
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on June 12th 2019. Valid for: 2 years.
This is the only time origin-auth-st2.test.tiaa.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 3 | 143.165.139.180 143.165.139.180 | 2923 (AS-TIAA-NET) (AS-TIAA-NET) | |
9 | 143.165.139.124 143.165.139.124 | 2923 (AS-TIAA-NET) (AS-TIAA-NET) | |
9 | 1 |
ASN2923 (AS-TIAA-NET, US)
PTR: vip-cobmsdt01eb1lbe01-02-extranet-it1.test.tiaa-cref.org
extranet-it1.test.nuveen.com |
ASN2923 (AS-TIAA-NET, US)
PTR: vip-cobmsdt01eb1lbe01-02-origin-auth-st2.test.tiaa.org
origin-auth-st2.test.tiaa.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
tiaa.org
origin-auth-st2.test.tiaa.org |
100 KB |
3 |
nuveen.com
3 redirects
extranet-it1.test.nuveen.com |
3 KB |
9 | 2 |
Domain | Requested by | |
---|---|---|
9 | origin-auth-st2.test.tiaa.org |
origin-auth-st2.test.tiaa.org
|
3 | extranet-it1.test.nuveen.com | 3 redirects |
9 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
origin-accessit-ha.tiaa.org |
www.nuveen.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
origin-auth-st2.test.tiaa.org Sectigo RSA Extended Validation Secure Server CA |
2019-06-12 - 2021-06-11 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F
Frame ID: 52CBD17FA429CD60B85BDF03984EC767
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://extranet-it1.test.nuveen.com/
HTTP 302
https://extranet-it1.test.nuveen.com/_layouts/15/Authenticate.aspx?Source=%2F HTTP 302
https://extranet-it1.test.nuveen.com/_login/autosignin.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSour... HTTP 302
https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2... Page URL
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Reset Password
Search URL Search Domain Scan URL
Title: Forgot Password
Search URL Search Domain Scan URL
Title: About Nuveen
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms and Conditions
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://extranet-it1.test.nuveen.com/
HTTP 302
https://extranet-it1.test.nuveen.com/_layouts/15/Authenticate.aspx?Source=%2F HTTP 302
https://extranet-it1.test.nuveen.com/_login/autosignin.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
prp.wsf
origin-auth-st2.test.tiaa.org/idp/ Redirect Chain
|
10 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
federation.js
origin-auth-st2.test.tiaa.org/tiaacref/js/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GRELoginScreen_rev_01.jpg
origin-auth-st2.test.tiaa.org/tiaacref/images/ |
65 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GRELoginScreen_rev_04.jpg
origin-auth-st2.test.tiaa.org/tiaacref/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GRELoginScreen_rev_05.jpg
origin-auth-st2.test.tiaa.org/tiaacref/images/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GRELoginScreen_rev_06.jpg
origin-auth-st2.test.tiaa.org/tiaacref/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GRELoginScreen_rev_11.jpg
origin-auth-st2.test.tiaa.org/tiaacref/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GRELoginScreen_rev_20.jpg
origin-auth-st2.test.tiaa.org/tiaacref/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GRELoginScreen_rev_22.jpg
origin-auth-st2.test.tiaa.org/tiaacref/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| cookieDomain function| createCookie function| readCookie function| eraseCookie function| eraseSessionCookie function| checkForm function| resetCredFields function| submitFormOnEnterKey function| postOk function| postCancel function| postOnReturn function| setFocus number| year5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
origin-auth-st2.test.tiaa.org/ | Name: TS010984ce Value: 01041656a903041877005d608b36edaa6efbe5cf3b31085efa47a888a3a3e2481201b6e42a340455c7111e8c23ef49ac6aad1a19de40c8d75c717da198bc368cc0b3e9c66dfd112248c1c250c49822dca65f205a89ba60a6b7fde9c174f3b645f1776df35c974aa1ae6fecaf2961412b18c89f701f |
|
origin-auth-st2.test.tiaa.org/ | Name: tiaa_dc Value: cobmb |
|
origin-auth-st2.test.tiaa.org/ | Name: BIGipServerpool_origin-auth-st2_7700_dev-b Value: 436530954.5150.0000 |
|
origin-auth-st2.test.tiaa.org/ | Name: BIGipServerpublictools-st2_pool_9030_federation_dev-b Value: 3391155978.17955.0000 |
|
origin-auth-st2.test.tiaa.org/ | Name: PF Value: GCTNP3UXWc05bbbsK5vw7b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
extranet-it1.test.nuveen.com
origin-auth-st2.test.tiaa.org
143.165.139.124
143.165.139.180
38d8d04e0d4e20ac13c721fe0c28ffa977892b1f97f6b74bec2160da5e791082
3bf2b495a7fa3487b18dc453cb5ad8c597d42351d56a1deaab93ff3d36bcfc98
46240ae74eb3b81caa2dfc8580c9c03954387a9b06ca79a38243dca133ac60d8
500b228071abd28dfa547e327b7abb81af867ea6d5c7c3e76c2589cb7d15cd74
7cba72c271c66e1cfc72795a7965db4cd961b02b01f8d2527926e8b44d16652a
8f45633b83bbd9567cafa39efe83d6d026f0248416a7ca22be9fc23b2a97aab9
92267ff3896196d4baa61805abb981cfdef71bf0aacb79b02ac36aabd072d44e
9a70a75534dd4e71ed1f6898764ebb86585c7083f43771c52b339e3e0cce573c
e82d45e1e6f585e79cf231e3f2fc0e7f59a20673dee16ba944cceaf1e871da97