origin-auth-st2.test.tiaa.org Open in urlscan Pro
143.165.139.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://extranet-it1.test.nuveen.com/
Effective URL:
https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.a...
Submission: On November 30 via manual (November 30th 2020, 5:49:00 pm UTC) from US

Summary HTTP 9 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 143.165.139.124, located in United States and belongs to AS-TIAA-NET, US. The main domain is origin-auth-st2.test.tiaa.org.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on June 12th 2019. Valid for: 2 years.

This is the only time origin-auth-st2.test.tiaa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	143.165.139.180 143.165.139.180	2923 (AS-TIAA-NET) (AS-TIAA-NET)
9	143.165.139.124 143.165.139.124	2923 (AS-TIAA-NET) (AS-TIAA-NET)
9	1

3 143.165.139.180 (United States) 3 redirects

ASN2923 (AS-TIAA-NET, US)
PTR: vip-cobmsdt01eb1lbe01-02-extranet-it1.test.tiaa-cref.org

extranet-it1.test.nuveen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.165.139.124 (United States)

ASN2923 (AS-TIAA-NET, US)
PTR: vip-cobmsdt01eb1lbe01-02-origin-auth-st2.test.tiaa.org

origin-auth-st2.test.tiaa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	tiaa.org origin-auth-st2.test.tiaa.org	100 KB
3	nuveen.com 3 redirects extranet-it1.test.nuveen.com	3 KB
9	2

	Domain	Requested by
9	origin-auth-st2.test.tiaa.org	origin-auth-st2.test.tiaa.org
3	extranet-it1.test.nuveen.com	3 redirects
9	2

This site contains links to these domains. Also see Links.

Domain
origin-accessit-ha.tiaa.org
www.nuveen.com

Subject Issuer	Validity	Valid
origin-auth-st2.test.tiaa.org Sectigo RSA Extended Validation Secure Server CA	`2019-06-12` - `2021-06-11`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F
Frame ID: 52CBD17FA429CD60B85BDF03984EC767
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://extranet-it1.test.nuveen.com/ HTTP 302
https://extranet-it1.test.nuveen.com/_layouts/15/Authenticate.aspx?Source=%2F HTTP 302
https://extranet-it1.test.nuveen.com/_login/autosignin.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSour... HTTP 302
https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2... Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

100 kB
Transfer

94 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://origin-accessit-ha.tiaa.org/myaccess/
Title: Reset Password

Search URL Search Domain Scan URL

URL: https://origin-accessit-ha.tiaa.org/myaccess/ui/external/desktopResetUsername.jsf
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://www.nuveen.com/about-nuveen
Title: About Nuveen

Search URL Search Domain Scan URL

URL: https://www.nuveen.com/Privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.nuveen.com/terms
Title: Terms and Conditions

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://extranet-it1.test.nuveen.com/ HTTP 302
https://extranet-it1.test.nuveen.com/_layouts/15/Authenticate.aspx?Source=%2F HTTP 302
https://extranet-it1.test.nuveen.com/_login/autosignin.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F HTTP 302
https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set prp.wsf Show response origin-auth-st2.test.tiaa.org/idp/ Redirect Chain https://extranet-it1.test.nuveen.com/ https://extranet-it1.test.nuveen.com/_layouts/15/Authenticate.aspx?Source=%2F https://extranet-it1.test.nuveen.com/_login/autosignin.aspx?ReturnUrl=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F	10 KB 11 KB	1603ms 352ms	Document text/html	143.165.139.124 AS-TIAA-NET
General Check archive.org Show headers Download Go to Full URL https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.165.139.124 , United States, ASN2923 (AS-TIAA-NET, US), Reverse DNS vip-cobmsdt01eb1lbe01-02-origin-auth-st2.test.tiaa.org Software / Resource Hash `9a70a75534dd4e71ed1f6898764ebb86585c7083f43771c52b339e3e0cce573c` Request headers Host origin-auth-st2.test.tiaa.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 30 Nov 2020 17:48:43 GMT Referrer-Policy origin Cache-Control no-cache, no-store Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT Content-Type text/html;charset=utf-8 Content-Length 10453 Set-Cookie PF=GCTNP3UXWc05bbbsK5vw7b;Path=/;Secure;HttpOnly;SameSite=None BIGipServerpublictools-st2_pool_9030_federation_dev-b=3391155978.17955.0000; path=/; Httponly BIGipServerpool_origin-auth-st2_7700_dev-b=436530954.5150.0000; path=/; Httponly; Secure tiaa_dc=cobmb;Path=/;Expires=Mon, 30-Nov-2020 18:08:43 GMT TS010984ce=01041656a903041877005d608b36edaa6efbe5cf3b31085efa47a888a3a3e2481201b6e42a340455c7111e8c23ef49ac6aad1a19de40c8d75c717da198bc368cc0b3e9c66dfd112248c1c250c49822dca65f205a89ba60a6b7fde9c174f3b645f1776df35c974aa1ae6fecaf2961412b18c89f701f; Path=/; Secure; HTTPOnly Keep-Alive timeout=5, max=99 Connection Keep-Alive Redirect headers Date Mon, 30 Nov 2020 17:48:41 GMT Cache-Control private Content-Type text/html; charset=utf-8 Location https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F X-SharePointHealthScore 0 SPRequestGuid 23c7929f-c45f-d00b-7d8a-3b32bc9b0d08 request-id 23c7929f-c45f-d00b-7d8a-3b32bc9b0d08 Strict-Transport-Security max-age=31536000 max-age=31536000 X-FRAME-OPTIONS SAMEORIGIN SPRequestDuration 3 SPIisLatency 2 MicrosoftSharePointTeamServices 16.0.0.5071 X-Content-Type-Options nosniff X-MS-InvokeApp 1; RequireReadOnly Content-Length 695 Keep-Alive timeout=5, max=98 Connection Keep-Alive Set-Cookie tiaa_dc=cobmb;Path=/;Expires=Mon, 30-Nov-2020 18:08:42 GMT TS017702a5=01041656a9345a0b400a5f2091fd96f30370f812c737e384c9915ecad4e3a719b5a881e3f5af3dc69d0cc3ec74ae6dfbcc1c3206bf9ee7c580bda21d5c54a3ffc15d3efea6cd0e9af05d24abc74ec10a48d1ba973ac9015483e79407e2d004c266a39ba230; Path=/; Secure; HTTPOnly
GET H/1.1	200 OK	federation.js Show response origin-auth-st2.test.tiaa.org/tiaacref/js/	3 KB 3 KB	184ms 184ms	Script application/javascript	143.165.139.124 AS-TIAA-NET
General Check archive.org Show headers Download Go to Full URL https://origin-auth-st2.test.tiaa.org/tiaacref/js/federation.js Requested by Host: origin-auth-st2.test.tiaa.org URL: https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.165.139.124 , United States, ASN2923 (AS-TIAA-NET, US), Reverse DNS vip-cobmsdt01eb1lbe01-02-origin-auth-st2.test.tiaa.org Software / Resource Hash `e82d45e1e6f585e79cf231e3f2fc0e7f59a20673dee16ba944cceaf1e871da97` Request headers Referer https://origin-auth-st2.test.tiaa.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 30 Nov 2020 17:48:44 GMT Last-Modified Tue, 07 Jan 2020 18:43:36 GMT ETag W/"JSh9mIT5RBAJSh89AWo8Ug" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2712
GET H/1.1	200 OK	GRELoginScreen_rev_01.jpg origin-auth-st2.test.tiaa.org/tiaacref/images/	65 KB 66 KB	365ms 365ms	Image image/jpeg	143.165.139.124 AS-TIAA-NET
General Check archive.org Show headers Download Go to Show image Full URL https://origin-auth-st2.test.tiaa.org/tiaacref/images/GRELoginScreen_rev_01.jpg Requested by Host: origin-auth-st2.test.tiaa.org URL: https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.165.139.124 , United States, ASN2923 (AS-TIAA-NET, US), Reverse DNS vip-cobmsdt01eb1lbe01-02-origin-auth-st2.test.tiaa.org Software / Resource Hash `8f45633b83bbd9567cafa39efe83d6d026f0248416a7ca22be9fc23b2a97aab9` Request headers Referer https://origin-auth-st2.test.tiaa.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 30 Nov 2020 17:48:44 GMT Last-Modified Wed, 22 Jul 2020 18:28:24 GMT ETag W/"//rcuBD+nN8//rdyGc3OYU" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 66586
GET H/1.1	200 OK	GRELoginScreen_rev_04.jpg origin-auth-st2.test.tiaa.org/tiaacref/images/	1 KB 2 KB	177ms 177ms	Image image/jpeg	143.165.139.124 AS-TIAA-NET
General Check archive.org Show headers Download Go to Show image Full URL https://origin-auth-st2.test.tiaa.org/tiaacref/images/GRELoginScreen_rev_04.jpg Requested by Host: origin-auth-st2.test.tiaa.org URL: https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.165.139.124 , United States, ASN2923 (AS-TIAA-NET, US), Reverse DNS vip-cobmsdt01eb1lbe01-02-origin-auth-st2.test.tiaa.org Software / Resource Hash `46240ae74eb3b81caa2dfc8580c9c03954387a9b06ca79a38243dca133ac60d8` Request headers Referer https://origin-auth-st2.test.tiaa.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 30 Nov 2020 17:48:44 GMT Last-Modified Tue, 07 Jan 2020 18:43:36 GMT ETag W/"//rcpOYxO+I//rdyGdggVg" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 1402
GET H/1.1	200 OK	GRELoginScreen_rev_05.jpg origin-auth-st2.test.tiaa.org/tiaacref/images/	6 KB 7 KB	667ms 328ms	Image image/jpeg	143.165.139.124 AS-TIAA-NET
General Check archive.org Show headers Download Go to Show image Full URL https://origin-auth-st2.test.tiaa.org/tiaacref/images/GRELoginScreen_rev_05.jpg Requested by Host: origin-auth-st2.test.tiaa.org URL: https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.165.139.124 , United States, ASN2923 (AS-TIAA-NET, US), Reverse DNS vip-cobmsdt01eb1lbe01-02-origin-auth-st2.test.tiaa.org Software / Resource Hash `38d8d04e0d4e20ac13c721fe0c28ffa977892b1f97f6b74bec2160da5e791082` Request headers Referer https://origin-auth-st2.test.tiaa.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 30 Nov 2020 17:48:44 GMT Last-Modified Tue, 07 Jan 2020 18:43:36 GMT ETag W/"//rcpOY/JGM//rdyGdugyA" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6275
GET H/1.1	200 OK	GRELoginScreen_rev_06.jpg origin-auth-st2.test.tiaa.org/tiaacref/images/	2 KB 2 KB	530ms 176ms	Image image/jpeg	143.165.139.124 AS-TIAA-NET
General Check archive.org Show headers Download Go to Show image Full URL https://origin-auth-st2.test.tiaa.org/tiaacref/images/GRELoginScreen_rev_06.jpg Requested by Host: origin-auth-st2.test.tiaa.org URL: https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.165.139.124 , United States, ASN2923 (AS-TIAA-NET, US), Reverse DNS vip-cobmsdt01eb1lbe01-02-origin-auth-st2.test.tiaa.org Software / Resource Hash `7cba72c271c66e1cfc72795a7965db4cd961b02b01f8d2527926e8b44d16652a` Request headers Referer https://origin-auth-st2.test.tiaa.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 30 Nov 2020 17:48:44 GMT Last-Modified Tue, 07 Jan 2020 18:43:36 GMT ETag W/"//rcpOYtDOQ//rdyGd8tDw" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 1816
GET H/1.1	200 OK	GRELoginScreen_rev_11.jpg origin-auth-st2.test.tiaa.org/tiaacref/images/	4 KB 4 KB	547ms 188ms	Image image/jpeg	143.165.139.124 AS-TIAA-NET
General Check archive.org Show headers Download Go to Show image Full URL https://origin-auth-st2.test.tiaa.org/tiaacref/images/GRELoginScreen_rev_11.jpg Requested by Host: origin-auth-st2.test.tiaa.org URL: https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.165.139.124 , United States, ASN2923 (AS-TIAA-NET, US), Reverse DNS vip-cobmsdt01eb1lbe01-02-origin-auth-st2.test.tiaa.org Software / Resource Hash `3bf2b495a7fa3487b18dc453cb5ad8c597d42351d56a1deaab93ff3d36bcfc98` Request headers Referer https://origin-auth-st2.test.tiaa.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 30 Nov 2020 17:48:44 GMT Last-Modified Tue, 07 Jan 2020 18:43:36 GMT ETag W/"//rcpOm6qf4//rdyGjrGNU" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 3819
GET H/1.1	200 OK	GRELoginScreen_rev_20.jpg origin-auth-st2.test.tiaa.org/tiaacref/images/	2 KB 2 KB	546ms 188ms	Image image/jpeg	143.165.139.124 AS-TIAA-NET
General Check archive.org Show headers Download Go to Show image Full URL https://origin-auth-st2.test.tiaa.org/tiaacref/images/GRELoginScreen_rev_20.jpg Requested by Host: origin-auth-st2.test.tiaa.org URL: https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.165.139.124 , United States, ASN2923 (AS-TIAA-NET, US), Reverse DNS vip-cobmsdt01eb1lbe01-02-origin-auth-st2.test.tiaa.org Software / Resource Hash `500b228071abd28dfa547e327b7abb81af867ea6d5c7c3e76c2589cb7d15cd74` Request headers Referer https://origin-auth-st2.test.tiaa.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 30 Nov 2020 17:48:44 GMT Last-Modified Tue, 07 Jan 2020 18:43:36 GMT ETag W/"//rcpOvAaJw//rdyGqR0GU" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1849
GET H/1.1	200 OK	GRELoginScreen_rev_22.jpg origin-auth-st2.test.tiaa.org/tiaacref/images/	1 KB 2 KB	338ms 178ms	Image image/jpeg	143.165.139.124 AS-TIAA-NET
General Check archive.org Show headers Download Go to Show image Full URL https://origin-auth-st2.test.tiaa.org/tiaacref/images/GRELoginScreen_rev_22.jpg Requested by Host: origin-auth-st2.test.tiaa.org URL: https://origin-auth-st2.test.tiaa.org/idp/prp.wsf?wa=wsignin1.0&wtrealm=urn:SHAREPOINT2013:Ping&wctx=%2f_layouts%2f15%2fAuthenticate.aspx%3fSource%3d%252F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.165.139.124 , United States, ASN2923 (AS-TIAA-NET, US), Reverse DNS vip-cobmsdt01eb1lbe01-02-origin-auth-st2.test.tiaa.org Software / Resource Hash `92267ff3896196d4baa61805abb981cfdef71bf0aacb79b02ac36aabd072d44e` Request headers Referer https://origin-auth-st2.test.tiaa.org/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 30 Nov 2020 17:48:44 GMT Last-Modified Tue, 07 Jan 2020 18:43:36 GMT ETag W/"//rcpOv/uZ4//rdyGquA6w" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1522

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
origin-auth-st2.test.tiaa.org/	1969-12-31 23:59:59	Name: TS010984ce Value: 01041656a903041877005d608b36edaa6efbe5cf3b31085efa47a888a3a3e2481201b6e42a340455c7111e8c23ef49ac6aad1a19de40c8d75c717da198bc368cc0b3e9c66dfd112248c1c250c49822dca65f205a89ba60a6b7fde9c174f3b645f1776df35c974aa1ae6fecaf2961412b18c89f701f
origin-auth-st2.test.tiaa.org/	1970-01-19 14:19:19	Name: tiaa_dc Value: cobmb
origin-auth-st2.test.tiaa.org/	1969-12-31 23:59:59	Name: BIGipServerpool_origin-auth-st2_7700_dev-b Value: 436530954.5150.0000
origin-auth-st2.test.tiaa.org/	1969-12-31 23:59:59	Name: BIGipServerpublictools-st2_pool_9030_federation_dev-b Value: 3391155978.17955.0000
origin-auth-st2.test.tiaa.org/	1969-12-31 23:59:59	Name: PF Value: GCTNP3UXWc05bbbsK5vw7b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

extranet-it1.test.nuveen.com
origin-auth-st2.test.tiaa.org
143.165.139.124
143.165.139.180
38d8d04e0d4e20ac13c721fe0c28ffa977892b1f97f6b74bec2160da5e791082
3bf2b495a7fa3487b18dc453cb5ad8c597d42351d56a1deaab93ff3d36bcfc98
46240ae74eb3b81caa2dfc8580c9c03954387a9b06ca79a38243dca133ac60d8
500b228071abd28dfa547e327b7abb81af867ea6d5c7c3e76c2589cb7d15cd74
7cba72c271c66e1cfc72795a7965db4cd961b02b01f8d2527926e8b44d16652a
8f45633b83bbd9567cafa39efe83d6d026f0248416a7ca22be9fc23b2a97aab9
92267ff3896196d4baa61805abb981cfdef71bf0aacb79b02ac36aabd072d44e
9a70a75534dd4e71ed1f6898764ebb86585c7083f43771c52b339e3e0cce573c
e82d45e1e6f585e79cf231e3f2fc0e7f59a20673dee16ba944cceaf1e871da97

origin-auth-st2.test.tiaa.org Open in urlscan Pro 143.165.139.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

100 kBTransfer

94 kBSize

5 Cookies

5 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

5 Cookies

Indicators

origin-auth-st2.test.tiaa.org Open in urlscan Pro
143.165.139.124 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

100 kB
Transfer

94 kB
Size

5
Cookies

9 HTTP transactions
0 data transactions