nihfsauth.nih.gov
Open in
urlscan Pro
156.40.55.21
Public Scan
Effective URL: https://nihfsauth.nih.gov/adfs/ls/?client-request-id=1e3ec29f-1ff7-485d-a97f-f4319fa8709b&wctx=estsredirect%3D2%26estsrequ...
Submission Tags: insec_govpress_testing wordpress Search All
Submission: On October 14 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 30th 2020. Valid for: a year.
This is the only time nihfsauth.nih.gov was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2603:1026:207... 2603:1026:207:131::8 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 2603:1026:206... 2603:1026:206:3::2 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 20.190.129.17 20.190.129.17 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 2 | 128.231.125.178 128.231.125.178 | 3527 (NIH-NET) (NIH-NET) | |
4 | 156.40.55.21 156.40.55.21 | 3527 (NIH-NET) (NIH-NET) | |
5 | 2 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
autodiscover.dctod.nci.nih.gov |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
outlook.office365.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
login.microsoftonline.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
nih.gov
2 redirects
autodiscover.dctod.nci.nih.gov sentry-iam.cit.nih.gov nihfsauth.nih.gov |
88 KB |
1 |
microsoftonline.com
1 redirects
login.microsoftonline.com |
2 KB |
1 |
office365.com
1 redirects
outlook.office365.com |
6 KB |
5 | 3 |
Domain | Requested by | |
---|---|---|
4 | nihfsauth.nih.gov |
nihfsauth.nih.gov
|
2 | sentry-iam.cit.nih.gov | 1 redirects |
1 | login.microsoftonline.com | 1 redirects |
1 | outlook.office365.com | 1 redirects |
1 | autodiscover.dctod.nci.nih.gov | 1 redirects |
5 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
itservicedesk.nih.gov |
www.nih.gov |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sentry-iam.cit.nih.gov Entrust Certification Authority - L1K |
2020-09-24 - 2021-10-18 |
a year | crt.sh |
nihfsauth.nih.gov DigiCert SHA2 Secure Server CA |
2020-03-30 - 2021-04-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://nihfsauth.nih.gov/adfs/ls/?client-request-id=1e3ec29f-1ff7-485d-a97f-f4319fa8709b&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2RvY_SYADGeSlUwC80Dg5GycXJ2NL3belXogmfAnJ83HlHMTHk-tLSerRvpQUOFtcbiZM5h0uclNHJ3GQcLzFhvr_AOBk10VGIi-M9efLLM_-eexRkoXqX-xfErMlwpgkZbKzXfxleTySPPz-8_fvOs_L7l7_g8TvvzRG41sMB6bEutlnXttg-GS_AhhUEnq-m02QUDAjZZ4lp2tjgxQyLiZMmk730RwCWACzCkshLvMxzkiIjkReVDFJYUTehIOgKo3AKZgSJUxidNzJMRpFF08wooiGhs_DVRnYUWGgNMrRnxo9w3CRDp-sRPziiXoFCJ6gV_Eq_lM3lJKbSsN2ZIUy5vZlc1bb11r6OteEUVZ1NPJgcBBbE3mBSxzutQs4bl6o1rVPJ42rfOeBfoHq1aG0Vrc6u3bYfFwVBhg1SyTuE0aQyp8G-YUzc8SwzfIL0Jt7x6rohD9yyZGzBbr7nbyHvuVTrZlsL6lyeP1D0ypJD3FOKJp7h2r1lBHyLXOKiaiyWSF65GU2F_kTA2-jqj1uLlCL9nBdeu9IX-v5h6DSa3s5N7RLSWrsyaY8eeUHTR87Ia7vYmwqyLzeIKdTd7GYlreEHkgrnNJjT9Akdj1HJ0AaVb8KvNPhOg8MLoZP4OY48S9xAHOIYuKqQQlDleZUTni4vgk-XQ38B0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp
Frame ID: A174FA27C827497A1B69F344435CA54C
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://autodiscover.dctod.nci.nih.gov/
HTTP 301
https://outlook.office365.com/owa/?realm=dctod.nci.nih.gov&vd=autodiscover HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redir... HTTP 302
https://sentry-iam.cit.nih.gov/MobileIron/acc/99c72e41-4257-442c-816d-d41f10f05bda/idp?client-request-id=1e... Page URL
-
https://sentry-iam.cit.nih.gov/MobileIron/acc/99c72e41-4257-442c-816d-d41f10f05bda/idp?client-request-id=1e...
HTTP 302
https://nihfsauth.nih.gov/adfs/ls/?client-request-id=1e3ec29f-1ff7-485d-a97f-f4319fa8709b&wctx=estsred... Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: HERE
Search URL Search Domain Scan URL
Title: www.nih.gov
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://autodiscover.dctod.nci.nih.gov/
HTTP 301
https://outlook.office365.com/owa/?realm=dctod.nci.nih.gov&vd=autodiscover HTTP 302
https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=1e3ec29f-1ff7-485d-a97f-f4319fa8709b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dctod.nci.nih.gov&nonce=637383079826369529.6bf144b9-909c-4709-b3e5-5986ff596e72&state=DYtLDsIgFABB7-IOinze4y0az8JXSbQkbcXry2JmMclwxth1cplwNcUQDBpvFJLXYICcJgmx3q2NJEhREhYViWiKE4481OoICmo-X7H0X1geewnvz5rT2bPcUpNbe8lnH7eR1_CdsR2pj7L_AQ HTTP 302
https://sentry-iam.cit.nih.gov/MobileIron/acc/99c72e41-4257-442c-816d-d41f10f05bda/idp?client-request-id=1e3ec29f-1ff7-485d-a97f-f4319fa8709b&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAY2RvY_SYADGeSlUwC80Dg5GycXJ2NL3belXogmfAnJ83HlHMTHk-tLSerRvpQUOFtcbiZM5h0uclNHJ3GQcLzFhvr_AOBk10VGIi-M9efLLM_-eexRkoXqX-xfErMlwpgkZbKzXfxleTySPPz-8_fvOs_L7l7_g8TvvzRG41sMB6bEutlnXttg-GS_AhhUEnq-m02QUDAjZZ4lp2tjgxQyLiZMmk730RwCWACzCkshLvMxzkiIjkReVDFJYUTehIOgKo3AKZgSJUxidNzJMRpFF08wooiGhs_DVRnYUWGgNMrRnxo9w3CRDp-sRPziiXoFCJ6gV_Eq_lM3lJKbSsN2ZIUy5vZlc1bb11r6OteEUVZ1NPJgcBBbE3mBSxzutQs4bl6o1rVPJ42rfOeBfoHq1aG0Vrc6u3bYfFwVBhg1SyTuE0aQyp8G-YUzc8SwzfIL0Jt7x6rohD9yyZGzBbr7nbyHvuVTrZlsL6lyeP1D0ypJD3FOKJp7h2r1lBHyLXOKiaiyWSF65GU2F_kTA2-jqj1uLlCL9nBdeu9IX-v5h6DSa3s5N7RLSWrsyaY8eeUHTR87Ia7vYmwqyLzeIKdTd7GYlreEHkgrnNJjT9Akdj1HJ0AaVb8KvNPhOg8MLoZP4OY48S9xAHOIYuKqQQlDleZUTni4vgk-XQ38B0 Page URL
-
https://sentry-iam.cit.nih.gov/MobileIron/acc/99c72e41-4257-442c-816d-d41f10f05bda/idp?client-request-id=1e3ec29f-1ff7-485d-a97f-f4319fa8709b&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2RvY_SYADGeSlUwC80Dg5GycXJ2NL3belXogmfAnJ83HlHMTHk-tLSerRvpQUOFtcbiZM5h0uclNHJ3GQcLzFhvr_AOBk10VGIi-M9efLLM_-eexRkoXqX-xfErMlwpgkZbKzXfxleTySPPz-8_fvOs_L7l7_g8TvvzRG41sMB6bEutlnXttg-GS_AhhUEnq-m02QUDAjZZ4lp2tjgxQyLiZMmk730RwCWACzCkshLvMxzkiIjkReVDFJYUTehIOgKo3AKZgSJUxidNzJMRpFF08wooiGhs_DVRnYUWGgNMrRnxo9w3CRDp-sRPziiXoFCJ6gV_Eq_lM3lJKbSsN2ZIUy5vZlc1bb11r6OteEUVZ1NPJgcBBbE3mBSxzutQs4bl6o1rVPJ42rfOeBfoHq1aG0Vrc6u3bYfFwVBhg1SyTuE0aQyp8G-YUzc8SwzfIL0Jt7x6rohD9yyZGzBbr7nbyHvuVTrZlsL6lyeP1D0ypJD3FOKJp7h2r1lBHyLXOKiaiyWSF65GU2F_kTA2-jqj1uLlCL9nBdeu9IX-v5h6DSa3s5N7RLSWrsyaY8eeUHTR87Ia7vYmwqyLzeIKdTd7GYlreEHkgrnNJjT9Akdj1HJ0AaVb8KvNPhOg8MLoZP4OY48S9xAHOIYuKqQQlDleZUTni4vgk-XQ38B0&wa=wsignin1.0&username=&wtrealm=urn%3Afederation%3AMicrosoftOnline&mi_device_orientation=false
HTTP 302
https://nihfsauth.nih.gov/adfs/ls/?client-request-id=1e3ec29f-1ff7-485d-a97f-f4319fa8709b&wctx=estsredirect%3D2%26estsrequest%3DrQIIAY2RvY_SYADGeSlUwC80Dg5GycXJ2NL3belXogmfAnJ83HlHMTHk-tLSerRvpQUOFtcbiZM5h0uclNHJ3GQcLzFhvr_AOBk10VGIi-M9efLLM_-eexRkoXqX-xfErMlwpgkZbKzXfxleTySPPz-8_fvOs_L7l7_g8TvvzRG41sMB6bEutlnXttg-GS_AhhUEnq-m02QUDAjZZ4lp2tjgxQyLiZMmk730RwCWACzCkshLvMxzkiIjkReVDFJYUTehIOgKo3AKZgSJUxidNzJMRpFF08wooiGhs_DVRnYUWGgNMrRnxo9w3CRDp-sRPziiXoFCJ6gV_Eq_lM3lJKbSsN2ZIUy5vZlc1bb11r6OteEUVZ1NPJgcBBbE3mBSxzutQs4bl6o1rVPJ42rfOeBfoHq1aG0Vrc6u3bYfFwVBhg1SyTuE0aQyp8G-YUzc8SwzfIL0Jt7x6rohD9yyZGzBbr7nbyHvuVTrZlsL6lyeP1D0ypJD3FOKJp7h2r1lBHyLXOKiaiyWSF65GU2F_kTA2-jqj1uLlCL9nBdeu9IX-v5h6DSa3s5N7RLSWrsyaY8eeUHTR87Ia7vYmwqyLzeIKdTd7GYlreEHkgrnNJjT9Akdj1HJ0AaVb8KvNPhOg8MLoZP4OY48S9xAHOIYuKqQQlDleZUTni4vgk-XQ38B0&wa=wsignin1.0&wtrealm=https%3A%2F%2Fsentry-iam.cit.nih.gov%2FMobileIron%2Facc%2F99c72e41-4257-442c-816d-d41f10f05bda%2Fsp Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://autodiscover.dctod.nci.nih.gov/ HTTP 301
- https://outlook.office365.com/owa/?realm=dctod.nci.nih.gov&vd=autodiscover HTTP 302
- https://login.microsoftonline.com/common/oauth2/authorize?client_id=00000002-0000-0ff1-ce00-000000000000&redirect_uri=https%3a%2f%2foutlook.office365.com%2fowa%2f&resource=00000002-0000-0ff1-ce00-000000000000&response_mode=form_post&response_type=code+id_token&scope=openid&msafed=0&client-request-id=1e3ec29f-1ff7-485d-a97f-f4319fa8709b&protectedtoken=true&claims=%7b%22id_token%22%3a%7b%22xms_cc%22%3a%7b%22values%22%3a%5b%22CP1%22%5d%7d%7d%7d&domain_hint=dctod.nci.nih.gov&nonce=637383079826369529.6bf144b9-909c-4709-b3e5-5986ff596e72&state=DYtLDsIgFABB7-IOinze4y0az8JXSbQkbcXry2JmMclwxth1cplwNcUQDBpvFJLXYICcJgmx3q2NJEhREhYViWiKE4481OoICmo-X7H0X1geewnvz5rT2bPcUpNbe8lnH7eR1_CdsR2pj7L_AQ HTTP 302
- https://sentry-iam.cit.nih.gov/MobileIron/acc/99c72e41-4257-442c-816d-d41f10f05bda/idp?client-request-id=1e3ec29f-1ff7-485d-a97f-f4319fa8709b&username=&wa=wsignin1.0&wtrealm=urn%3afederation%3aMicrosoftOnline&wctx=estsredirect%3d2%26estsrequest%3drQIIAY2RvY_SYADGeSlUwC80Dg5GycXJ2NL3belXogmfAnJ83HlHMTHk-tLSerRvpQUOFtcbiZM5h0uclNHJ3GQcLzFhvr_AOBk10VGIi-M9efLLM_-eexRkoXqX-xfErMlwpgkZbKzXfxleTySPPz-8_fvOs_L7l7_g8TvvzRG41sMB6bEutlnXttg-GS_AhhUEnq-m02QUDAjZZ4lp2tjgxQyLiZMmk730RwCWACzCkshLvMxzkiIjkReVDFJYUTehIOgKo3AKZgSJUxidNzJMRpFF08wooiGhs_DVRnYUWGgNMrRnxo9w3CRDp-sRPziiXoFCJ6gV_Eq_lM3lJKbSsN2ZIUy5vZlc1bb11r6OteEUVZ1NPJgcBBbE3mBSxzutQs4bl6o1rVPJ42rfOeBfoHq1aG0Vrc6u3bYfFwVBhg1SyTuE0aQyp8G-YUzc8SwzfIL0Jt7x6rohD9yyZGzBbr7nbyHvuVTrZlsL6lyeP1D0ypJD3FOKJp7h2r1lBHyLXOKiaiyWSF65GU2F_kTA2-jqj1uLlCL9nBdeu9IX-v5h6DSa3s5N7RLSWrsyaY8eeUHTR87Ia7vYmwqyLzeIKdTd7GYlreEHkgrnNJjT9Akdj1HJ0AaVb8KvNPhOg8MLoZP4OY48S9xAHOIYuKqQQlDleZUTni4vgk-XQ38B0
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
idp
sentry-iam.cit.nih.gov/MobileIron/acc/99c72e41-4257-442c-816d-d41f10f05bda/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
nihfsauth.nih.gov/adfs/ls/ Redirect Chain
|
24 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
nihfsauth.nih.gov/adfs/portal/css/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
nihfsauth.nih.gov/adfs/portal/logo/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
illustration.png
nihfsauth.nih.gov/adfs/portal/illustration/ |
41 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
autodiscover.dctod.nci.nih.gov
login.microsoftonline.com
nihfsauth.nih.gov
outlook.office365.com
sentry-iam.cit.nih.gov
128.231.125.178
156.40.55.21
20.190.129.17
2603:1026:206:3::2
2603:1026:207:131::8
03f4af57507ccc27ce132779667452f023df699f4f54c60e3a948056d4270c3b
22ede726bbcc6b3f28753a89b1f59b072feb2c20ed16f4bc4312f277451ea34c
6a8cbd992efa1c907be168f40bffd4434dd32d35af7c40b8d5de2abf2f11ee62
7827f21192869124f181e73b807079be2a714b9b64aab94f248891eb565780b0
86bcdb0a54dcdf181307c5ecb18f88c5b96e6f766ba1fd75b663acfc28de9dec