auth.tiaa.org
Open in
urlscan Pro
23.67.142.153
Public Scan
Effective URL: https://auth.tiaa.org/idp/SSO.saml2
Submission: On January 17 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on December 12th 2023. Valid for: a year.
This is the only time auth.tiaa.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 23.51.115.9 23.51.115.9 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 35.71.149.114 35.71.149.114 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 13.32.99.127 13.32.99.127 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 23.67.142.153 23.67.142.153 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
8 | 4 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-51-115-9.deploy.static.akamaitechnologies.com
secure4.xactlycorp.com |
ASN16509 (AMAZON-02, US)
PTR: a9fabdf042c40ac50.awsglobalaccelerator.com
auth.xactlycorp.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-127.fra60.r.cloudfront.net
ok12static.oktacdn.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-67-142-153.deploy.static.akamaitechnologies.com
auth.tiaa.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
oktacdn.com
ok12static.oktacdn.com — Cisco Umbrella Rank: 11450 |
104 KB |
2 |
tiaa.org
auth.tiaa.org — Cisco Umbrella Rank: 141195 |
84 KB |
2 |
xactlycorp.com
1 redirects
secure4.xactlycorp.com — Cisco Umbrella Rank: 292426 auth.xactlycorp.com — Cisco Umbrella Rank: 155670 |
6 KB |
0 |
tiaa-cref.org
Failed
loginsso-ha.ops.tiaa-cref.org Failed |
|
8 | 4 |
Domain | Requested by | |
---|---|---|
3 | ok12static.oktacdn.com |
auth.xactlycorp.com
|
2 | auth.tiaa.org |
auth.tiaa.org
|
1 | auth.xactlycorp.com | |
1 | secure4.xactlycorp.com | 1 redirects |
0 | loginsso-ha.ops.tiaa-cref.org Failed | |
8 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.xactlycorp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-04-22 - 2024-04-16 |
a year | crt.sh |
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-12-15 - 2025-01-02 |
a year | crt.sh |
www.tiaa.org DigiCert SHA2 Extended Validation Server CA |
2023-12-12 - 2024-12-14 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://loginsso-ha.ops.tiaa-cref.org/idp/SSO.saml2
Frame ID: 083DD392CCB63AED36CBECF221919001
Requests: 8 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://secure4.xactlycorp.com/iam/v1/initiatesso/0oa1k334moS6960KS5d7
HTTP 302
https://auth.xactlycorp.com/oauth2/ausps20ouOkjV06lo5d6/v1/authorize?response_type=code&client_id=0oa4y4... Page URL
- https://auth.tiaa.org/idp/SSO.saml2 Page URL
Detected technologies
Akamai Bot Manager (Security) ExpandDetected patterns
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://secure4.xactlycorp.com/iam/v1/initiatesso/0oa1k334moS6960KS5d7
HTTP 302
https://auth.xactlycorp.com/oauth2/ausps20ouOkjV06lo5d6/v1/authorize?response_type=code&client_id=0oa4y499qr6BJtc845d7&scope=openid%20email%20profile%20offline_access&state=B0E2E15C3F839902B61D6FDB7FE323003042E46FCE5F9C698411D0EBDE9964F12154C9D0617EC93148309C1061EE1D3108F53955421F739FC7999CA13ADC8CF7A8C90D3EA0F4DE5E16DB9B5F7988E2909D90841EBF5E497567BD8E5DD3B5F7BB3789F8D7AAB748B3D981996FFFB232471D4738D3F37D8FAE9C9317EE52F0EE9D350D071E8D43AC2C3B2AFCFF18754FBD&idp=0oa1k334moS6960KS5d7&redirect_uri=https://secure4.xactlycorp.com/iam/saml/auth/INCENT_LOGIN_PAGE&nonce=2D489ADAC472B2EF5563FAFE Page URL
- https://auth.tiaa.org/idp/SSO.saml2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://secure4.xactlycorp.com/iam/v1/initiatesso/0oa1k334moS6960KS5d7 HTTP 302
- https://auth.xactlycorp.com/oauth2/ausps20ouOkjV06lo5d6/v1/authorize?response_type=code&client_id=0oa4y499qr6BJtc845d7&scope=openid%20email%20profile%20offline_access&state=B0E2E15C3F839902B61D6FDB7FE323003042E46FCE5F9C698411D0EBDE9964F12154C9D0617EC93148309C1061EE1D3108F53955421F739FC7999CA13ADC8CF7A8C90D3EA0F4DE5E16DB9B5F7988E2909D90841EBF5E497567BD8E5DD3B5F7BB3789F8D7AAB748B3D981996FFFB232471D4738D3F37D8FAE9C9317EE52F0EE9D350D071E8D43AC2C3B2AFCFF18754FBD&idp=0oa1k334moS6960KS5d7&redirect_uri=https://secure4.xactlycorp.com/iam/saml/auth/INCENT_LOGIN_PAGE&nonce=2D489ADAC472B2EF5563FAFE
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
authorize
auth.xactlycorp.com/oauth2/ausps20ouOkjV06lo5d6/v1/ Redirect Chain
|
9 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.2ef93d9aedc4198ec425a799a371292d.js
ok12static.oktacdn.com/assets/js/ |
289 KB 101 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.c280c95e9e8c971dad6d6dd597ab23f8.css
ok12static.oktacdn.com/assets/css/sections/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
interstitial.474dce61acfac4a4d016921943cf2a68.js
ok12static.oktacdn.com/assets/js/app/sso/ |
678 B 862 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
SSO.saml2
auth.tiaa.org/idp/ |
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JLVs
auth.tiaa.org/JTDV8_x7X2liK2MLgk9TXQhZQvU/awEphJVwLNwE/VTAgAUEB/b1JZTj9/ |
215 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
JLVs
auth.tiaa.org/JTDV8_x7X2liK2MLgk9TXQhZQvU/awEphJVwLNwE/VTAgAUEB/b1JZTj9/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
SSO.saml2
loginsso-ha.ops.tiaa-cref.org/idp/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- auth.tiaa.org
- URL
- https://auth.tiaa.org/JTDV8_x7X2liK2MLgk9TXQhZQvU/awEphJVwLNwE/VTAgAUEB/b1JZTj9/JLVs
- Domain
- loginsso-ha.ops.tiaa-cref.org
- URL
- https://loginsso-ha.ops.tiaa-cref.org/idp/SSO.saml2
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
auth.xactlycorp.com/ | Name: JSESSIONID Value: A0F1F10C6696EC26D768B38F5031AC7F |
|
auth.xactlycorp.com/ | Name: t Value: default |
|
auth.xactlycorp.com/ | Name: DT Value: DI1TupqxXkXRkm1i8KEVu6q0Q |
|
auth.tiaa.org/ | Name: PF Value: GGk4OVMxJ8UwKlb9MBXlbj |
|
auth.tiaa.org/ | Name: BIGipServerpool_publictools-ha-federation_9030_prod-dr Value: 1981865738.17955.0000 |
|
auth.tiaa.org/ | Name: BIGipServerpool_origin-auth-ha_7700_prod-dr Value: 788848394.5150.0000 |
|
auth.tiaa.org/ | Name: tiaa_dc Value: cobm |
|
auth.tiaa.org/ | Name: TS010984ce Value: 010cea11901addef2cc8b8515b4be464edf37eacfee700d30bdc6bade0c26362cf2f490a61acf4448f4017dcf7d873d423b6ad33cacd29a2bd6e6197b5289104f43311e1737d166d764013ce0af0cbdedbcd0908a3990cb5d7d9c82f12ac5348864568723dfdbe054b361c724d816b0d39ca18e1d6 |
|
auth.tiaa.org/ | Name: TS43acb533027 Value: 08cfd787d1ab2000823b08139acd3540bd65a187262d8466c5d3f781102c94f6b9194c72d7fd4ef50847f6b10e11300051aba9408e2928988d41ccfe85cef76bddd0b88916881eb4eb36b68bd1ef8b1189cfad30ed826bd7e1a2746ed47d5dd2 |
|
.tiaa.org/ | Name: ak_bmsc Value: E6A6D4C9341DB6A2609A8FBBCA5DC445~000000000000000000000000000000~YAAQBChDF7RrXhCNAQAAGzG5GBa32y2YUpL2DlYwIL60dYw8L25jSh9xyuiBi7UcMCdBhKyUUUUoZMCNNh8f2i9k6SWPKqlMv3XRD9Bu6JHeGZLF04cvwvd+uMOaQ/LS8SAXE0KQwULIuTdkTJ9NnyutyWz1nGnvoi3HD8AdTZeBOoms7VgaJfCt63aT/FWrStZP9Q+k8S9ODwSOpF/eXl/4PUWWN4hFizIU5SAS207Fh83+wba5UthAhNZ6He5jQOnaH+YS0Td3/EWL0zaSA0x7jZFFySmYzGT8w+zy4ura28JRiE7JFP6bhvPvZVQl90PAoH1Nkwja/NTnh4NwRe8/qtS3abWDIER7Ws/yanwxZp2zKkJTL8Ci2nWk0wMh/U/ayQCkbA== |
|
.tiaa.org/ | Name: bm_sz Value: E18F7AE954BF7FA6E177CFA798BE9AE8~YAAQBChDF7VrXhCNAQAAGzG5GBaob9s0L6ViFhkSe95wUwHwJEVQxmVeEEKDO5ei1IKqMvdXrpJq6FColC4nUX6dxgsuYV4zO55/noWIZmuekOxl9nCoC2JyPXqkDXPMOmuoD+/GdnCSqAYCAOw4QgVfq5Qckyg6TKZMVH6IfaUFqw+q2u8+D6dbTa6P+rq5ocaZd7Z+Us3xeMiDlqiWL3i0qZSr6MP0/j7yE+YuqPkj3F0ITuoxsxJ/G+8sbo7gvI7uC5gCGJLcVG06m5QrFjBvEpncU5lxGU6+BPFH5tEO~3160121~3553584 |
|
.tiaa.org/ | Name: _abck Value: 162CE14841857110CA46AD2D3E7E1579~-1~YAAQBChDF8BrXhCNAQAAdjG5GAsE6nKUhcIW8IsFERZ80t+bR1rZYdPiEEuK+nBFOfD8tA5EO7jZBW/l4dvY1+BVH3ZlGtFJHXmnn6JTDB4qT4LXMacPgvg71mRFUU1UpOMtBerfM4//DLWKpCj88SkD7F/9l52RgwoghNpOWG/P+moZAne8Gm2qFkQbPa0wJatoHKVPFw2ADQxGUufEYChztDoPGXkNAYyXNghztBjQgP/epk0Pzx2UDw0GcbCmiIhDHt1vyzMrYtdZIOdlCfBpIeJPRgOT9wNBVwkxNMpuj4DtGMrHiF5YgGmASDdSayexP0yb1TKmSDeD1SqsKUxmsWDHhgnYSNuzItdLUh6BXv8AXaJiEszm/DDfcA8sFkWnmcA18lg=~-1~-1~-1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=315360000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.tiaa.org
auth.xactlycorp.com
loginsso-ha.ops.tiaa-cref.org
ok12static.oktacdn.com
secure4.xactlycorp.com
auth.tiaa.org
loginsso-ha.ops.tiaa-cref.org
13.32.99.127
23.51.115.9
23.67.142.153
35.71.149.114
07b3a78b9dbf7d1133733164c7e5c4b2c56a902b16e64b60ec3181018203a94b
393716480c3ffd050dda56582c44a34b743ed86207c10577ecab01dbc140d857
77b5ff765ff7653b7756896e3951eb246f500edea52c79e0c64a6ef085e4c14e
d952fafe2ace405711d16dd5b78225162c199fffc0132fb1d85b612b629c5e22