auth.tiaa.org
Open in
urlscan Pro
23.45.99.141
Public Scan
Effective URL: https://auth.tiaa.org/idp/SSO.saml2
Submission: On November 03 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 22nd 2021. Valid for: a year.
This is the only time auth.tiaa.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.86.16.162 52.86.16.162 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 2 | 54.173.10.123 54.173.10.123 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 23.45.99.141 23.45.99.141 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
5 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-16-162.compute-1.amazonaws.com
domo.buzz |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-10-123.compute-1.amazonaws.com
nuveen.domo.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-141.deploy.static.akamaitechnologies.com
auth.tiaa.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
tiaa.org
auth.tiaa.org |
26 KB |
2 |
domo.com
1 redirects
nuveen.domo.com |
5 KB |
1 |
domo.buzz
1 redirects
domo.buzz |
275 B |
5 | 3 |
Domain | Requested by | |
---|---|---|
3 | auth.tiaa.org |
auth.tiaa.org
|
2 | nuveen.domo.com | 1 redirects |
1 | domo.buzz | 1 redirects |
5 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.domo.com DigiCert SHA2 High Assurance Server CA |
2020-04-02 - 2022-04-07 |
2 years | crt.sh |
www.tiaa.org DigiCert SHA2 Extended Validation Server CA |
2021-10-22 - 2022-10-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://auth.tiaa.org/idp/SSO.saml2
Frame ID: D38A6A796DB7E071BA6385DDA45AB3F7
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Select Authentication SystemPage URL History Show full URLs
-
https://domo.buzz/r/NdXQ8G3
HTTP 301
https://nuveen.domo.com/kpis/details/1062115288/view/887948522 HTTP 302
https://nuveen.domo.com/auth/index?redirectUrl=%2Fkpis%2Fdetails%2F1062115288%2Fview%2F887948522 Page URL
- https://auth.tiaa.org/idp/SSO.saml2 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://domo.buzz/r/NdXQ8G3
HTTP 301
https://nuveen.domo.com/kpis/details/1062115288/view/887948522 HTTP 302
https://nuveen.domo.com/auth/index?redirectUrl=%2Fkpis%2Fdetails%2F1062115288%2Fview%2F887948522 Page URL
- https://auth.tiaa.org/idp/SSO.saml2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://domo.buzz/r/NdXQ8G3 HTTP 301
- https://nuveen.domo.com/kpis/details/1062115288/view/887948522 HTTP 302
- https://nuveen.domo.com/auth/index?redirectUrl=%2Fkpis%2Fdetails%2F1062115288%2Fview%2F887948522
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
index
nuveen.domo.com/auth/ Redirect Chain
|
6 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Primary Request
SSO.saml2
auth.tiaa.org/idp/ |
4 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
auth.tiaa.org/assets/css/ |
9 KB 3 KB |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Uo_bSkB
auth.tiaa.org/ALGnpE5x/m-S/zee/bp1W9OKJ38/XiJiQw3YbE/PD1OGXQoKgE/AlJ3d/ |
74 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
Uo_bSkB
auth.tiaa.org/ALGnpE5x/m-S/zee/bp1W9OKJ38/XiJiQw3YbE/PD1OGXQoKgE/AlJ3d/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- auth.tiaa.org
- URL
- https://auth.tiaa.org/ALGnpE5x/m-S/zee/bp1W9OKJ38/XiJiQw3YbE/PD1OGXQoKgE/AlJ3d/Uo_bSkB
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nuveen.domo.com/ | Name: PLAY_FLASH Value: redirectUrl=%252Fkpis%252Fdetails%252F1062115288%252Fview%252F887948522&passedSSOSuccess=false |
|
nuveen.domo.com/ | Name: SESSION_TOE Value: 2SDFSRSO5V |
|
nuveen.domo.com/ | Name: redirectUrl Value: %2Fkpis%2Fdetails%2F1062115288%2Fview%2F887948522 |
|
nuveen.domo.com/ | Name: PLAY_SESSION Value: c36fa5593ab7be756ccf9fcecc80563927abcc89-isProxied=false |
|
auth.tiaa.org/ | Name: PF Value: t8y9NSL1RrZmc80AAn4CJ1 |
|
auth.tiaa.org/ | Name: BIGipServerpool_publictools-ha-federation_9030_prod-a Value: 1629521674.17955.0000 |
|
auth.tiaa.org/ | Name: BIGipServerpool_origin-auth-ha_7700_prod-a Value: 251954954.5150.0000 |
|
auth.tiaa.org/ | Name: tiaa_dc Value: nc89 |
|
auth.tiaa.org/ | Name: TS010984ce Value: 01a4258f703ff04734efec74ed99708ea9c24a59ae1d602498329b569c077f5e0629c439042e40257e0bcdc1487be8ed49decb1fa4009514eefb459a9124bffc2e3b834ac15f9fe4c7bb60e8161677bca1c7e43ccb114467cc6aed3588e4aa5c9f3e66822eebf567eccf9f97a2c091b5a3d5d219fb |
|
.tiaa.org/ | Name: ak_bmsc Value: F939AADC59DE6600362772E13D5197FB~000000000000000000000000000000~YAAQ9IQUAh/E9uV8AQAAohVf5g16A82YwqHqszm6Kqv53kh37y0mXuQv/y9wi4tDGeholPOJlUDL/oLIHnqL0Xn6jys5hjIEkZqg3E6GFfWOkv4IwQ2EFNfc8dsmKX98ADlP2LqViyU5PIsGX8xIRrRddiWizOz5grQmhwYumc6PsgVqVshZ7WP/94Q2DQnEU+YQbYQIVZaMT1KPJl0SuvyAJTKIetW5/nEqfqEhuomIcH8qAAqDFKdFKY3P1e4DQxLoOYT3B+oEstI5KK4dXLk7fmwCOeUkk5kgfYdhJtThg0LeG3vAxyxwM+KUmWKlJ3tNShLBZP0L5Msqj4C0oCyzAFVnBroey3yxqifXZNXzhnl6WtYKqVzBzqmPf2jdyNV/oDjF1C+P |
|
.tiaa.org/ | Name: bm_sz Value: 24DAEC61173D26EC51837AD7964CCC21~YAAQ9IQUAiDE9uV8AQAAohVf5g3DZq5Lc2ca2et0wZErARA7OeSV40NPHxqdSdJRVzvwazbX2/XayA522Dav1tVK1wFdKvv4iH0SesFZNxBXUrseyaeEV9i+/R4Pz+Cx72fceTEFZ02T9dfwBHMhCF0uYTu/QwIdBOz4bsw/kMcYrcLf4HjXx1hVVP/DPWmEBodcVIAe0XyyWGnIO6ioUoL+idnI6pvNM8Q66ZM2vjYtv33K982fouVxk7cAoGuzguC+6Od3zgN4DCR0uh4HikQ2skwiCFYKxzDs0KxPYL7u~4405057~3616816 |
|
.tiaa.org/ | Name: _abck Value: FE6013FA2AA73AF98E3296581F09BFE9~-1~YAAQ9IQUAiTE9uV8AQAAzhVf5gZqOf46flDzfX/3rTNGTWOBN91Kwne/v9NF/BRG9GMdGlpz82HY6wPeLOs9GfBCkqpjXNV3t4dD8NHpOTRi1WQYLRcb8wYa7+RvZPPedjckTK3waufcIIxIHkwG7/C7wPToEXi86+vFEr1i3d0n5S1hiIRkEaenCO6IrrFmkduz59GwsXhS7FjMMAwvnL4DutUYuWLQtU7Qi+kaPa1CxBF9cRR6xauLiWJ7y4wr+7PWVG96znkiXpAPBnsVyfX3Iq7EEDnZ3DeKBHOfAs8W9t543BSwBFQ5BAUok/0sFvE07xRNtSXYoe4ADXQCDedZYj3IRAQy9E9c7DdV3w/7otZyHxBdHr9hFpDKa25IIuwytWHaTWY=~-1~-1~1635956143 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | ALLOWALL |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.tiaa.org
domo.buzz
nuveen.domo.com
auth.tiaa.org
23.45.99.141
52.86.16.162
54.173.10.123
04ac8f16e8033a0b81566a2e53240627aebc3edc8c8f3be5aaff46ff5f2a2a62
a862592a4dd3b074b0f60ee464ee132f3114ec69946c9a44895ab86322fb8182
d28fcb63f244f9fc0347fc8efaaa91ccc5b6c0f63a94281e826d4e4329dce19a
d4b400464c1447af4bcc907b31fb56249e52cf150a120d82420368705222e095