urlscan.io logo urlscan.io
SecurityTrails logo

auth.tiaa.org Open in urlscan Pro
23.45.99.141  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://domo.buzz/r/NdXQ8G3
Effective URL: https://auth.tiaa.org/idp/SSO.saml2
Submission: On November 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 23.45.99.141, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is auth.tiaa.org.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on October 22nd 2021. Valid for: a year.
This is the only time auth.tiaa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.86.16.162 14618 (AMAZON-AES)
1 2 54.173.10.123 14618 (AMAZON-AES)
3 23.45.99.141 16625 (AKAMAI-AS)
5 3
Apex Domain
Subdomains		 Transfer
3 tiaa.org
auth.tiaa.org
26 KB
2 domo.com
nuveen.domo.com
5 KB
1 domo.buzz
domo.buzz
275 B
5 3
Domain Requested by
3 auth.tiaa.org auth.tiaa.org
2 nuveen.domo.com 1 redirects
1 domo.buzz 1 redirects
5 3

This site contains no links.

Subject Issuer Validity Valid
*.domo.com
DigiCert SHA2 High Assurance Server CA		 2020-04-02 -
2022-04-07		 2 years crt.sh
www.tiaa.org
DigiCert SHA2 Extended Validation Server CA		 2021-10-22 -
2022-10-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://auth.tiaa.org/idp/SSO.saml2
Frame ID: D38A6A796DB7E071BA6385DDA45AB3F7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Select Authentication System

Page URL History Show full URLs

  1. https://domo.buzz/r/NdXQ8G3 HTTP 301
    https://nuveen.domo.com/kpis/details/1062115288/view/887948522 HTTP 302
    https://nuveen.domo.com/auth/index?redirectUrl=%2Fkpis%2Fdetails%2F1062115288%2Fview%2F887948522 Page URL
  2. https://auth.tiaa.org/idp/SSO.saml2 Page URL

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

31 kB
Transfer

92 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://domo.buzz/r/NdXQ8G3 HTTP 301
    https://nuveen.domo.com/kpis/details/1062115288/view/887948522 HTTP 302
    https://nuveen.domo.com/auth/index?redirectUrl=%2Fkpis%2Fdetails%2F1062115288%2Fview%2F887948522 Page URL
  2. https://auth.tiaa.org/idp/SSO.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://domo.buzz/r/NdXQ8G3 HTTP 301
  • https://nuveen.domo.com/kpis/details/1062115288/view/887948522 HTTP 302
  • https://nuveen.domo.com/auth/index?redirectUrl=%2Fkpis%2Fdetails%2F1062115288%2Fview%2F887948522

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index
nuveen.domo.com/auth/
Redirect Chain
  • https://domo.buzz/r/NdXQ8G3
  • https://nuveen.domo.com/kpis/details/1062115288/view/887948522
  • https://nuveen.domo.com/auth/index?redirectUrl=%2Fkpis%2Fdetails%2F1062115288%2Fview%2F887948522
6 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nuveen.domo.com/auth/index?redirectUrl=%2Fkpis%2Fdetails%2F1062115288%2Fview%2F887948522
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.173.10.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-10-123.compute-1.amazonaws.com
Software
nginx /
Resource Hash
04ac8f16e8033a0b81566a2e53240627aebc3edc8c8f3be5aaff46ff5f2a2a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 03 Nov 2021 15:16:02 GMT
content-type
text/html; charset=UTF-8
content-length
3884
cache-control
no-cache,no-store, must-revalidate
content-encoding
gzip
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP='This is not a P3P policy! See https://www.domo.com/company/privacy-policy for more info.'
pragma
no-cache
vary
Accept-Encoding, User-Agent
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-robots-tag
noindex
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 03 Nov 2021 15:16:02 GMT
content-type
text/plain;charset=utf-8
content-length
0
location
https://nuveen.domo.com/auth/index?redirectUrl=%2Fkpis%2Fdetails%2F1062115288%2Fview%2F887948522
cache-control
no-cache,no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP='This is not a P3P policy! See https://www.domo.com/company/privacy-policy for more info.'
pragma
no-cache
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000; includeSubDomains
Primary Request SSO.saml2
auth.tiaa.org/idp/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.tiaa.org/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.99.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a862592a4dd3b074b0f60ee464ee132f3114ec69946c9a44895ab86322fb8182

Request headers

Upgrade-Insecure-Requests
1
Origin
https://nuveen.domo.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nuveen.domo.com/

Response headers

referrer-policy
origin
cache-control
no-cache, no-store
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-type
text/html;charset=utf-8
content-encoding
gzip
x-edgeconnect-midmile-rtt
98
x-edgeconnect-origin-mex-latency
102
x-akamai-transformed
9 1220 0 pmb=mTOE,1
date
Wed, 03 Nov 2021 15:16:03 GMT
content-length
1254
vary
Accept-Encoding
main.css
auth.tiaa.org/assets/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.tiaa.org/assets/css/main.css
Requested by
Host: auth.tiaa.org
URL: https://auth.tiaa.org/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.99.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d4b400464c1447af4bcc907b31fb56249e52cf150a120d82420368705222e095

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.tiaa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 15:16:08 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"2b65ad4e8f490a66b69af8b5002dada6:1613140551.930072"
vary
Accept-Encoding
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
3010
x-akamai-transformed
9 8085 0 pmb=mTOE,1mRUM,1
expires
Wed, 03 Nov 2021 15:16:08 GMT
Uo_bSkB
auth.tiaa.org/ALGnpE5x/m-S/zee/bp1W9OKJ38/XiJiQw3YbE/PD1OGXQoKgE/AlJ3d/ 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.tiaa.org/ALGnpE5x/m-S/zee/bp1W9OKJ38/XiJiQw3YbE/PD1OGXQoKgE/AlJ3d/Uo_bSkB
Requested by
Host: auth.tiaa.org
URL: https://auth.tiaa.org/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.99.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-99-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d28fcb63f244f9fc0347fc8efaaa91ccc5b6c0f63a94281e826d4e4329dce19a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://auth.tiaa.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 15:16:03 GMT
content-encoding
gzip
last-modified
Mon, 08 Mar 2021 19:03:25 GMT
etag
"d3caf572c192c8eeac2bc593a3b79aa0d20f9585b44afb7c04b08e353363cc30"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
content-length
19129
expires
Wed, 01 Dec 2021 05:25:52 GMT
Uo_bSkB
auth.tiaa.org/ALGnpE5x/m-S/zee/bp1W9OKJ38/XiJiQw3YbE/PD1OGXQoKgE/AlJ3d/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
auth.tiaa.org
URL
https://auth.tiaa.org/ALGnpE5x/m-S/zee/bp1W9OKJ38/XiJiQw3YbE/PD1OGXQoKgE/AlJ3d/Uo_bSkB

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

12 Cookies

Domain/Path Name / Value
nuveen.domo.com/ Name: PLAY_FLASH
Value: redirectUrl=%252Fkpis%252Fdetails%252F1062115288%252Fview%252F887948522&passedSSOSuccess=false
nuveen.domo.com/ Name: SESSION_TOE
Value: 2SDFSRSO5V
nuveen.domo.com/ Name: redirectUrl
Value: %2Fkpis%2Fdetails%2F1062115288%2Fview%2F887948522
nuveen.domo.com/ Name: PLAY_SESSION
Value: c36fa5593ab7be756ccf9fcecc80563927abcc89-isProxied=false
auth.tiaa.org/ Name: PF
Value: t8y9NSL1RrZmc80AAn4CJ1
auth.tiaa.org/ Name: BIGipServerpool_publictools-ha-federation_9030_prod-a
Value: 1629521674.17955.0000
auth.tiaa.org/ Name: BIGipServerpool_origin-auth-ha_7700_prod-a
Value: 251954954.5150.0000
auth.tiaa.org/ Name: tiaa_dc
Value: nc89
auth.tiaa.org/ Name: TS010984ce
Value: 01a4258f703ff04734efec74ed99708ea9c24a59ae1d602498329b569c077f5e0629c439042e40257e0bcdc1487be8ed49decb1fa4009514eefb459a9124bffc2e3b834ac15f9fe4c7bb60e8161677bca1c7e43ccb114467cc6aed3588e4aa5c9f3e66822eebf567eccf9f97a2c091b5a3d5d219fb
.tiaa.org/ Name: ak_bmsc
Value: F939AADC59DE6600362772E13D5197FB~000000000000000000000000000000~YAAQ9IQUAh/E9uV8AQAAohVf5g16A82YwqHqszm6Kqv53kh37y0mXuQv/y9wi4tDGeholPOJlUDL/oLIHnqL0Xn6jys5hjIEkZqg3E6GFfWOkv4IwQ2EFNfc8dsmKX98ADlP2LqViyU5PIsGX8xIRrRddiWizOz5grQmhwYumc6PsgVqVshZ7WP/94Q2DQnEU+YQbYQIVZaMT1KPJl0SuvyAJTKIetW5/nEqfqEhuomIcH8qAAqDFKdFKY3P1e4DQxLoOYT3B+oEstI5KK4dXLk7fmwCOeUkk5kgfYdhJtThg0LeG3vAxyxwM+KUmWKlJ3tNShLBZP0L5Msqj4C0oCyzAFVnBroey3yxqifXZNXzhnl6WtYKqVzBzqmPf2jdyNV/oDjF1C+P
.tiaa.org/ Name: bm_sz
Value: 24DAEC61173D26EC51837AD7964CCC21~YAAQ9IQUAiDE9uV8AQAAohVf5g3DZq5Lc2ca2et0wZErARA7OeSV40NPHxqdSdJRVzvwazbX2/XayA522Dav1tVK1wFdKvv4iH0SesFZNxBXUrseyaeEV9i+/R4Pz+Cx72fceTEFZ02T9dfwBHMhCF0uYTu/QwIdBOz4bsw/kMcYrcLf4HjXx1hVVP/DPWmEBodcVIAe0XyyWGnIO6ioUoL+idnI6pvNM8Q66ZM2vjYtv33K982fouVxk7cAoGuzguC+6Od3zgN4DCR0uh4HikQ2skwiCFYKxzDs0KxPYL7u~4405057~3616816
.tiaa.org/ Name: _abck
Value: FE6013FA2AA73AF98E3296581F09BFE9~-1~YAAQ9IQUAiTE9uV8AQAAzhVf5gZqOf46flDzfX/3rTNGTWOBN91Kwne/v9NF/BRG9GMdGlpz82HY6wPeLOs9GfBCkqpjXNV3t4dD8NHpOTRi1WQYLRcb8wYa7+RvZPPedjckTK3waufcIIxIHkwG7/C7wPToEXi86+vFEr1i3d0n5S1hiIRkEaenCO6IrrFmkduz59GwsXhS7FjMMAwvnL4DutUYuWLQtU7Qi+kaPa1CxBF9cRR6xauLiWJ7y4wr+7PWVG96znkiXpAPBnsVyfX3Iq7EEDnZ3DeKBHOfAs8W9t543BSwBFQ5BAUok/0sFvE07xRNtSXYoe4ADXQCDedZYj3IRAQy9E9c7DdV3w/7otZyHxBdHr9hFpDKa25IIuwytWHaTWY=~-1~-1~1635956143

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block