tiaa.cspace.com
Open in
urlscan Pro
13.68.19.245
Public Scan
Effective URL: https://tiaa.cspace.com/eab/Account/LogOn?returnUrl=%2Feab%2Fmem%2Fdiscussion%2F182192cc-f2b2-4b30-a81b-4e3f81992dac
Submission: On April 15 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on September 1st 2021. Valid for: a year.
This is the only time tiaa.cspace.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 14 | 13.68.19.245 13.68.19.245 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::200e | 15169 (GOOGLE) (GOOGLE) | |
15 | 2 |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
cspace.com
1 redirects
tiaa.cspace.com |
158 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 |
20 KB |
15 | 2 |
Domain | Requested by | |
---|---|---|
14 | tiaa.cspace.com |
1 redirects
tiaa.cspace.com
|
2 | www.google-analytics.com |
tiaa.cspace.com
www.google-analytics.com |
15 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
documents.cspace.com |
www.cspace.com |
www.tiaa.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.cspace.com Entrust Certification Authority - L1K |
2021-09-01 - 2022-09-29 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-03-28 - 2022-06-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://tiaa.cspace.com/eab/Account/LogOn?returnUrl=%2Feab%2Fmem%2Fdiscussion%2F182192cc-f2b2-4b30-a81b-4e3f81992dac
Frame ID: A8E45B0652398EC48DB752B82946DB6C
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Sign in to Your CommunityPage URL History Show full URLs
-
https://tiaa.cspace.com/eab/mem/discussion/182192cc-f2b2-4b30-a81b-4e3f81992dac
HTTP 302
https://tiaa.cspace.com/eab/Account/LogOn?returnUrl=%2Feab%2Fmem%2Fdiscussion%2F182192cc-f2b2-4b30-a... Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Member Agreement
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: TIAA
Search URL Search Domain Scan URL
Title: C Space
Search URL Search Domain Scan URL
Title: Do Not Sell My Personal Information
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tiaa.cspace.com/eab/mem/discussion/182192cc-f2b2-4b30-a81b-4e3f81992dac
HTTP 302
https://tiaa.cspace.com/eab/Account/LogOn?returnUrl=%2Feab%2Fmem%2Fdiscussion%2F182192cc-f2b2-4b30-a81b-4e3f81992dac Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
LogOn
tiaa.cspace.com/eab/Account/ Redirect Chain
|
7 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layout2.css
tiaa.cspace.com/public/static/css/legacy/bundles/ |
126 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
community-theme2.css
tiaa.cspace.com/enterpriseconfiguration/TIAA/app_themes/eab/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logon.4a1eed78de.js
tiaa.cspace.com/public/static/js/bundle/ |
117 KB 53 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
normalize.css
tiaa.cspace.com/public/static/css/legacy/lib/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
joyride-2.1.css
tiaa.cspace.com/public/static/css/legacy/lib/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui-1.10.4.custom.min.css
tiaa.cspace.com/public/static/css/legacy/lib/ |
24 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
proximanova.css
tiaa.cspace.com/public/static/css/shared/font/proximanova/ |
567 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
latoblack.css
tiaa.cspace.com/public/static/css/shared/font/latoblack/ |
564 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
tiaa.cspace.com/public/static/css/shared/font/line-icons-squid-ink/ |
7 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
colorpicker.css
tiaa.cspace.com/public/static/css/legacy/lib/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ProximaNova-Reg-webfont.woff
tiaa.cspace.com/public/static/css/shared/font/proximanova/ |
23 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 206 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
line-icons-squid-ink-20190204.woff
tiaa.cspace.com/public/static/css/shared/font/line-icons-squid-ink/ |
23 KB 24 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| showPage object| communispaceContext object| pageContext object| LogOn function| $ function| jQuery object| communispace function| Retina function| RetinaImagePath function| RetinaImage string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
tiaa.cspace.com/ | Name: WurflCloud_Client Value: Data=%7b%22ServerVersion%22%3a%22WurflCloud+1.12.5.1%22%2c%22ServerTimestamp%22%3a%2204%2f11%2f2022+08%3a01%3a27%22%2c%22DeviceId%22%3a%22google_chrome_100%22%2c%22DateOfCreation%22%3a%22%5c%2fDate(1650020881173)%5c%2f%22%2c%22Capabilities%22%3a%7b%22advertised_browser%22%3a%22Chrome%22%2c%22advertised_browser_version%22%3a%22100.0.4896.75%22%2c%22built_in_camera%22%3a%22False%22%2c%22built_in_recorder%22%3a%22False%22%2c%22is_android%22%3a%22False%22%2c%22is_full_desktop%22%3a%22True%22%2c%22is_ios%22%3a%22False%22%2c%22is_mobile%22%3a%22False%22%2c%22is_tablet%22%3a%22False%22%2c%22is_touchscreen%22%3a%22False%22%2c%22mobile_browser%22%3a%22Chrome+Desktop%22%2c%22mobile_browser_version%22%3a%22100.0%22%2c%22resolution_height%22%3a%22600%22%2c%22resolution_width%22%3a%22800%22%7d%7d |
|
tiaa.cspace.com/ | Name: community-culture Value: en-us,en-us |
|
tiaa.cspace.com/ | Name: __RequestVerificationToken Value: E9ee4AktFfBNLYXfAvGaUNTaEvZI1Lo6auwjPLUoFBJA53FcQU8TcHEpfOPkDolRaRjpR-hN_5h161pvIjARo3ufsEU1 |
|
.cspace.com/ | Name: _ga Value: GA1.2.1405546299.1650020883 |
|
.cspace.com/ | Name: _gid Value: GA1.2.1368328732.1650020883 |
|
.cspace.com/ | Name: _gat Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self'; script-src 'self' *.cspace.com *.twilio.com *.polyfill.io *.google-analytics.com *.amazonaws.com widget.morphii.com */signalr/hubs *.fastfocus.io *.twiliocdn.com *.brandinvitation.com *.dataga.me https://*.googleapis.com https://*.facebook.net https://*.twitter.com *.cloudflare.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' localhost:* *.cspace.com wss://*.cspace.com *.amazonaws.com https://*.insightsmeta.com https://*.googleapis.com https://*.facebook.net https://*.twitter.com *.twilio.com wss://*.twilio.com *.brandinvitation.com *.google-analytics.com widget.morphii.com *.dataga.me blob: mediastream: filesystem:; style-src 'self' *.cspace.com widget.morphii.com *.dataga.me https://*.googleapis.com *.cloudflare.com 'unsafe-inline' 'unsafe-eval'; img-src * data: blob:; media-src * blob:; frame-src 'self' https://*.cspace.com https://www.optimalworkshop.com http://www.mindmup.com http://www.feedmap.com https://app.dataga.me https://prime-cp.sentientdecisionscience.com http://www.sticky.ai https://remesh.chat https://icodetm.com http://sentientprime.com *.fastfocus.io; |
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
tiaa.cspace.com
www.google-analytics.com
13.68.19.245
2a00:1450:4001:831::200e
1fce6cabad5db563e2bc77b79b6eef01cf936c5563389736f78450bedb3baaac
275682f98aaf154b9279ea14b4a8470b5dfd9de9db1374bd4e151d1040b4096d
28fa6da570e2b777702a518e275be13f661593d7517b6d5482f81ba273e791f8
35a472b15c17359f0012d3f47eef44382ee5224b937681874c8bdb7920ccb3f9
5d6b39555d2a5b3d942679fa75eb330cdbfc8c19cbfcbd3f85526bd93ab5baaf
5e1d8d6feb6c8c61ae9611a2808fc25fee64066f71003e2bb68714fe755726c2
7ec4563e41f5bea3fa9300a489f4fffa713c9de18889f3e6bc4b8f19dcacd478
88fc9b21cc10ce739121035f19426ec4101a01fb9c616c3f8286e0670e4bf02c
9350aaa55205b426a358b46ac5c111a39854dc4064afe5c4518042512177d9a0
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
bc4b40ba0968dbaa4b8307500f5f468afc6d6ec6598c61e5b1d30b3dcbc05183
c76757e0c14cc3c9b785a41ad8087bbc611c8173702d805ec172501be25580c2
c7d8f4f45e020f2a48284f887f39a9453a87ee006dba8dfafdf2aee14a33e4e2
db8be58b8c0e388c938a970fbb4a53d6e2f6f0c5998854c04260a795c083d87a