auth.tiaa.org - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 104.89.26.18, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is auth.tiaa.org. The Cisco Umbrella rank of the primary domain is 181957.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 24th 2022. Valid for: 9 months.

This is the only time auth.tiaa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	13.109.184.181 13.109.184.181	14340 (SALESFORCE) (SALESFORCE)
6	104.89.26.18 104.89.26.18	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2

2 13.109.184.181 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: dcl9-ncg1-c5-iad4.na160-ia4.my.salesforce.com

nuveen.my.salesforce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.89.26.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-26-18.deploy.static.akamaitechnologies.com

auth.tiaa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	tiaa.org auth.tiaa.org — Cisco Umbrella Rank: 181957	29 KB
2	salesforce.com 1 redirects nuveen.my.salesforce.com	5 KB
7	2

	Domain	Requested by
6	auth.tiaa.org	nuveen.my.salesforce.com auth.tiaa.org
2	nuveen.my.salesforce.com	1 redirects
7	2

This site contains no links.

Subject Issuer	Validity	Valid
*.my.salesforce.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-08`	a year	crt.sh
www.tiaa.org DigiCert SHA2 Extended Validation Server CA	`2022-01-24` - `2022-10-22`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.tiaa.org/idp/SSO.saml2?SAMLRequest=hZJdc6owEIb%2FCpN7kQ9ByRQd%2FKqtKCgi1hsnYhROIcEk0OqvP1SPMz3nomdn9iKzm33f2X2eep95JlWY8ZQSG6iyAiRMYnpIyckG4Wrc6IBe94mjPCugU4qELPG5xFxI9T%2FC4a1gg5IRSBFPOSQoxxyKGAbOzIWarMCCUUFjmgHJ4RwzUQsNKOFljlmAWZXGOFy6NkiEKDhsNklZYUzk%2FCJzlGF%2BpCzGckzzHqe2ogzViXILz%2FJ8IA1rJylB4mb%2BMQHVNmWRIiRTdmqmh6IZBJ785VQD0svQBjtt4NTxNqb%2BtbWZDZ2Pf%2FOr3HY6TjRCWJzeL%2BbAMq5WFIVj52iqc9X1GqTMKp9fJuEomkfJYWNYyZqJxPOzadvdbdzR%2BPI%2B28ZnY1y210YxjY00W%2FSH7ITbi3C57W%2FTpTFQeaW9BJvlIRpMaOeZtT89n%2Bl%2BsjfbnWtlxl5QIPWNHcPjaq9jHH%2FMZsr1UiTaqbMo36fOOtAvlvmc65O%2BHy12izWv5u6oMhakRIV%2BvO6KV5qaDSRepyNr%2B5HhJLQIwWQfhmboBBs%2F9FvaMqze8l8441Y8Oe9PB3etH1F%2FfHbqbXFe4hfCBSLCBpqiaQ3FaKidlWrClg6VltxSjS2Q%2FD837qfkTs5PQOzvTRxOViu%2F4XvBCkjrB4F1A7jzBm%2Fi7BtoP49FD7pA938sPTW%2FCXTvr7%2Fx7v4G&RelayState=%2F_ui%2Fcore%2Ffeeds%2Fnotification%2FChatterEmailSettings%3Famp%253Bemkind%3DchatterPostNotification%26amp%253Bs1nid%3D000000000000000%26setupid%3DCollaborationEmailSettings%26amp%253Bs1oid%3D00D1H000000O9OP%26amp%253Bs1uid%3D0051H000009SAGJ%26amp%253BfromEmail%3D1%26amp%253Bs1ext%3D0%26amp%253Bemtm%3D1652881657246&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=H565iGKa%2BNYDtaT%2BAIrwtxr%2F0fKZVlZIytRJnvtkwnH9oY5OtgZnvW3eSwRts8zICNZgkILyyRvnRep63t%2Bv3rwkC3RLEkG3LuUdh8BcGvKYIhEw54P%2FymZC32%2Bw7PNQf5v%2F6fz1QjhHdAwpkxx7fFKXRIF%2BlCjkERdvvCwdhnds8klW2LWWyF%2BwBFT%2FLuSVx3HS%2F2BQsDodnn5uRvo%2Bzg2h0S0MNb0q3KiWp9dNswAlyzzabAby3NS5hILrnIRD5nbZV7TfAf9784k%2BNPH1NuNNgbLvZcHt5UiBbtDiArAqkdQejI6OtABlvsb%2BEACDqhzZIhM2TR%2Fu3IL1vjRvc4%2B7rWQ8AQqhjWsuTDyl8y114%2FEodgkUd6aj8Y9zEGi5NxHBL4qxHxY7zFeTp9XZqpKuxcYjf9RN1eYKyskknPzNBQB71KxtrLDuTT3EYk5%2BkQWj1Ci0iNyaZEURMR7KRC9ldfuOKMshWmES2I8wEfKgBf7ZDRGBNS11Ps15vsulsBwC8t1cfa49BBQ4o9USRqwwhWdNJZQWlz%2BqjV%2FJ8pjCwBIWINbQL4aJXuA3TzvZBPcIP48%2FqSkuUawRkc%2FIO0jsZaRhIMRP0DtDs8XncZoP9tI95CG%2FtvxD9nnGeGSaHxtvMZKErolbA0BfdS%2BZJfv05zl11aqfulQsfzs1Mmg%3D
Frame ID: 52F4257C5C7ADBECD93E9B37AD7D72AD
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Select Authentication System

Page URL History Show full URLs

https://nuveen.my.salesforce.com/_ui/core/feeds/notification/ChatterEmailSettings?setupid=CollaborationEmailS... Page URL
https://nuveen.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYFoPz4XMDAwMDAwMDAwMDAwMDAwAAA... HTTP 302
https://auth.tiaa.org/idp/SSO.saml2?SAMLRequest=hZJdc6owEIb%2FCpN7kQ9ByRQd%2FKqtKCgi1hsnYhROIcEk0O... Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

31 kB
Transfer

98 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nuveen.my.salesforce.com/_ui/core/feeds/notification/ChatterEmailSettings?setupid=CollaborationEmailSettings&fromEmail=1&s1oid=00D1H000000O9OP&s1nid=000000000000000&s1uid=0051H000009SAGJ&s1ext=0&emkind=chatterPostNotification&emtm=1652881657246 Page URL
https://nuveen.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYFoPz4XMDAwMDAwMDAwMDAwMDAwAAAA7A8AWEaetgky6C95z9WWUFAf61N1LO-nulvPsyHUEWNWhdX59hVrthOPlK7L_XLEFykMZcq5Fu7V5pKc5ilQBDrge7QURZBZiR5C1sv2ISXRdWCHo8Gr7xOPr3Phb678zv6cOSpa1YrfUfTb3eecwMM0zyph2g8QukKAVS3y96Gm3HBPWQ_QVsvNLEv5Qnuap3fz_pJoi6-atJKE9ZwlehU9nnenbUU6UASXPUP42RUvYmjels9cHqbgdLV3faBFqA&saml_acs=https%3A%2F%2Fnuveen.my.salesforce.com%3Fso%3D00D1H000000O9OP&saml_binding_type=HttpRedirect&Issuer=https%3A%2F%2Fnuveen.my.salesforce.com&samlSsoConfig=0LE1H000000g95u&RelayState=%2F_ui%2Fcore%2Ffeeds%2Fnotification%2FChatterEmailSettings%3Famp%253Bemkind%3DchatterPostNotification%26amp%253Bs1nid%3D000000000000000%26setupid%3DCollaborationEmailSettings%26amp%253Bs1oid%3D00D1H000000O9OP%26amp%253Bs1uid%3D0051H000009SAGJ%26amp%253BfromEmail%3D1%26amp%253Bs1ext%3D0%26amp%253Bemtm%3D1652881657246 HTTP 302
https://auth.tiaa.org/idp/SSO.saml2?SAMLRequest=hZJdc6owEIb%2FCpN7kQ9ByRQd%2FKqtKCgi1hsnYhROIcEk0OqvP1SPMz3nomdn9iKzm33f2X2eep95JlWY8ZQSG6iyAiRMYnpIyckG4Wrc6IBe94mjPCugU4qELPG5xFxI9T%2FC4a1gg5IRSBFPOSQoxxyKGAbOzIWarMCCUUFjmgHJ4RwzUQsNKOFljlmAWZXGOFy6NkiEKDhsNklZYUzk%2FCJzlGF%2BpCzGckzzHqe2ogzViXILz%2FJ8IA1rJylB4mb%2BMQHVNmWRIiRTdmqmh6IZBJ785VQD0svQBjtt4NTxNqb%2BtbWZDZ2Pf%2FOr3HY6TjRCWJzeL%2BbAMq5WFIVj52iqc9X1GqTMKp9fJuEomkfJYWNYyZqJxPOzadvdbdzR%2BPI%2B28ZnY1y210YxjY00W%2FSH7ITbi3C57W%2FTpTFQeaW9BJvlIRpMaOeZtT89n%2Bl%2BsjfbnWtlxl5QIPWNHcPjaq9jHH%2FMZsr1UiTaqbMo36fOOtAvlvmc65O%2BHy12izWv5u6oMhakRIV%2BvO6KV5qaDSRepyNr%2B5HhJLQIwWQfhmboBBs%2F9FvaMqze8l8441Y8Oe9PB3etH1F%2FfHbqbXFe4hfCBSLCBpqiaQ3FaKidlWrClg6VltxSjS2Q%2FD837qfkTs5PQOzvTRxOViu%2F4XvBCkjrB4F1A7jzBm%2Fi7BtoP49FD7pA938sPTW%2FCXTvr7%2Fx7v4G&RelayState=%2F_ui%2Fcore%2Ffeeds%2Fnotification%2FChatterEmailSettings%3Famp%253Bemkind%3DchatterPostNotification%26amp%253Bs1nid%3D000000000000000%26setupid%3DCollaborationEmailSettings%26amp%253Bs1oid%3D00D1H000000O9OP%26amp%253Bs1uid%3D0051H000009SAGJ%26amp%253BfromEmail%3D1%26amp%253Bs1ext%3D0%26amp%253Bemtm%3D1652881657246&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=H565iGKa%2BNYDtaT%2BAIrwtxr%2F0fKZVlZIytRJnvtkwnH9oY5OtgZnvW3eSwRts8zICNZgkILyyRvnRep63t%2Bv3rwkC3RLEkG3LuUdh8BcGvKYIhEw54P%2FymZC32%2Bw7PNQf5v%2F6fz1QjhHdAwpkxx7fFKXRIF%2BlCjkERdvvCwdhnds8klW2LWWyF%2BwBFT%2FLuSVx3HS%2F2BQsDodnn5uRvo%2Bzg2h0S0MNb0q3KiWp9dNswAlyzzabAby3NS5hILrnIRD5nbZV7TfAf9784k%2BNPH1NuNNgbLvZcHt5UiBbtDiArAqkdQejI6OtABlvsb%2BEACDqhzZIhM2TR%2Fu3IL1vjRvc4%2B7rWQ8AQqhjWsuTDyl8y114%2FEodgkUd6aj8Y9zEGi5NxHBL4qxHxY7zFeTp9XZqpKuxcYjf9RN1eYKyskknPzNBQB71KxtrLDuTT3EYk5%2BkQWj1Ci0iNyaZEURMR7KRC9ldfuOKMshWmES2I8wEfKgBf7ZDRGBNS11Ps15vsulsBwC8t1cfa49BBQ4o9USRqwwhWdNJZQWlz%2BqjV%2FJ8pjCwBIWINbQL4aJXuA3TzvZBPcIP48%2FqSkuUawRkc%2FIO0jsZaRhIMRP0DtDs8XncZoP9tI95CG%2FtvxD9nnGeGSaHxtvMZKErolbA0BfdS%2BZJfv05zl11aqfulQsfzs1Mmg%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK ChatterEmailSettings
nuveen.my.salesforce.com/_ui/core/feeds/notification/ 2 KB
2 KB 775ms
108ms Document
text/html 13.109.184.181
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://nuveen.my.salesforce.com/_ui/core/feeds/notification/ChatterEmailSettings?setupid=CollaborationEmailSettings&fromEmail=1&s1oid=00D1H000000O9OP&s1nid=000000000000000&s1uid=0051H000009SAGJ&s1ext=0&emkind=chatterPostNotification&emtm=1652881657246

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.109.184.181 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg1-c5-iad4.na160-ia4.my.salesforce.com

Software

/

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: must-revalidate,no-cache,no-store
Connection: close
Content-Encoding: gzip
Content-Security-Policy: upgrade-insecure-requests
Content-Type: text/html; charset=UTF-8
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H2

200

Primary Request SSO.saml2 Show response
auth.tiaa.org/idp/
Redirect Chain

https://nuveen.my.salesforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAYFoPz4XMDAwMDAwMDAwMDAwMDAwAAAA7A8AWEaetgky6C95z9WWUFAf61N1LO-nulvPsyHUEWNWhdX59hVrthOPlK7L_XLEFykMZcq5Fu7V5pKc5ilQBDr...
https://auth.tiaa.org/idp/SSO.saml2?SAMLRequest=hZJdc6owEIb%2FCpN7kQ9ByRQd%2FKqtKCgi1hsnYhROIcEk0OqvP1SPMz3nomdn9iKzm33f2X2eep95JlWY8ZQSG6iyAiRMYnpIyckG4Wrc6IBe94mjPCugU4qELPG5xFxI9T%2FC4a1gg5IRSBF...

4 KB
3 KB

766ms
586ms

Document
text/html

104.89.26.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.tiaa.org/idp/SSO.saml2?SAMLRequest=hZJdc6owEIb%2FCpN7kQ9ByRQd%2FKqtKCgi1hsnYhROIcEk0OqvP1SPMz3nomdn9iKzm33f2X2eep95JlWY8ZQSG6iyAiRMYnpIyckG4Wrc6IBe94mjPCugU4qELPG5xFxI9T%2FC4a1gg5IRSBFPOSQoxxyKGAbOzIWarMCCUUFjmgHJ4RwzUQsNKOFljlmAWZXGOFy6NkiEKDhsNklZYUzk%2FCJzlGF%2BpCzGckzzHqe2ogzViXILz%2FJ8IA1rJylB4mb%2BMQHVNmWRIiRTdmqmh6IZBJ785VQD0svQBjtt4NTxNqb%2BtbWZDZ2Pf%2FOr3HY6TjRCWJzeL%2BbAMq5WFIVj52iqc9X1GqTMKp9fJuEomkfJYWNYyZqJxPOzadvdbdzR%2BPI%2B28ZnY1y210YxjY00W%2FSH7ITbi3C57W%2FTpTFQeaW9BJvlIRpMaOeZtT89n%2Bl%2BsjfbnWtlxl5QIPWNHcPjaq9jHH%2FMZsr1UiTaqbMo36fOOtAvlvmc65O%2BHy12izWv5u6oMhakRIV%2BvO6KV5qaDSRepyNr%2B5HhJLQIwWQfhmboBBs%2F9FvaMqze8l8441Y8Oe9PB3etH1F%2FfHbqbXFe4hfCBSLCBpqiaQ3FaKidlWrClg6VltxSjS2Q%2FD837qfkTs5PQOzvTRxOViu%2F4XvBCkjrB4F1A7jzBm%2Fi7BtoP49FD7pA938sPTW%2FCXTvr7%2Fx7v4G&RelayState=%2F_ui%2Fcore%2Ffeeds%2Fnotification%2FChatterEmailSettings%3Famp%253Bemkind%3DchatterPostNotification%26amp%253Bs1nid%3D000000000000000%26setupid%3DCollaborationEmailSettings%26amp%253Bs1oid%3D00D1H000000O9OP%26amp%253Bs1uid%3D0051H000009SAGJ%26amp%253BfromEmail%3D1%26amp%253Bs1ext%3D0%26amp%253Bemtm%3D1652881657246&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=H565iGKa%2BNYDtaT%2BAIrwtxr%2F0fKZVlZIytRJnvtkwnH9oY5OtgZnvW3eSwRts8zICNZgkILyyRvnRep63t%2Bv3rwkC3RLEkG3LuUdh8BcGvKYIhEw54P%2FymZC32%2Bw7PNQf5v%2F6fz1QjhHdAwpkxx7fFKXRIF%2BlCjkERdvvCwdhnds8klW2LWWyF%2BwBFT%2FLuSVx3HS%2F2BQsDodnn5uRvo%2Bzg2h0S0MNb0q3KiWp9dNswAlyzzabAby3NS5hILrnIRD5nbZV7TfAf9784k%2BNPH1NuNNgbLvZcHt5UiBbtDiArAqkdQejI6OtABlvsb%2BEACDqhzZIhM2TR%2Fu3IL1vjRvc4%2B7rWQ8AQqhjWsuTDyl8y114%2FEodgkUd6aj8Y9zEGi5NxHBL4qxHxY7zFeTp9XZqpKuxcYjf9RN1eYKyskknPzNBQB71KxtrLDuTT3EYk5%2BkQWj1Ci0iNyaZEURMR7KRC9ldfuOKMshWmES2I8wEfKgBf7ZDRGBNS11Ps15vsulsBwC8t1cfa49BBQ4o9USRqwwhWdNJZQWlz%2BqjV%2FJ8pjCwBIWINbQL4aJXuA3TzvZBPcIP48%2FqSkuUawRkc%2FIO0jsZaRhIMRP0DtDs8XncZoP9tI95CG%2FtvxD9nnGeGSaHxtvMZKErolbA0BfdS%2BZJfv05zl11aqfulQsfzs1Mmg%3D
Requested by: Host: nuveen.my.salesforce.com
URL: https://nuveen.my.salesforce.com/_ui/core/feeds/notification/ChatterEmailSettings?setupid=CollaborationEmailSettings&fromEmail=1&s1oid=00D1H000000O9OP&s1nid=000000000000000&s1uid=0051H000009SAGJ&s1ext=0&emkind=chatterPostNotification&emtm=1652881657246
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.26.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-26-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fdf828be6d95d2a69bebfaff7f7eaac783d84722328c47ba623f617e78824699

Request headers

Referer: https://nuveen.my.salesforce.com/_ui/core/feeds/notification/ChatterEmailSettings?setupid=CollaborationEmailSettings&fromEmail=1&s1oid=00D1H000000O9OP&s1nid=000000000000000&s1uid=0051H000009SAGJ&s1ext=0&emkind=chatterPostNotification&emtm=1652881657246
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
content-length: 1247
content-type: text/html;charset=utf-8
date: Wed, 18 May 2022 16:43:05 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="{}"
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
x-akamai-transformed: 9 1476 0 pmb=mTOE,1
x-edgeconnect-midmile-rtt: 101
x-edgeconnect-origin-mex-latency: 49

Redirect headers

Cache-Control: no-cache,must-revalidate,max-age=0,no-store,private
Content-Length: 0
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; img-src https: data: blob: file:; frame-ancestors 'self' *.salesforce.com *.force.com *.visualforce.com *.documentforce.com; font-src https: data: blob: file:; connect-src 'self' https:; report-uri https://csp-report.force.com/_/ContentDomainCSPNoAuth?type=mydomain
Content-Type: text/html;charset=UTF-8
Date: Wed, 18 May 2022 16:43:04 GMT
Location: https://auth.tiaa.org/idp/SSO.saml2?SAMLRequest=hZJdc6owEIb%2FCpN7kQ9ByRQd%2FKqtKCgi1hsnYhROIcEk0OqvP1SPMz3nomdn9iKzm33f2X2eep95JlWY8ZQSG6iyAiRMYnpIyckG4Wrc6IBe94mjPCugU4qELPG5xFxI9T%2FC4a1gg5IRSBFPOSQoxxyKGAbOzIWarMCCUUFjmgHJ4RwzUQsNKOFljlmAWZXGOFy6NkiEKDhsNklZYUzk%2FCJzlGF%2BpCzGckzzHqe2ogzViXILz%2FJ8IA1rJylB4mb%2BMQHVNmWRIiRTdmqmh6IZBJ785VQD0svQBjtt4NTxNqb%2BtbWZDZ2Pf%2FOr3HY6TjRCWJzeL%2BbAMq5WFIVj52iqc9X1GqTMKp9fJuEomkfJYWNYyZqJxPOzadvdbdzR%2BPI%2B28ZnY1y210YxjY00W%2FSH7ITbi3C57W%2FTpTFQeaW9BJvlIRpMaOeZtT89n%2Bl%2BsjfbnWtlxl5QIPWNHcPjaq9jHH%2FMZsr1UiTaqbMo36fOOtAvlvmc65O%2BHy12izWv5u6oMhakRIV%2BvO6KV5qaDSRepyNr%2B5HhJLQIwWQfhmboBBs%2F9FvaMqze8l8441Y8Oe9PB3etH1F%2FfHbqbXFe4hfCBSLCBpqiaQ3FaKidlWrClg6VltxSjS2Q%2FD837qfkTs5PQOzvTRxOViu%2F4XvBCkjrB4F1A7jzBm%2Fi7BtoP49FD7pA938sPTW%2FCXTvr7%2Fx7v4G&RelayState=%2F_ui%2Fcore%2Ffeeds%2Fnotification%2FChatterEmailSettings%3Famp%253Bemkind%3DchatterPostNotification%26amp%253Bs1nid%3D000000000000000%26setupid%3DCollaborationEmailSettings%26amp%253Bs1oid%3D00D1H000000O9OP%26amp%253Bs1uid%3D0051H000009SAGJ%26amp%253BfromEmail%3D1%26amp%253Bs1ext%3D0%26amp%253Bemtm%3D1652881657246&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=H565iGKa%2BNYDtaT%2BAIrwtxr%2F0fKZVlZIytRJnvtkwnH9oY5OtgZnvW3eSwRts8zICNZgkILyyRvnRep63t%2Bv3rwkC3RLEkG3LuUdh8BcGvKYIhEw54P%2FymZC32%2Bw7PNQf5v%2F6fz1QjhHdAwpkxx7fFKXRIF%2BlCjkERdvvCwdhnds8klW2LWWyF%2BwBFT%2FLuSVx3HS%2F2BQsDodnn5uRvo%2Bzg2h0S0MNb0q3KiWp9dNswAlyzzabAby3NS5hILrnIRD5nbZV7TfAf9784k%2BNPH1NuNNgbLvZcHt5UiBbtDiArAqkdQejI6OtABlvsb%2BEACDqhzZIhM2TR%2Fu3IL1vjRvc4%2B7rWQ8AQqhjWsuTDyl8y114%2FEodgkUd6aj8Y9zEGi5NxHBL4qxHxY7zFeTp9XZqpKuxcYjf9RN1eYKyskknPzNBQB71KxtrLDuTT3EYk5%2BkQWj1Ci0iNyaZEURMR7KRC9ldfuOKMshWmES2I8wEfKgBf7ZDRGBNS11Ps15vsulsBwC8t1cfa49BBQ4o9USRqwwhWdNJZQWlz%2BqjV%2FJ8pjCwBIWINbQL4aJXuA3TzvZBPcIP48%2FqSkuUawRkc%2FIO0jsZaRhIMRP0DtDs8XncZoP9tI95CG%2FtvxD9nnGeGSaHxtvMZKErolbA0BfdS%2BZJfv05zl11aqfulQsfzs1Mmg%3D
Pragma: no-cache
Referrer-Policy: origin-when-cross-origin
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block

GET
H2 200 main.css
auth.tiaa.org/assets/css/ 8 KB
3 KB 4842ms
4842ms Stylesheet
text/html 104.89.26.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.tiaa.org/assets/css/main.css
Requested by: Host: auth.tiaa.org
URL: https://auth.tiaa.org/idp/SSO.saml2?SAMLRequest=hZJdc6owEIb%2FCpN7kQ9ByRQd%2FKqtKCgi1hsnYhROIcEk0OqvP1SPMz3nomdn9iKzm33f2X2eep95JlWY8ZQSG6iyAiRMYnpIyckG4Wrc6IBe94mjPCugU4qELPG5xFxI9T%2FC4a1gg5IRSBFPOSQoxxyKGAbOzIWarMCCUUFjmgHJ4RwzUQsNKOFljlmAWZXGOFy6NkiEKDhsNklZYUzk%2FCJzlGF%2BpCzGckzzHqe2ogzViXILz%2FJ8IA1rJylB4mb%2BMQHVNmWRIiRTdmqmh6IZBJ785VQD0svQBjtt4NTxNqb%2BtbWZDZ2Pf%2FOr3HY6TjRCWJzeL%2BbAMq5WFIVj52iqc9X1GqTMKp9fJuEomkfJYWNYyZqJxPOzadvdbdzR%2BPI%2B28ZnY1y210YxjY00W%2FSH7ITbi3C57W%2FTpTFQeaW9BJvlIRpMaOeZtT89n%2Bl%2BsjfbnWtlxl5QIPWNHcPjaq9jHH%2FMZsr1UiTaqbMo36fOOtAvlvmc65O%2BHy12izWv5u6oMhakRIV%2BvO6KV5qaDSRepyNr%2B5HhJLQIwWQfhmboBBs%2F9FvaMqze8l8441Y8Oe9PB3etH1F%2FfHbqbXFe4hfCBSLCBpqiaQ3FaKidlWrClg6VltxSjS2Q%2FD837qfkTs5PQOzvTRxOViu%2F4XvBCkjrB4F1A7jzBm%2Fi7BtoP49FD7pA938sPTW%2FCXTvr7%2Fx7v4G&RelayState=%2F_ui%2Fcore%2Ffeeds%2Fnotification%2FChatterEmailSettings%3Famp%253Bemkind%3DchatterPostNotification%26amp%253Bs1nid%3D000000000000000%26setupid%3DCollaborationEmailSettings%26amp%253Bs1oid%3D00D1H000000O9OP%26amp%253Bs1uid%3D0051H000009SAGJ%26amp%253BfromEmail%3D1%26amp%253Bs1ext%3D0%26amp%253Bemtm%3D1652881657246&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=H565iGKa%2BNYDtaT%2BAIrwtxr%2F0fKZVlZIytRJnvtkwnH9oY5OtgZnvW3eSwRts8zICNZgkILyyRvnRep63t%2Bv3rwkC3RLEkG3LuUdh8BcGvKYIhEw54P%2FymZC32%2Bw7PNQf5v%2F6fz1QjhHdAwpkxx7fFKXRIF%2BlCjkERdvvCwdhnds8klW2LWWyF%2BwBFT%2FLuSVx3HS%2F2BQsDodnn5uRvo%2Bzg2h0S0MNb0q3KiWp9dNswAlyzzabAby3NS5hILrnIRD5nbZV7TfAf9784k%2BNPH1NuNNgbLvZcHt5UiBbtDiArAqkdQejI6OtABlvsb%2BEACDqhzZIhM2TR%2Fu3IL1vjRvc4%2B7rWQ8AQqhjWsuTDyl8y114%2FEodgkUd6aj8Y9zEGi5NxHBL4qxHxY7zFeTp9XZqpKuxcYjf9RN1eYKyskknPzNBQB71KxtrLDuTT3EYk5%2BkQWj1Ci0iNyaZEURMR7KRC9ldfuOKMshWmES2I8wEfKgBf7ZDRGBNS11Ps15vsulsBwC8t1cfa49BBQ4o9USRqwwhWdNJZQWlz%2BqjV%2FJ8pjCwBIWINbQL4aJXuA3TzvZBPcIP48%2FqSkuUawRkc%2FIO0jsZaRhIMRP0DtDs8XncZoP9tI95CG%2FtvxD9nnGeGSaHxtvMZKErolbA0BfdS%2BZJfv05zl11aqfulQsfzs1Mmg%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.26.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-26-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1b87b941eb970a488a2d4fe99b644e63cf5f2d1afaeb5f67b63c53b982d78d9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.tiaa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 May 2022 16:43:10 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "2b65ad4e8f490a66b69af8b5002dada6:1613140551.930072"
vary: Accept-Encoding
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 2463
x-akamai-transformed: 9 8085 0 pmb=mTOE,1
expires: Wed, 18 May 2022 16:43:10 GMT

GET
H2 200 2OW4 Show response
auth.tiaa.org/mIrZBF7duQ/f0yoXU/YXFS/w5SOXD3L5Gih/Ay9OAQ/VwQzfnZ/ 84 KB
21 KB 21ms
21ms Script
application/javascript 104.89.26.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.tiaa.org/mIrZBF7duQ/f0yoXU/YXFS/w5SOXD3L5Gih/Ay9OAQ/VwQzfnZ/2OW4
Requested by: Host: auth.tiaa.org
URL: https://auth.tiaa.org/idp/SSO.saml2?SAMLRequest=hZJdc6owEIb%2FCpN7kQ9ByRQd%2FKqtKCgi1hsnYhROIcEk0OqvP1SPMz3nomdn9iKzm33f2X2eep95JlWY8ZQSG6iyAiRMYnpIyckG4Wrc6IBe94mjPCugU4qELPG5xFxI9T%2FC4a1gg5IRSBFPOSQoxxyKGAbOzIWarMCCUUFjmgHJ4RwzUQsNKOFljlmAWZXGOFy6NkiEKDhsNklZYUzk%2FCJzlGF%2BpCzGckzzHqe2ogzViXILz%2FJ8IA1rJylB4mb%2BMQHVNmWRIiRTdmqmh6IZBJ785VQD0svQBjtt4NTxNqb%2BtbWZDZ2Pf%2FOr3HY6TjRCWJzeL%2BbAMq5WFIVj52iqc9X1GqTMKp9fJuEomkfJYWNYyZqJxPOzadvdbdzR%2BPI%2B28ZnY1y210YxjY00W%2FSH7ITbi3C57W%2FTpTFQeaW9BJvlIRpMaOeZtT89n%2Bl%2BsjfbnWtlxl5QIPWNHcPjaq9jHH%2FMZsr1UiTaqbMo36fOOtAvlvmc65O%2BHy12izWv5u6oMhakRIV%2BvO6KV5qaDSRepyNr%2B5HhJLQIwWQfhmboBBs%2F9FvaMqze8l8441Y8Oe9PB3etH1F%2FfHbqbXFe4hfCBSLCBpqiaQ3FaKidlWrClg6VltxSjS2Q%2FD837qfkTs5PQOzvTRxOViu%2F4XvBCkjrB4F1A7jzBm%2Fi7BtoP49FD7pA938sPTW%2FCXTvr7%2Fx7v4G&RelayState=%2F_ui%2Fcore%2Ffeeds%2Fnotification%2FChatterEmailSettings%3Famp%253Bemkind%3DchatterPostNotification%26amp%253Bs1nid%3D000000000000000%26setupid%3DCollaborationEmailSettings%26amp%253Bs1oid%3D00D1H000000O9OP%26amp%253Bs1uid%3D0051H000009SAGJ%26amp%253BfromEmail%3D1%26amp%253Bs1ext%3D0%26amp%253Bemtm%3D1652881657246&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=H565iGKa%2BNYDtaT%2BAIrwtxr%2F0fKZVlZIytRJnvtkwnH9oY5OtgZnvW3eSwRts8zICNZgkILyyRvnRep63t%2Bv3rwkC3RLEkG3LuUdh8BcGvKYIhEw54P%2FymZC32%2Bw7PNQf5v%2F6fz1QjhHdAwpkxx7fFKXRIF%2BlCjkERdvvCwdhnds8klW2LWWyF%2BwBFT%2FLuSVx3HS%2F2BQsDodnn5uRvo%2Bzg2h0S0MNb0q3KiWp9dNswAlyzzabAby3NS5hILrnIRD5nbZV7TfAf9784k%2BNPH1NuNNgbLvZcHt5UiBbtDiArAqkdQejI6OtABlvsb%2BEACDqhzZIhM2TR%2Fu3IL1vjRvc4%2B7rWQ8AQqhjWsuTDyl8y114%2FEodgkUd6aj8Y9zEGi5NxHBL4qxHxY7zFeTp9XZqpKuxcYjf9RN1eYKyskknPzNBQB71KxtrLDuTT3EYk5%2BkQWj1Ci0iNyaZEURMR7KRC9ldfuOKMshWmES2I8wEfKgBf7ZDRGBNS11Ps15vsulsBwC8t1cfa49BBQ4o9USRqwwhWdNJZQWlz%2BqjV%2FJ8pjCwBIWINbQL4aJXuA3TzvZBPcIP48%2FqSkuUawRkc%2FIO0jsZaRhIMRP0DtDs8XncZoP9tI95CG%2FtvxD9nnGeGSaHxtvMZKErolbA0BfdS%2BZJfv05zl11aqfulQsfzs1Mmg%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.26.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-26-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://auth.tiaa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 16:43:05 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 19:29:24 GMT
etag: "a7a61709860c0c57ec0c92584ae4f1bc214dfc71043ea43843572e55d14841f6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 20456
expires: Wed, 08 Jun 2022 09:24:05 GMT

POST
H2 201 2OW4 Show response
auth.tiaa.org/mIrZBF7duQ/f0yoXU/YXFS/w5SOXD3L5Gih/Ay9OAQ/VwQzfnZ/ 18 B
679 B 761ms
761ms XHR
application/json 104.89.26.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.tiaa.org/mIrZBF7duQ/f0yoXU/YXFS/w5SOXD3L5Gih/Ay9OAQ/VwQzfnZ/2OW4
Requested by: Host: auth.tiaa.org
URL: https://auth.tiaa.org/mIrZBF7duQ/f0yoXU/YXFS/w5SOXD3L5Gih/Ay9OAQ/VwQzfnZ/2OW4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.26.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-26-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://auth.tiaa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 18 May 2022 16:43:10 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://auth.tiaa.org
access-control-allow-credentials: true
x_req_id: e45ede30-7122-4172-add6-767226933821
access-control-allow-headers: Content-Type
content-length: 18

POST
H2 201 2OW4 Show response
auth.tiaa.org/mIrZBF7duQ/f0yoXU/YXFS/w5SOXD3L5Gih/Ay9OAQ/VwQzfnZ/ 18 B
679 B 180ms
180ms XHR
application/json 104.89.26.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.tiaa.org/mIrZBF7duQ/f0yoXU/YXFS/w5SOXD3L5Gih/Ay9OAQ/VwQzfnZ/2OW4
Requested by: Host: auth.tiaa.org
URL: https://auth.tiaa.org/mIrZBF7duQ/f0yoXU/YXFS/w5SOXD3L5Gih/Ay9OAQ/VwQzfnZ/2OW4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.26.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-26-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://auth.tiaa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 18 May 2022 16:43:10 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://auth.tiaa.org
access-control-allow-credentials: true
x_req_id: e3778ea2-5a76-420d-9cd8-16df645cbf3c
access-control-allow-headers: Content-Type
content-length: 18

POST
H2 201 2OW4 Show response
auth.tiaa.org/mIrZBF7duQ/f0yoXU/YXFS/w5SOXD3L5Gih/Ay9OAQ/VwQzfnZ/ 18 B
661 B 190ms
189ms XHR
application/json 104.89.26.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.tiaa.org/mIrZBF7duQ/f0yoXU/YXFS/w5SOXD3L5Gih/Ay9OAQ/VwQzfnZ/2OW4
Requested by: Host: auth.tiaa.org
URL: https://auth.tiaa.org/mIrZBF7duQ/f0yoXU/YXFS/w5SOXD3L5Gih/Ay9OAQ/VwQzfnZ/2OW4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.26.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-26-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Request headers

Referer: https://auth.tiaa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 18 May 2022 16:43:11 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://auth.tiaa.org
access-control-allow-credentials: true
x_req_id: 496fba1b-b65b-45ac-a9d4-3b5fa4f56f63
access-control-allow-headers: Content-Type
content-length: 18

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nuveen.my.salesforce.com/	1970-01-20 11:53:48	Name: CookieConsentPolicy Value: 0:1
nuveen.my.salesforce.com/	1970-01-20 11:53:48	Name: LSKey-c$CookieConsentPolicy Value: 0:1
.salesforce.com/	1970-01-20 11:53:48	Name: BrowserId Value: llf1P9bJEeyusQ0umIDLmQ
.salesforce.com/	1970-01-20 11:53:48	Name: BrowserId_sec Value: llf1P9bJEeyusQ0umIDLmQ
auth.tiaa.org/	1969-12-31 23:59:59	Name: PF Value: Jm5JI78xnljMj7jJqnhHLL
auth.tiaa.org/	1969-12-31 23:59:59	Name: BIGipServerpool_publictools-ha-federation_9030_prod-b Value: 1344310538.17955.0000
auth.tiaa.org/	1969-12-31 23:59:59	Name: BIGipServerpool_origin-auth-ha_7700_prod-b Value: 218402058.5150.0000
auth.tiaa.org/	1970-01-20 03:08:13	Name: tiaa_dc Value: nch1
auth.tiaa.org/	1969-12-31 23:59:59	Name: TS010984ce Value: 01305a3a9c581d8a480264bcf2516a8db84a97194bcbedf46015035edac3f1c83de7deb2da4f1cdf01d1173a1ac0994531c39ee85f18667e99fcbdf14b72cf8a8dd9eb624c6d3c3b38f81afa4d53a43fe9e8c39c75a73c17653ef72534cb3d00ffff779ac01a04290a861d302cd85578f6ceb7d7e5
auth.tiaa.org/	1969-12-31 23:59:59	Name: TS6938356b027 Value: 083ff657f1ab20009a4a59121c0ed939712213115dc70f4053d079dc5c9d3e41f630ab9eb897303208584c1c12113000aa2d562c305e5031efe4d5ad1904119659ea15f52e96efc5fb5e759387ac5b38cae793b8c97114e1b168407094659847
.tiaa.org/	1970-01-20 03:08:19	Name: ak_bmsc Value: 767B930EB29748BE8A6905428E275377~000000000000000000000000000000~YAAQbeF7XIDqftCAAQAAmjIN2A9iRLP1/esKVisFm123vYFOK+ZvpuIiii8B/zFyg9qzDujfwAYeV+s3agA3b1Amh7i1rV+eEiI9/Z4OQKgy5LclXuoPWoDYGAxmBOkdQvjY+5mqD4qsJFQ0lkZ18rSxrZV+lg3tPTpjTtIcuHUUr3FSMVwMN3bVZf5cAghRUsZvxlc6WBLleEtfZF/rL721gUUuIGE4FVpErdIA/fS5PvpHSp+gvnEUS+7IWXXCM3CpRrpEVso54a5YiQyoXdDMz5ZcnCGOWUZujxn3UN6DUvksVOAuvFsyDXy7cnzaQrTeUAriZckW23jxA7R+7uTJWeTiuC6rYHdOIJJlEzn5TgyP1U/8ticK26SpiNwifW0dpNg=
.tiaa.org/	1970-01-20 03:08:26	Name: bm_sz Value: 676B8DE7ABEC58A8E2EFBA3DDEFC506B~YAAQbeF7XIHqftCAAQAAmjIN2A9vscDyq3y+mMFlNaUtS3VxrRuzzLDi9UerW9mylTMa8BVelYy6jyDqMFMGHLQrzquc1CBcZFXWRZcplzH4qlHnJuf7R6gnTGH/bkPb752nXAwNCy0yBrdLe65vqKr+QM3Y5VkyA7tgnaKA0T35kFommk4vWichp7Q0p1IpIIziRVk3AkcuxqbrV28sJZfJAnHOlnpWnqjzWgSulyvpP5CSuDgyhZnJ0qBLpT6OlMxz301wgWeEeEd3heUJ675maGkuLJIgvBKmUsKCg29y~3356482~4534580
.tiaa.org/	1970-01-20 03:08:19	Name: bm_sv Value: C9E7CB12D01C872B964FC59AE5CCC254~YAAQbeF7XI/qftCAAQAAkEUN2A8tyFLcCvDJOWBMoqsTg1MX2axcIpmfwiM/iouf1a+D3+cYio95Srxs0aIesEn3cKNsk62inXHJr6dQa0GFW3FBWt+qXnhgyWf9e8Oibp5B6vOBwyyH93IJDWzoVBzzRPtx1gpENVd5DM+gWUvm249XXGJinzmPRIaD6jh8EjrT1GfQ9vMBRKJO71TRYOtrFDY6p47VyHztoPBupV0f+1prqZvvFoaDjLuexw==~1
.tiaa.org/	1970-01-20 11:53:48	Name: _abck Value: B7B431D04BF3084828E0F31B9B9B9617~-1~YAAQbeF7XJPqftCAAQAAu0kN2Ae+p0pF4sq0af5pu9YBf8w6D7lHSc7MGrK5tXZ+Hqi5hTamlEbyKWTPQexFs3Zgf5M1qO373Qcv1SLTCHA0FBoa4kyFe2erGjQMt5IdBwscVAQ53AiESGKpmdhF/QflSWr3bsfhw/siIHsn6lLRW8nm+jGxVcS3HuR04s3Mv9qqD0ToXfNN3jNsNS3KGfWLTKXxASDGj7dHWmaSt33HvHDDH5yu5pl6qDSdmtRMzd/C+9AsdA0Hmtsuu0VUi+PXl4DdaTCw0g7iL9MBUd3M0QtH7p+sfcGnJWC/g3lY6FbiQLWMjT6+24m9rA7wybZIIc+9BtTyIEAg9iKvmX3rvqPKXpCvGDO6Unly6NPnmXgD4FDMsD8=~-1~\|\|-1\|\|~1652895764

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.tiaa.org
nuveen.my.salesforce.com
104.89.26.18
13.109.184.181
1b87b941eb970a488a2d4fe99b644e63cf5f2d1afaeb5f67b63c53b982d78d9e
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2
fdf828be6d95d2a69bebfaff7f7eaac783d84722328c47ba623f617e78824699

auth.tiaa.org Open in urlscan Pro 104.89.26.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

31 kBTransfer

98 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

14 Cookies

Security Headers

Indicators

auth.tiaa.org Open in urlscan Pro
104.89.26.18 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

31 kB
Transfer

98 kB
Size

14
Cookies

7 HTTP transactions
0 data transactions