sixdegrees.login.duosecurity.com
Open in
urlscan Pro
75.2.35.186
Public Scan
Effective URL: https://sixdegrees.login.duosecurity.com/login/RIYTVOS348PY6Z6ZB5WA?authkey=ASYX4E5FHTL273D21CR8&aid=836f00b3d3cc4263932dd720a1392eef
Submission Tags: falconsandbox
Submission: On November 19 via api from US
Summary
TLS certificate: Issued by Amazon on March 26th 2020. Valid for: a year.
This is the only time sixdegrees.login.duosecurity.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 195.130.217.187 195.130.217.187 | 42427 (MIMECAST-UK) (MIMECAST-UK) | |
2 2 | 161.71.3.163 161.71.3.163 | 14340 (SALESFORCE) (SALESFORCE) | |
1 7 | 75.2.35.186 75.2.35.186 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 1 |
ASN42427 (MIMECAST-UK, GB)
PTR: eu-api.mimecast.com
protect-eu.mimecast.com |
ASN14340 (SALESFORCE, US)
PTR: dcl8-ncg0-lhr3.um5-lo2.force.com
6dg.cloudforce.com |
ASN16509 (AMAZON-02, US)
PTR: afb2990036de29829.awsglobalaccelerator.com
sso-336108a9.sso.duosecurity.com | |
sixdegrees.login.duosecurity.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
duosecurity.com
1 redirects
sso-336108a9.sso.duosecurity.com sixdegrees.login.duosecurity.com |
283 KB |
2 |
cloudforce.com
2 redirects
6dg.cloudforce.com |
3 KB |
2 |
mimecast.com
2 redirects
protect-eu.mimecast.com |
1 KB |
6 | 3 |
Domain | Requested by | |
---|---|---|
6 | sixdegrees.login.duosecurity.com |
sixdegrees.login.duosecurity.com
|
2 | 6dg.cloudforce.com | 2 redirects |
2 | protect-eu.mimecast.com | 2 redirects |
1 | sso-336108a9.sso.duosecurity.com | 1 redirects |
6 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.login.duosecurity.com Amazon |
2020-03-26 - 2021-04-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sixdegrees.login.duosecurity.com/login/RIYTVOS348PY6Z6ZB5WA?authkey=ASYX4E5FHTL273D21CR8&aid=836f00b3d3cc4263932dd720a1392eef
Frame ID: C17F18F5645DABF6820127D47809DA94
Requests: 6 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://protect-eu.mimecast.com/s/SN3PCM8kwc2mRmrIwnLpA?domain=6dg.cloudforce.com
HTTP 307
https://protect-eu.mimecast.com/redirect/eNqVUtlu2zAQ_BWDQN9ihdQto0dU20rjJHZjy3VaBBAoipYZHVR4KHaL_nupJMh7CQI... HTTP 307
https://6dg.cloudforce.com/?c=8nfTFtdSntFu5.1vpgEATXYGeuabvFSeiIxTrRnAvJTtygTPlNROB3O.21jJ4XRgEvXHfnkel... HTTP 302
https://6dg.cloudforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXZwgAqKME8wNEowMDAwMDAwMDA2AAA... HTTP 302
https://sso-336108a9.sso.duosecurity.com/saml2/sp/DI22BPYKAB099Y9OC6KM/sso?SAMLRequest=fZJbj6JAEIX%2FCul3tBsFkQxOVBhh... HTTP 302
https://sixdegrees.login.duosecurity.com/login/RIYTVOS348PY6Z6ZB5WA?authkey=ASYX4E5FHTL273D21CR8&aid=836f00b3d3cc4263... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://protect-eu.mimecast.com/s/SN3PCM8kwc2mRmrIwnLpA?domain=6dg.cloudforce.com
HTTP 307
https://protect-eu.mimecast.com/redirect/eNqVUtlu2zAQ_BWDQN9ihdQto0dU20rjJHZjy3VaBBAoipYZHVR4KHaL_nupJMh7CQIkd2d2ubvzBwjSKTABBNc0t3Crntk451gyXPELvygtwi1dgTNQcwIm8AwISijrlGINBRPkQy8IggjZEA4-E8k-A1SyAkwcB4YuDP3IOFSjlrwwBAAhMsFYZ67IR1aALN-ybdfYGlkONPAxrP0rAf9n3V2juW9OVdl2sb27S9WUc19d6mR3nJYXcl8Qq6Xqs8nSDTnMH7WoTa6DUp2cPJw_nL-UWnNd7Lkg1FTdPJx_IZ_Cdp8mqti0KtGehfqunMfp_c9LqnHeJxvKro6pWLdxv0jVqUy_18v16quzsmz0uHDv1-W8v_-2bytaX-mQe1ZP9AwXxcziNM_x0dkdHn8_oWUY_zilkSqWfXKyXDuJy-1qtiCLI7TXruN2m9WvbQDFuprXLL28jmeM74TYxh-cmdmmKjqMsMzImGa6giiLnKwvImccZVMUxghmNrQhQsaDQoNQVDTe2Ixi7PgQuch2PG_oDTYjBq8M88RkiDo9UFJt1zfGQLRUvKGCvI7yHSgbLA_GEIQUOwHK_YAggk1Mzw_DyCv2kEAfBRDuIwc7ZBCAbAthGE84k7rruFAX0ghQvjcfDEIrGW8NqBNcUaLGVFuNUR3BUr1BpM4fDeCGlyPWjp6ZOoxOXItRS59HCWZCYlaPtKSixUatLzK85bodVPbWBPD3HxG06HY HTTP 307
https://6dg.cloudforce.com/?c=8nfTFtdSntFu5.1vpgEATXYGeuabvFSeiIxTrRnAvJTtygTPlNROB3O.21jJ4XRgEvXHfnkelIu8o5.vcuDaddD.oebbax3Whjzq1N8AVyT9tdNvFy.42FAgUODJcJx02R434pSOZU70rRkEliTGKADioWrrUA%3D%3D HTTP 302
https://6dg.cloudforce.com/saml/authn-request.jsp?saml_request_id=_2CAAAAXZwgAqKME8wNEowMDAwMDAwMDA2AAAA5Pk2j6XHX81k-X76_FjD_E6c-5-lazVCmWOv08PW1EXuT1RkH1DmMT_bpsa0bthgS5P6bdnK5-1HMXx3YwzHfO5rjDawmZa3ifghjQ2d395wV1In0iwM_QHd7mptlwJ7-vgZu8K1QJKd_eFDvKCLmbUttVW4hpEfnm7i0ak4gfLHf2TNLWI55aURkG3lhqGKNi5q_wlDswawj5INvqYYzU_xv8EgINl41D_BGu86Zfq5nbVGIwNxODXSYEQqivtPQg&saml_acs=https%3A%2F%2F6dg.cloudforce.com%3Fso%3D00D4J000000Evuk&saml_binding_type=HttpRedirect&Issuer=https%3A%2F%2F6dg.cloudforce.com&samlSsoConfig=0LE4J000000gC9N&RelayState=%2F HTTP 302
https://sso-336108a9.sso.duosecurity.com/saml2/sp/DI22BPYKAB099Y9OC6KM/sso?SAMLRequest=fZJbj6JAEIX%2FCul3tBsFkQxOVBhh8IKKir4Q5CYKDdINOPPrF3VNZh92KumHStU5ddL53t5vacJUQUHiDMsAtSBgAuxlfowjGWysD1YE74M34qZJLg1LesKr4FoGhDKNDhPpMZBBWWApc0lMJOymAZGoJ62Hs6nEtaCUFxnNvCwBzJCQoKDNoXGGSZkGxTooqtgLNqupDE6U5kRqtwU%2FanlJVvphVnhBy8vSd5LJECrdT%2FgotSovgFGaDDF26SP2S0tIxnY6AoKi2281TcsvMxJ4ZRHTr7tT%2Bx6Xa5O8regcNzL3xnAE%2B%2F19fzEWjNldDhhdkYHDjYdN2Yc6Gl6NmSrWczWrZ8rw9bj7mDcv3FmwNVtEF9buCc7HWXFUwWN5NnG%2Ft%2BN0t6igaO6QapcWWl00pKQzyznmxIVHeorWvCkcfWzwLNJm9q2zr7%2B1cMEXZ8Wt04PbicPodF5yfqfP11ukYxjXM2ep%2Bb00p0n92WOr6FCKBlp%2BGr4TfCiVMZ6mxw2l2133lKshTnsxdC%2FdKJxqIWfNpzud593N6jLpJKfrxJjH%2FNWpE4XUbn3m9Xl13e%2B%2FN86tEtVInyddpDijSSkKh%2FDK4%2BN2otfz20Kx13t1eY0rai6j5rcIKQMdE%2BpiKgMOcpBFiEV9CyGpCyUotjixewCM%2BReCUYyfaP1GzPG5RCTNskzWXKwtwGxfiDYL4Amk9Dhe%2FCDxd1v3hR8Y%2FB%2B2t%2FYP68Gz%2B5f8wR8%3D&RelayState=%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=eV53v3Y7EKWstnYsY1weBeFfxFgozghqvjnGTmpkahQY0akZz7RJUBQONfGr6IF3X0BrDwfMf4zKxQPKIdJFlBJeWI8wr0%2FHatMxnSO0I%2BedaqjzrvLuE5RUiLj3kvl02JviVapnUInx16yQPLTnF4QntpP%2BTrPYKa6dE7sFXak2z4hE8KBEe0inFOqtIjRD7Sc7yQomaMDdnRUlUYyxF9bJU5CXFwYyMf0OFCa4dmgzwKkJvxiOVst5XLoSX%2BA1FjRrAUfTBt8ODg66jhlQ%2BMSaLK1GQ7dRsk7yhmFsld4GBTiP5g8fYer41WoMevlPTXnD48IGPYdcGpYDj%2BdVPw%3D%3D HTTP 302
https://sixdegrees.login.duosecurity.com/login/RIYTVOS348PY6Z6ZB5WA?authkey=ASYX4E5FHTL273D21CR8&aid=836f00b3d3cc4263932dd720a1392eef Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
RIYTVOS348PY6Z6ZB5WA
sixdegrees.login.duosecurity.com/login/ Redirect Chain
|
975 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
sixdegrees.login.duosecurity.com/static/css/ |
284 KB 48 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-legacy.min.js
sixdegrees.login.duosecurity.com/static/shared/lib/jquery/ |
144 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lodash.min.js
sixdegrees.login.duosecurity.com/static/shared/lib/lodash/ |
26 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
sixdegrees.login.duosecurity.com/static/js/page/ |
540 KB 156 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo
sixdegrees.login.duosecurity.com/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| _3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sixdegrees.login.duosecurity.com/ | Name: _xsrf Value: "NzBlZjNmMjg5NjBiNDI5ODk4MTlhMmE4YjU5N2ZjMjk=|82.102.20.235|1605786008|a6c70e2de47bcc67953acd353b0433288ecee206" |
|
sixdegrees.login.duosecurity.com/ | Name: sid Value: "MTMyMDVmNjM0ZTU2NDlmNzgzNzk1YzlmNTZjYzBiYjE=|82.102.20.235|1605786008|aef1846121604a267d5f238ec27020ffe2939129" |
|
sixdegrees.login.duosecurity.com/ | Name: sid-init-f3ead2412c874965bc169bd3169b255b Value: "MTMyMDVmNjM0ZTU2NDlmNzgzNzk1YzlmNTZjYzBiYjE=|82.102.20.235|1605786008|80f02ef6feb8d919358919bb78afb05842c3999e" |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'none'; style-src 'self'; script-src 'self'; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' ; connect-src 'self' |
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
6dg.cloudforce.com
protect-eu.mimecast.com
sixdegrees.login.duosecurity.com
sso-336108a9.sso.duosecurity.com
161.71.3.163
195.130.217.187
75.2.35.186
080eb21ed866492d4d8e7cd2dab77c97df522d3638d581a8a1cad79bdffa78b6
14516091eb8d2c89f743086fc7e770b3de538eac779b0cd69a612483547208c1
1d09ebcd781a07dfd29eba9b2d47cef13f954ba28385c312c473f10eb375da72
708ebd3345e282842cd77a0e7db9aa04b555a4f019f886b9db6e5d1991654fb4
72e7b44ab6aaa3d7b3b572d710622f62afd4f13cc15e54fed26e0eb5c9418511
87e43bdd34c591ff3ab33fe7717d956734fc496b0f2f26cf840bd87e36cc1a4e