sso-c4ef42a7.sso.duosecurity.com

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 75.2.30.150, located in United States and belongs to AMAZON-02, US. The main domain is sso-c4ef42a7.sso.duosecurity.com.
TLS certificate: Issued by Amazon on June 24th 2021. Valid for: a year.

This is the only time sso-c4ef42a7.sso.duosecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 3	71.80.32.91 71.80.32.91	20115 (CHARTER-2...) (CHARTER-20115)
1 7	75.2.30.150 75.2.30.150	16509 (AMAZON-02) (AMAZON-02)
6	1

3 71.80.32.91 (Blountville, United States) 3 redirects

ASN20115 (CHARTER-20115, US)
PTR: 071-080-032-091.biz.spectrum.com

rdc.bankoftennessee.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
duo.bankoftennessee.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 75.2.30.150 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: afb043b6cb0f8a076.awsglobalaccelerator.com

sso-c4ef42a7.sso.duosecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	duosecurity.com 1 redirects sso-c4ef42a7.sso.duosecurity.com	282 KB
3	bankoftennessee.net 3 redirects rdc.bankoftennessee.net duo.bankoftennessee.net	3 KB
6	2

	Domain	Requested by
7	sso-c4ef42a7.sso.duosecurity.com	1 redirects sso-c4ef42a7.sso.duosecurity.com
2	duo.bankoftennessee.net	2 redirects
1	rdc.bankoftennessee.net	1 redirects
6	3

This site contains no links.

Subject Issuer	Validity	Valid
*.login.duosecurity.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4
Frame ID: 7401A505025A87B1A23AA165D2A35ADC
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login

Page URL History Show full URLs

https://rdc.bankoftennessee.net/ HTTP 302
https://duo.bankoftennessee.net/check?final_redirect=eyJ1cmwiOiAiaHR0cHM6Ly9yZGMuYmFua29mdGVubmVzc2VlLm5ldC8... HTTP 302
https://duo.bankoftennessee.net/login?final_redirect=eyJ1cmwiOiAiaHR0cHM6Ly9yZGMuYmFua29mdGVubmVzc2VlLm5ldC8... HTTP 302
https://sso-c4ef42a7.sso.duosecurity.com/saml2/sp/DITCVKKFJTKA1EP7EW6T/sso?SAMLRequest=hVPLbtswELznKwTd9aBM%2BUHYBlw7... HTTP 302
https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4 Page URL

Detected technologies

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

281 kB
Transfer

931 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rdc.bankoftennessee.net/ HTTP 302
https://duo.bankoftennessee.net/check?final_redirect=eyJ1cmwiOiAiaHR0cHM6Ly9yZGMuYmFua29mdGVubmVzc2VlLm5ldC8iLCAic3ZjIjogInJkYy5iYW5rb2Z0ZW5uZXNzZWUubmV0In0%3D%7C84.19.175.184%7C1644848657%7C0381696e35e2c0a73b26210617c241ee071a7c7e HTTP 302
https://duo.bankoftennessee.net/login?final_redirect=eyJ1cmwiOiAiaHR0cHM6Ly9yZGMuYmFua29mdGVubmVzc2VlLm5ldC8iLCAic3ZjIjogInJkYy5iYW5rb2Z0ZW5uZXNzZWUubmV0In0%3D%7C84.19.175.184%7C1644848657%7C0381696e35e2c0a73b26210617c241ee071a7c7e HTTP 302
https://sso-c4ef42a7.sso.duosecurity.com/saml2/sp/DITCVKKFJTKA1EP7EW6T/sso?SAMLRequest=hVPLbtswELznKwTd9aBM%2BUHYBlw7QV2njWArKdBLQZOrhqhEqiSVOH9fUnFqB2hdXQQtZ2Znh6upoU3dkkVnH%2BUWfnVg7FUQHJpaGtIfzcJOS6KoEYZI2oAhlpHd4vMtyeKUtFpZxVQdviNd5lBjQFuhpCetV7NwdX%2F3HSY4x8BwWuUYZUO2R9kgz9BgnHLEMOcYD%2FI9Z5PhCAOlNB2wCZ4MMcorlDNOx17rAbRxsrPQdem1jelgLY2l0rpimmVRmkUIlwiTDBM0%2FuZRKzeykNT2zEdrW0OSxBgVMQwVzugodh8x75QB1mlhX2KmmsSPmSWmTVbrcvmw2dx8KjcLdF2Mrr8OS0%2F30sUxnQ9CciF%2FXI5l%2Fwoy5GNZFlFxtyu9xOItrKWSpmtA70A%2FCQb329uTW2cu3lP5U1UWpARHgViCTSgzSTh3KkEw9YZJn4ie%2F4%2FXgKWcWppMk3PaSaglX5z%2F9apQtWAvfd0%2FN0o31P57TBSjviJ4VPVQ0knTAhOVAB7%2BkVnUtXpeaqAWZqHVHYRB8q75cVGB92vrkrFwsMFSNS3Vwvh7hANl9jj6afxz%2BLJ2e7iFan5xVRlhHufKhXs9K839nQJzvUtNnXml7TGkv4q%2Fuk4u2J5fvR2f%2F4Pz3w%3D%3D&RelayState=7La860Y6GyUiKcY31IH0FZeoy3zBFwo26BOGsE3i HTTP 302
https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request email_first Show response
sso-c4ef42a7.sso.duosecurity.com/
Redirect Chain

https://rdc.bankoftennessee.net/
https://duo.bankoftennessee.net/check?final_redirect=eyJ1cmwiOiAiaHR0cHM6Ly9yZGMuYmFua29mdGVubmVzc2VlLm5ldC8iLCAic3ZjIjogInJkYy5iYW5rb2Z0ZW5uZXNzZWUubmV0In0%3D%7C84.19.175.184%7C1644848657%7C038169...
https://duo.bankoftennessee.net/login?final_redirect=eyJ1cmwiOiAiaHR0cHM6Ly9yZGMuYmFua29mdGVubmVzc2VlLm5ldC8iLCAic3ZjIjogInJkYy5iYW5rb2Z0ZW5uZXNzZWUubmV0In0%3D%7C84.19.175.184%7C1644848657%7C038169...
https://sso-c4ef42a7.sso.duosecurity.com/saml2/sp/DITCVKKFJTKA1EP7EW6T/sso?SAMLRequest=hVPLbtswELznKwTd9aBM%2BUHYBlw7QV2njWArKdBLQZOrhqhEqiSVOH9fUnFqB2hdXQQtZ2Znh6upoU3dkkVnH%2BUWfnVg7FUQHJpaGtIfzc...
https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4

2 KB
2 KB

190ms
190ms

Document
text/html

75.2.30.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afb043b6cb0f8a076.awsglobalaccelerator.com

Software

Duo/1.0 /

Resource Hash

41f983ead41d80fe721d842c83211e5cc6ff0fb321cda9c934c915a447a5004f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' com-duosecurity-devicehealth://*; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com https://127.0.0.1:53100 https://127.0.0.1:53101 https://127.0.0.1:53102 https://127.0.0.1:53103 https://127.0.0.1:53104 https://127.0.0.1:53105 http://127.0.0.1:53106 http://127.0.0.1:53107 http://127.0.0.1:53108 http://127.0.0.1:53109 http://127.0.0.1:53110 http://127.0.0.1:53111 https://localhost:53100 https://localhost:53101 https://localhost:53102 https://localhost:53103 https://localhost:53104 https://localhost:53105
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 14 Feb 2022 14:24:54 GMT
content-type: text/html; charset=UTF-8
server: Duo/1.0
x-duo-endpoint-health-appserver-url: https://127.0.0.1:53100 https://127.0.0.1:53101 https://127.0.0.1:53102 https://127.0.0.1:53103 https://127.0.0.1:53104 https://127.0.0.1:53105 http://127.0.0.1:53106 http://127.0.0.1:53107 http://127.0.0.1:53108 http://127.0.0.1:53109 http://127.0.0.1:53110 http://127.0.0.1:53111 https://localhost:53100 https://localhost:53101 https://localhost:53102 https://localhost:53103 https://localhost:53104 https://localhost:53105
x-duo-endpoint-health-uri: com-duosecurity-devicehealth://*
etag: W/"32a544686f4bf1acea203bafedfd3eb1695f8ffe"
strict-transport-security: max-age=31536000
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
content-security-policy: default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' com-duosecurity-devicehealth://*; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com https://127.0.0.1:53100 https://127.0.0.1:53101 https://127.0.0.1:53102 https://127.0.0.1:53103 https://127.0.0.1:53104 https://127.0.0.1:53105 http://127.0.0.1:53106 http://127.0.0.1:53107 http://127.0.0.1:53108 http://127.0.0.1:53109 http://127.0.0.1:53110 http://127.0.0.1:53111 https://localhost:53100 https://localhost:53101 https://localhost:53102 https://localhost:53103 https://localhost:53104 https://localhost:53105
content-encoding: gzip

Redirect headers

date: Mon, 14 Feb 2022 14:24:54 GMT
content-type: text/html; charset=UTF-8
content-length: 0
server: Duo/1.0
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: 0
pragma: no-cache
location: /email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4
strict-transport-security: max-age=31536000
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
content-security-policy: default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com

GET
H2 200 email-first.css
sso-c4ef42a7.sso.duosecurity.com/static/css/page/ 72 KB
14 KB 156ms
156ms Stylesheet
text/css 75.2.30.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-c4ef42a7.sso.duosecurity.com/static/css/page/email-first.css?v=11da5

Requested by

Host: sso-c4ef42a7.sso.duosecurity.com
URL: https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afb043b6cb0f8a076.awsglobalaccelerator.com

Software

Duo/1.0 /

Resource Hash

11da5a3b113afed9b12e0faf1756fc495d36892facc9dfda4bd6ad69818edbdc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 14:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Feb 2022 18:58:38 GMT
server: Duo/1.0
etag: W/"62040ede-12187"
x-frame-options: DENY
content-type: text/css
cache-control: max-age=315360000
content-security-policy: default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com
strict-transport-security: max-age=31536000
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-legacy.min.js Show response
sso-c4ef42a7.sso.duosecurity.com/static/shared/lib/jquery/ 144 KB
50 KB 157ms
156ms Script
application/javascript 75.2.30.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-c4ef42a7.sso.duosecurity.com/static/shared/lib/jquery/jquery-legacy.min.js?v=72e7b

Requested by

Host: sso-c4ef42a7.sso.duosecurity.com
URL: https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afb043b6cb0f8a076.awsglobalaccelerator.com

Software

Duo/1.0 /

Resource Hash

72e7b44ab6aaa3d7b3b572d710622f62afd4f13cc15e54fed26e0eb5c9418511

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 14:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Feb 2022 18:58:38 GMT
server: Duo/1.0
etag: W/"62040ede-23fd1"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
content-security-policy: default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com
strict-transport-security: max-age=31536000
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lodash.min.js Show response
sso-c4ef42a7.sso.duosecurity.com/static/shared/lib/lodash/ 26 KB
11 KB 297ms
297ms Script
application/javascript 75.2.30.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-c4ef42a7.sso.duosecurity.com/static/shared/lib/lodash/lodash.min.js?v=14516

Requested by

Host: sso-c4ef42a7.sso.duosecurity.com
URL: https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afb043b6cb0f8a076.awsglobalaccelerator.com

Software

Duo/1.0 /

Resource Hash

14516091eb8d2c89f743086fc7e770b3de538eac779b0cd69a612483547208c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 14:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Feb 2022 18:58:38 GMT
server: Duo/1.0
etag: W/"62040ede-68f6"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
content-security-policy: default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com
strict-transport-security: max-age=31536000
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 email-first.js Show response
sso-c4ef42a7.sso.duosecurity.com/static/js/page/ 682 KB
198 KB 170ms
170ms Script
application/javascript 75.2.30.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sso-c4ef42a7.sso.duosecurity.com/static/js/page/email-first.js?v=758ba

Requested by

Host: sso-c4ef42a7.sso.duosecurity.com
URL: https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afb043b6cb0f8a076.awsglobalaccelerator.com

Software

Duo/1.0 /

Resource Hash

758bae1da5147b2f69e0032f787ae186644b27a8af5c2a45afaedff8bfa1c2c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 14:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Feb 2022 18:58:38 GMT
server: Duo/1.0
etag: W/"62040ede-aa895"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=315360000
content-security-policy: default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com
strict-transport-security: max-age=31536000
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo
sso-c4ef42a7.sso.duosecurity.com/ 5 KB
5 KB 162ms
162ms Image
image/png 75.2.30.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso-c4ef42a7.sso.duosecurity.com/logo

Requested by

Host: sso-c4ef42a7.sso.duosecurity.com
URL: https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

75.2.30.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afb043b6cb0f8a076.awsglobalaccelerator.com

Software

Duo/1.0 /

Resource Hash

5365b3ff10d5deced90e0efac63b7631455a389366dec42ffefe785f2eefe0d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sso-c4ef42a7.sso.duosecurity.com/email_first?authkey=ASXWBUMAFXXVPF1GDV74&aid=50cfb039cccd4c39ad37def01f22b8f4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 14:24:55 GMT
x-content-type-options: nosniff
server: Duo/1.0
etag: "96260802ab241a092f81a1b8f9291a3dac09ee38"
x-frame-options: DENY
content-type: image/png
content-security-policy: default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' ; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com
strict-transport-security: max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 4973
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sso-c4ef42a7.sso.duosecurity.com/	1969-12-31 23:59:59	Name: sid Value: "MzhkYzRkMDA2ZWViNDBiM2I1OGYxYzkxOGZkMzRiOTc=\|84.19.175.184\|1644848694\|3924af2045245b1fbf971532bc479aff83d01615"
sso-c4ef42a7.sso.duosecurity.com/	1969-12-31 23:59:59	Name: sid-init-815e5a28ddfb4838a403a371153edd2c Value: "MzhkYzRkMDA2ZWViNDBiM2I1OGYxYzkxOGZkMzRiOTc=\|84.19.175.184\|1644848694\|2f48c23d1081113bb7f33da480c033d435618343"
sso-c4ef42a7.sso.duosecurity.com/	1969-12-31 23:59:59	Name: _xsrf Value: "MGExMGViYzYwNzQ0NGE5YjhjZmVhY2RmMWVjZjdhMDg=\|84.19.175.184\|1644848694\|7d15297d4e174076e59a0bba64cc58657a6e749b"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; style-src 'self' https://uw2.pwl.login.duosecurity.com; script-src 'self' https://uw2.pwl.login.duosecurity.com; font-src 'self'; frame-src 'self' com-duosecurity-devicehealth://*; frame-ancestors 'none'; img-src 'self' https://uw2.pwl.login.duosecurity.com; connect-src 'self' https://uw2.pwl.login.duosecurity.com https://127.0.0.1:53100 https://127.0.0.1:53101 https://127.0.0.1:53102 https://127.0.0.1:53103 https://127.0.0.1:53104 https://127.0.0.1:53105 http://127.0.0.1:53106 http://127.0.0.1:53107 http://127.0.0.1:53108 http://127.0.0.1:53109 http://127.0.0.1:53110 http://127.0.0.1:53111 https://localhost:53100 https://localhost:53101 https://localhost:53102 https://localhost:53103 https://localhost:53104 https://localhost:53105
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

duo.bankoftennessee.net
rdc.bankoftennessee.net
sso-c4ef42a7.sso.duosecurity.com
71.80.32.91
75.2.30.150
11da5a3b113afed9b12e0faf1756fc495d36892facc9dfda4bd6ad69818edbdc
14516091eb8d2c89f743086fc7e770b3de538eac779b0cd69a612483547208c1
41f983ead41d80fe721d842c83211e5cc6ff0fb321cda9c934c915a447a5004f
5365b3ff10d5deced90e0efac63b7631455a389366dec42ffefe785f2eefe0d4
72e7b44ab6aaa3d7b3b572d710622f62afd4f13cc15e54fed26e0eb5c9418511
758bae1da5147b2f69e0032f787ae186644b27a8af5c2a45afaedff8bfa1c2c0

sso-c4ef42a7.sso.duosecurity.com Open in urlscan Pro 75.2.30.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

1 IPs

1 Countries

281 kBTransfer

931 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

sso-c4ef42a7.sso.duosecurity.com Open in urlscan Pro
75.2.30.150 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

1
IPs

1
Countries

281 kB
Transfer

931 kB
Size

3
Cookies

6 HTTP transactions
0 data transactions