urlscan.io logo urlscan.io
SecurityTrails logo

sso.paypalcorp.com Open in urlscan Pro
173.224.165.37  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paypalxm.sjc1.qualtrics.com/
Effective URL: https://sso.paypalcorp.com/idp/SSO.saml2
Submission: On May 19 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 173.224.165.37, located in United States and belongs to PAYPAL-CORP, US. The main domain is sso.paypalcorp.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on April 16th 2019. Valid for: 2 years.
This is the only time sso.paypalcorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 104.111.237.92 16625 (AKAMAI-AS)
4 173.224.165.37 1449 (PAYPAL-CORP)
1 151.101.114.133 54113 (FASTLY)
1 23.45.98.207 20940 (AKAMAI-ASN1)
7 4
Domain Requested by
4 sso.paypalcorp.com paypalxm.sjc1.qualtrics.com
sso.paypalcorp.com
3 paypalxm.sjc1.qualtrics.com 2 redirects
1 t.paypal.com
1 www.paypalobjects.com sso.paypalcorp.com
7 4

This site contains no links.

Subject Issuer Validity Valid
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2018-10-08 -
2021-01-06		 2 years crt.sh
sso.paypalcorp.com
DigiCert SHA2 High Assurance Server CA		 2019-04-16 -
2021-05-26		 2 years crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2019-12-09 -
2021-12-13		 2 years crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-01-09 -
2022-01-12		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://sso.paypalcorp.com/idp/SSO.saml2
Frame ID: AEC18FB206BFEA358F47CDEF9F463DEF
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://paypalxm.sjc1.qualtrics.com/ HTTP 307
    https://paypalxm.sjc1.qualtrics.com/ HTTP 302
    https://paypalxm.sjc1.qualtrics.com/ControlPanel/ HTTP 302
    https://paypalxm.sjc1.qualtrics.com/login?path=%2FControlPanel%2F&product=ControlPanel Page URL
  2. https://sso.paypalcorp.com/idp/SSO.saml2 Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

43 kB
Transfer

67 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paypalxm.sjc1.qualtrics.com/ HTTP 307
    https://paypalxm.sjc1.qualtrics.com/ HTTP 302
    https://paypalxm.sjc1.qualtrics.com/ControlPanel/ HTTP 302
    https://paypalxm.sjc1.qualtrics.com/login?path=%2FControlPanel%2F&product=ControlPanel Page URL
  2. https://sso.paypalcorp.com/idp/SSO.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://paypalxm.sjc1.qualtrics.com/ HTTP 307
  • https://paypalxm.sjc1.qualtrics.com/ HTTP 302
  • https://paypalxm.sjc1.qualtrics.com/ControlPanel/ HTTP 302
  • https://paypalxm.sjc1.qualtrics.com/login?path=%2FControlPanel%2F&product=ControlPanel

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login
paypalxm.sjc1.qualtrics.com/
Redirect Chain
  • http://paypalxm.sjc1.qualtrics.com/
  • https://paypalxm.sjc1.qualtrics.com/
  • https://paypalxm.sjc1.qualtrics.com/ControlPanel/
  • https://paypalxm.sjc1.qualtrics.com/login?path=%2FControlPanel%2F&product=ControlPanel
5 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paypalxm.sjc1.qualtrics.com/login?path=%2FControlPanel%2F&product=ControlPanel
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.237.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-237-92.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
384ffc3d1f9c5ace9ad3b0721b663d032b2a7fcb8f1fc16aec3367019308c2a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Host
paypalxm.sjc1.qualtrics.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
XSRF-TOKEN=XSRF_eD5NdtlF5lk56U5; ReqCtxEph=TRUE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Transaction-ID
f628b458-7359-4823-8490-cb198811398c
X-Request-ID
39e6cbd4-d221-4ffc-8e3f-33fe19df6b2d
dc
az1
Host
6
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache, no-store
Pragma
no-cache
Content-Type
text/html;charset=UTF-8
Content-Encoding
gzip
Content-Length
3841
X-EdgeConnect-MidMile-RTT
0
X-EdgeConnect-Origin-MEX-Latency
219
Date
Tue, 19 May 2020 00:22:08 GMT
Connection
keep-alive
Vary
Accept-Encoding
Content-Security-Policy-Report-Only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Length
288
Content-Type
text/html; charset=UTF-8
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
https://paypalxm.sjc1.qualtrics.com/login?path=%2FControlPanel%2F&product=ControlPanel
P3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
Pragma
no-cache
Server
monolith-gateway Apache
X-Request-Id
cb543d2b-48be-44e6-bb00-6e4e05610cfb
X-Trace-Id
1dd19f60352fa77c1a35f5941d2fb889 (not sampled)
X-Transaction-Id
685f3487-c544-480f-848c-d5d80f9e99dc
X-EdgeConnect-MidMile-RTT
0
X-EdgeConnect-Origin-MEX-Latency
191
Date
Tue, 19 May 2020 00:22:08 GMT
Connection
keep-alive
Set-Cookie
XSRF-TOKEN=XSRF_eD5NdtlF5lk56U5; path=/; secure ReqCtxEph=TRUE; path=/
Content-Security-Policy-Report-Only
frame-ancestors 'self' *.qualtrics.com; report-uri https://sjc1.qualtrics.com/csp-report
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Primary Request Cookie set SSO.saml2
sso.paypalcorp.com/idp/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sso.paypalcorp.com/idp/SSO.saml2
Requested by
Host: paypalxm.sjc1.qualtrics.com
URL: https://paypalxm.sjc1.qualtrics.com/login?path=%2FControlPanel%2F&product=ControlPanel
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.224.165.37 , United States, ASN1449 (PAYPAL-CORP, US),
Reverse DNS
Software
/
Resource Hash
91887461bcfb71dd12e463a420dd7783331a12b30019d3875d53e6a91ec9f6e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
sso.paypalcorp.com
Connection
keep-alive
Content-Length
4125
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
https://paypalxm.sjc1.qualtrics.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://paypalxm.sjc1.qualtrics.com/login?path=%2FControlPanel%2F&product=ControlPanel
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://paypalxm.sjc1.qualtrics.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://paypalxm.sjc1.qualtrics.com/login?path=%2FControlPanel%2F&product=ControlPanel

Response headers

Date
Tue, 19 May 2020 00:22:09 GMT
Referrer-Policy
origin
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Set-Cookie
PF=wP8WPYCYcFCunE1qclL0iL0c4IBXpBMKrOZ35yoHzr8R;Path=/;Secure;HttpOnly pfbrowserid=dFPBfGsnw6AZZUhGsM0X;Path=/;Expires=Wed, 19-May-2021 06:22:09 GMT;Max-Age=31557600 pp-ssoprod-stickyw=3036077578.47873.0000; expires=Tue, 19-May-2020 00:32:09 GMT; path=/; Httponly; Secure
Content-Length
7657
layout.css
sso.paypalcorp.com/assets/css/ 		1 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.paypalcorp.com/assets/css/layout.css
Requested by
Host: sso.paypalcorp.com
URL: https://sso.paypalcorp.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.224.165.37 , United States, ASN1449 (PAYPAL-CORP, US),
Reverse DNS
Software
/
Resource Hash
40bf9eda16c493020efb401c99271261a3f9b2beb12623e0b98fb7846ec6fa39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://sso.paypalcorp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 19 May 2020 00:22:10 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Sat, 09 May 2020 18:47:51 GMT
Content-Length
1250
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
ebaystyle.css
sso.paypalcorp.com/assets/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sso.paypalcorp.com/assets/css/ebaystyle.css
Requested by
Host: sso.paypalcorp.com
URL: https://sso.paypalcorp.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.224.165.37 , United States, ASN1449 (PAYPAL-CORP, US),
Reverse DNS
Software
/
Resource Hash
8ff5837b594f7bf62706dbbfe16141d8def1ecaf16da40ded65e36534fcf4966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://sso.paypalcorp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 19 May 2020 00:22:10 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Sat, 09 May 2020 18:47:51 GMT
Content-Length
3119
Strict-Transport-Security
max-age=31536000
Content-Type
text/css
paypal_logo.png
sso.paypalcorp.com/assets/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sso.paypalcorp.com/assets/images/paypal_logo.png
Requested by
Host: sso.paypalcorp.com
URL: https://sso.paypalcorp.com/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.224.165.37 , United States, ASN1449 (PAYPAL-CORP, US),
Reverse DNS
Software
/
Resource Hash
8fa1a9066e9159e38cbea27df7cefabd1db811dc594eee603d7f59f45827975f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://sso.paypalcorp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 19 May 2020 00:22:10 GMT
Cache-Control
max-age=0, must-revalidate
Referrer-Policy
origin
Last-Modified
Sat, 09 May 2020 18:47:51 GMT
Content-Length
8746
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
pa.js
www.paypalobjects.com/pa/js/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/pa/js/pa.js
Requested by
Host: sso.paypalcorp.com
URL: https://sso.paypalcorp.com/idp/SSO.saml2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
55dc3c960a5570387a878d4eea9609734793352ece48edc83004ec6992ea36e7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://sso.paypalcorp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 19 May 2020 00:22:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419736
x-cache
HIT, HIT, HIT
status
200
vary
Accept-Encoding
content-length
15724
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-served-by
cache-dfw18631-DFW, cache-lax8625-LAX, cache-hhn4053-HHN
last-modified
Thu, 14 May 2020 03:43:32 GMT
server
Apache
x-timer
S1589847730.073439,VS0,VE0
strict-transport-security
max-age=31557600
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
x-cache-hits
1, 1, 71080
ts
t.paypal.com/ 		42 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?v=1.4.8&t=1589847730854&g=-120&pgrp=idm%3Asso&page=idm%3Asso%3Ahome&comp=sso&e=im&fromSetup=true&view=%7B%22t10%22%3A690%2C%22t11%22%3A2013%2C%22tcp%22%3A1684%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A50%7D&pt=Sign%20On&ru=https%3A%2F%2Fpaypalxm.sjc1.qualtrics.com%2Flogin%3Fpath%3D%252FControlPanel%252F%26product%3DControlPanel&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=689&t1c=689&t1d=160&t1s=507&t2=607&t3=1&t4d=652&t4=659&t4e=7&tt=1962&rdc=0&res=%7B%7D&3p_vid=12ebbcbf218e6c1b&3p_fpti=53b37de77711bc18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.98.207 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-45-98-207.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://sso.paypalcorp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 May 2020 00:22:11 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR
slca.slc
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Tue, 19 May 2020 00:22:11 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| postOk function| postCancel function| captureLoginIdIntoFPTI function| postOnReturn function| setFocus function| showDefaultUsername function| trimUsername function| cleanUsername function| setMobile function| getScreenWidth undefined| bodyTag undefined| width function| cleanPassword object| PAYPAL object| fpti string| fptiserverurl object| _ifpti

3 Cookies

Domain/Path Name / Value
sso.paypalcorp.com/ Name: pfbrowserid
Value: dFPBfGsnw6AZZUhGsM0X
sso.paypalcorp.com/ Name: pp-ssoprod-stickyw
Value: 3036077578.47873.0000
sso.paypalcorp.com/ Name: PF
Value: wP8WPYCYcFCunE1qclL0iL0c4IBXpBMKrOZ35yoHzr8R

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN