urlscan.io logo urlscan.io
SecurityTrails logo

prdsso40.coupahost.com Open in urlscan Pro
23.21.113.86  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://csaa.coupahost.com/receipts/receive_requisition/21361
Effective URL: https://prdsso40.coupahost.com/sp/ACS.saml2
Submission: On August 06 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 23.21.113.86, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is prdsso40.coupahost.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 2nd 2016. Valid for: 3 years.
This is the only time prdsso40.coupahost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 54.236.3.5 14618 (AMAZON-AES)
2 23.21.113.86 14618 (AMAZON-AES)
1 209.134.194.105 31966 (CSAA-INSU...)
3 2
Apex Domain
Subdomains		 Transfer
4 coupahost.com
csaa.coupahost.com
prdsso40.coupahost.com
5 KB
1 aaa.com
csaa-insurance.aaa.com
4 KB
3 2
Domain Requested by
2 prdsso40.coupahost.com csaa-insurance.aaa.com
2 csaa.coupahost.com 2 redirects
1 csaa-insurance.aaa.com prdsso40.coupahost.com
3 3

This site contains no links.

Subject Issuer Validity Valid
*.coupahost.com
Go Daddy Secure Certificate Authority - G2		 2016-05-02 -
2019-05-02		 3 years crt.sh
csaa-insurance.aaa.com
DigiCert SHA2 Secure Server CA		 2018-02-26 -
2019-02-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://prdsso40.coupahost.com/sp/ACS.saml2
Frame ID: EA4CB1A458ABE42A2B4BBA6CBB1110EA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://csaa.coupahost.com/receipts/receive_requisition/21361 HTTP 302
    https://csaa.coupahost.com/sessions/new HTTP 302
    https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=Source2Pay:IdP&TARGET=https://csaa.coupahost.c... Page URL
  2. https://csaa-insurance.aaa.com/sso/idp/SSO.saml2 Page URL
  3. https://prdsso40.coupahost.com/sp/ACS.saml2 Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

8 kB
Transfer

6 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://csaa.coupahost.com/receipts/receive_requisition/21361 HTTP 302
    https://csaa.coupahost.com/sessions/new HTTP 302
    https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=Source2Pay:IdP&TARGET=https://csaa.coupahost.com/sessions/saml_post Page URL
  2. https://csaa-insurance.aaa.com/sso/idp/SSO.saml2 Page URL
  3. https://prdsso40.coupahost.com/sp/ACS.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://csaa.coupahost.com/receipts/receive_requisition/21361 HTTP 302
  • https://csaa.coupahost.com/sessions/new HTTP 302
  • https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=Source2Pay:IdP&TARGET=https://csaa.coupahost.com/sessions/saml_post

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set startSSO.ping
prdsso40.coupahost.com/sp/
Redirect Chain
  • https://csaa.coupahost.com/receipts/receive_requisition/21361
  • https://csaa.coupahost.com/sessions/new
  • https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=Source2Pay:IdP&TARGET=https://csaa.coupahost.com/sessions/saml_post
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=Source2Pay:IdP&TARGET=https://csaa.coupahost.com/sessions/saml_post
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.113.86 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-113-86.compute-1.amazonaws.com
Software
/
Resource Hash
75ae77da73d61dcfa3bcb51e14cd1e00fbe9fb0b836b70528196969989b1aa01

Request headers

Host
prdsso40.coupahost.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
EA4CB1A458ABE42A2B4BBA6CBB1110EA

Response headers

Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
max-age
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Set-Cookie
PF=fWN13MpQt8jJ6FAnIz2lbJ;Path=/
transfer-encoding
chunked
Connection
keep-alive

Redirect headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Status
302 Found
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Location
https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=Source2Pay:IdP&TARGET=https://csaa.coupahost.com/sessions/saml_post
Set-Cookie
_mkra_ctxt=3f2bf00933aa2e2a8530396170606343--302; path=/; max-age=5; HttpOnly _coupa_session=3f7edad84b629af9ff60edb00b811b94; path=/; expires=Tue, 07 Aug 2018 06:26:52 -0000; secure; HttpOnly
Cache-Control
no-cache
X-Request-Id
af08dd89-9c77-48c8-923d-5e15e973d332
X-Runtime
0.067894
Date
Mon, 06 Aug 2018 06:26:52 GMT
Strict-Transport-Security
max-age=16070400
Front-End-Https
on
Cookie set SSO.saml2
csaa-insurance.aaa.com/sso/idp/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csaa-insurance.aaa.com/sso/idp/SSO.saml2
Requested by
Host: prdsso40.coupahost.com
URL: https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=Source2Pay:IdP&TARGET=https://csaa.coupahost.com/sessions/saml_post
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
209.134.194.105 Walnut Creek, United States, ASN31966 (CSAA-INSURANCE-EXCHANGE - CSAA Insurance Exchange, US),
Reverse DNS
Software
/
Resource Hash
39d7c109eaff023946da6f5f06dcb5da474267bb3a0a0567ff6efa5882666191
Security Headers
Name Value
Content-Security-Policy referrer origin
X-Frame-Options SAMEORIGIN

Request headers

Host
csaa-insurance.aaa.com
Connection
keep-alive
Content-Length
490
Pragma
no-cache
Cache-Control
no-cache
Origin
https://prdsso40.coupahost.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=Source2Pay:IdP&TARGET=https://csaa.coupahost.com/sessions/saml_post
Accept-Encoding
gzip, deflate
Origin
https://prdsso40.coupahost.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
EA4CB1A458ABE42A2B4BBA6CBB1110EA
Referer
https://prdsso40.coupahost.com/sp/startSSO.ping?PartnerIdpId=Source2Pay:IdP&TARGET=https://csaa.coupahost.com/sessions/saml_post

Response headers

Date
Mon, 06 Aug 2018 06:26:53 GMT
X-dynaTrace
PT=1246865;PA=-1855995472;SP=PROD;PS=-2080815420
dynaTrace
PT=1246865;PA=-1855995472;SP=PROD;PS=-2080815420
Content-Security-Policy
referrer origin
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache, no-store
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=utf-8
Set-Cookie
PF=l2taGg75Q5WAPj61jgl104; Domain=csaa-insurance.aaa.com; Path=/;secure; HttpOnly NSC_MC-dtbb-jotvsbodf.bbb-ttp-443=ffffffffaf12916f45525d5f4f58455e445a4a42378b; Path=/sso/; Secure; HttpOnly
Transfer-Encoding
chunked
Primary Request ACS.saml2
prdsso40.coupahost.com/sp/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prdsso40.coupahost.com/sp/ACS.saml2
Requested by
Host: csaa-insurance.aaa.com
URL: https://csaa-insurance.aaa.com/sso/idp/SSO.saml2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.113.86 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-113-86.compute-1.amazonaws.com
Software
/
Resource Hash
e58052be7313a3246a170e8c0b19d2a28a593003e84a2e20d6858cf193c894cc

Request headers

Host
prdsso40.coupahost.com
Connection
keep-alive
Content-Length
2493
Pragma
no-cache
Cache-Control
no-cache
Origin
https://csaa-insurance.aaa.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://csaa-insurance.aaa.com/
Accept-Encoding
gzip, deflate
Cookie
PF=fWN13MpQt8jJ6FAnIz2lbJ
Origin
https://csaa-insurance.aaa.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
EA4CB1A458ABE42A2B4BBA6CBB1110EA
Referer
https://csaa-insurance.aaa.com/

Response headers

Cache-Control
no-cache, no-store
Content-Type
text/html; charset=utf-8
Expires
Thu, 01 Jan 1970 00:00:00 GMT
max-age
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
transfer-encoding
chunked
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
prdsso40.coupahost.com/ Name: PF
Value: fWN13MpQt8jJ6FAnIz2lbJ