sso.paypalcorp.com - urlscan.io

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 173.224.165.37, located in United States and belongs to PAYPAL-CORP, US. The main domain is sso.paypalcorp.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on April 16th 2019. Valid for: 2 years.

This is the only time sso.paypalcorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	139.59.51.246 139.59.51.246	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	173.224.165.37 173.224.165.37	1449 (PAYPAL-CORP) (PAYPAL-CORP)
1	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.45.98.207 23.45.98.207	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	4

2 139.59.51.246 (Bengaluru, India) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.paypal.vantagecircle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.224.165.37 (United States)

ASN1449 (PAYPAL-CORP, US)

sso.paypalcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.98.207 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-45-98-207.deploy.static.akamaitechnologies.com

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	paypalcorp.com sso.paypalcorp.com	22 KB
2	vantagecircle.com 1 redirects www.paypal.vantagecircle.com	5 KB
1	paypal.com t.paypal.com	750 B
1	paypalobjects.com www.paypalobjects.com	16 KB
7	4

	Domain	Requested by
4	sso.paypalcorp.com	www.paypal.vantagecircle.com sso.paypalcorp.com
2	www.paypal.vantagecircle.com	1 redirects
1	t.paypal.com
1	www.paypalobjects.com	sso.paypalcorp.com
7	4

This site contains no links.

Subject Issuer	Validity	Valid
*.vantagecircle.com COMODO RSA Domain Validation Secure Server CA	`2018-02-26` - `2021-02-28`	3 years	crt.sh
sso.paypalcorp.com DigiCert SHA2 High Assurance Server CA	`2019-04-16` - `2021-05-26`	2 years	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://sso.paypalcorp.com/idp/SSO.saml2
Frame ID: 8C6AF2AD5D9F78A16EBE0DD8FF4CF062
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.paypal.vantagecircle.com/ HTTP 302
https://www.paypal.vantagecircle.com/sso/adfs Page URL
https://sso.paypalcorp.com/idp/SSO.saml2 Page URL

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

43 kB
Transfer

69 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.paypal.vantagecircle.com/ HTTP 302
https://www.paypal.vantagecircle.com/sso/adfs Page URL
https://sso.paypalcorp.com/idp/SSO.saml2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.paypal.vantagecircle.com/ HTTP 302
https://www.paypal.vantagecircle.com/sso/adfs

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

adfs Show response
www.paypal.vantagecircle.com/sso/
Redirect Chain

https://www.paypal.vantagecircle.com/
https://www.paypal.vantagecircle.com/sso/adfs

7 KB
4 KB

193ms
192ms

Document
text/html

139.59.51.246
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.vantagecircle.com/sso/adfs

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.59.51.246 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Vantagecircle /

Resource Hash

9aa558a47291ca6c2178b679bd7bb71d902f6a39da36ea0bcb872cf8d299d2cf

Security Headers

Name	Value
Content-Security-Policy	default-src * http: https: 'unsafe-inline' 'unsafe-eval' ; img-src * 'self' data: https:;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.vantagecircle.com
:scheme: https
:path: /sso/adfs
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: Vantagecircle=es3cd7i5ksinirh6rq5r4kghpn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 27 May 2020 15:08:45 GMT
server: Vantagecircle
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: vantagecirclessoSessionID=addb4b4c31c122985b516071947a6164; path=/; secure; HttpOnly
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubdomains;
vary: Accept-Encoding
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src * http: https: 'unsafe-inline' 'unsafe-eval' ; img-src * 'self' data: https:;
content-length: 4382
content-type: text/html; charset=UTF-8

Redirect headers

status: 302
date: Wed, 27 May 2020 15:08:45 GMT
server: Vantagecircle
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: Vantagecircle=es3cd7i5ksinirh6rq5r4kghpn; path=/; domain=.vantagecircle.com; secure; HttpOnly
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubdomains;
location: https://www.paypal.vantagecircle.com/sso/adfs
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src * http: https: 'unsafe-inline' 'unsafe-eval' ; img-src * 'self' data: https:;
content-length: 0
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK Primary Request Cookie set SSO.saml2 Show response
sso.paypalcorp.com/idp/ 7 KB
8 KB 1438ms
619ms Document
text/html 173.224.165.37
PAYPAL-CORP

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.paypalcorp.com/idp/SSO.saml2

Requested by

Host: www.paypal.vantagecircle.com
URL: https://www.paypal.vantagecircle.com/sso/adfs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

173.224.165.37 , United States, ASN1449 (PAYPAL-CORP, US),

Reverse DNS

Software

/

Resource Hash

6409d983ba798e43caf417c527c960d02e42d7508687477f78cbb6b887b20542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: sso.paypalcorp.com
Connection: keep-alive
Content-Length: 5635
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: https://www.paypal.vantagecircle.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.paypal.vantagecircle.com/sso/adfs
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.paypal.vantagecircle.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.paypal.vantagecircle.com/sso/adfs

Response headers

Date: Wed, 27 May 2020 15:08:46 GMT
Referrer-Policy: origin
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=utf-8
Set-Cookie: PF=8zidGsJ460cL35KOtZBycEUyliuD0Gf9EjQxquLEx878;Path=/;Secure;HttpOnly pfbrowserid=K4biN7bYNxtc91Ogim6p;Path=/;Expires=Thu, 27-May-2021 21:08:47 GMT;Max-Age=31557600 pp-ssoprod-stickyw=3052854794.47873.0000; expires=Wed, 27-May-2020 15:18:47 GMT; path=/; Httponly; Secure
Content-Length: 7657

GET
H/1.1 200
OK layout.css
sso.paypalcorp.com/assets/css/ 1 KB
2 KB 169ms
169ms Stylesheet
text/css 173.224.165.37
PAYPAL-CORP

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.paypalcorp.com/assets/css/layout.css

Requested by

Host: sso.paypalcorp.com
URL: https://sso.paypalcorp.com/idp/SSO.saml2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

173.224.165.37 , United States, ASN1449 (PAYPAL-CORP, US),

Reverse DNS

Software

/

Resource Hash

40bf9eda16c493020efb401c99271261a3f9b2beb12623e0b98fb7846ec6fa39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sso.paypalcorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 May 2020 15:08:47 GMT
Cache-Control: max-age=0, must-revalidate
Referrer-Policy: origin
Last-Modified: Sat, 09 May 2020 18:47:51 GMT
Content-Length: 1250
Strict-Transport-Security: max-age=31536000
Content-Type: text/css

GET
H/1.1 200
OK ebaystyle.css
sso.paypalcorp.com/assets/css/ 3 KB
3 KB 338ms
168ms Stylesheet
text/css 173.224.165.37
PAYPAL-CORP

General

Check archive.org

Show headers Download Go to

Full URL

https://sso.paypalcorp.com/assets/css/ebaystyle.css

Requested by

Host: sso.paypalcorp.com
URL: https://sso.paypalcorp.com/idp/SSO.saml2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

173.224.165.37 , United States, ASN1449 (PAYPAL-CORP, US),

Reverse DNS

Software

/

Resource Hash

8ff5837b594f7bf62706dbbfe16141d8def1ecaf16da40ded65e36534fcf4966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sso.paypalcorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 May 2020 15:08:47 GMT
Cache-Control: max-age=0, must-revalidate
Referrer-Policy: origin
Last-Modified: Sat, 09 May 2020 18:47:51 GMT
Content-Length: 3119
Strict-Transport-Security: max-age=31536000
Content-Type: text/css

GET
H/1.1 200
OK paypal_logo.png
sso.paypalcorp.com/assets/images/ 9 KB
9 KB 644ms
312ms Image
image/png 173.224.165.37
PAYPAL-CORP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sso.paypalcorp.com/assets/images/paypal_logo.png

Requested by

Host: sso.paypalcorp.com
URL: https://sso.paypalcorp.com/idp/SSO.saml2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

173.224.165.37 , United States, ASN1449 (PAYPAL-CORP, US),

Reverse DNS

Software

/

Resource Hash

8fa1a9066e9159e38cbea27df7cefabd1db811dc594eee603d7f59f45827975f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sso.paypalcorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 27 May 2020 15:08:47 GMT
Cache-Control: max-age=0, must-revalidate
Referrer-Policy: origin
Last-Modified: Sat, 09 May 2020 18:47:51 GMT
Content-Length: 8746
Strict-Transport-Security: max-age=31536000
Content-Type: image/png

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/ 42 KB
16 KB 145ms
47ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/pa.js

Requested by

Host: sso.paypalcorp.com
URL: https://sso.paypalcorp.com/idp/SSO.saml2

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4c11c1530b21620ea626e17a40e56b8202be2f58c4e0653b499195bcc5004b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://sso.paypalcorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 27 May 2020 15:08:47 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
status: 200
content-encoding: gzip
vary: Accept-Encoding
content-length: 15737
last-modified: Tue, 19 May 2020 02:04:45 GMT
server: Apache
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Wed, 27 May 2020 16:08:47 GMT

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
750 B 270ms
209ms Image
image/gif 23.45.98.207
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.9&t=1590592128182&g=-120&pgrp=idm%3Asso&page=idm%3Asso%3Ahome&comp=sso&e=im&fromSetup=true&view=%7B%22t10%22%3A821%2C%22t11%22%3A2151%2C%22tcp%22%3A1807%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A50%7D&pt=Sign%20On&ru=https%3A%2F%2Fwww.paypal.vantagecircle.com%2Fsso%2Fadfs&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=820&t1c=820&t1d=313&t1s=485&t2=619&t3=1&t4d=653&t4=657&t4e=4&tt=2100&rdc=0&res=%7B%7D&3p_vid=2794b42912f68855&3p_fpti=5c692ec751a63051
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.207 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a23-45-98-207.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://sso.paypalcorp.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 May 2020 15:08:48 GMT
Server: akka-http/10.1.11
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Wed, 27 May 2020 15:08:48 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sso.paypalcorp.com/	1970-01-19 18:35:49	Name: pfbrowserid Value: K4biN7bYNxtc91Ogim6p
sso.paypalcorp.com/	1970-01-19 09:49:52	Name: pp-ssoprod-stickyw Value: 3052854794.47873.0000
sso.paypalcorp.com/	1969-12-31 23:59:59	Name: PF Value: 8zidGsJ460cL35KOtZBycEUyliuD0Gf9EjQxquLEx878

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * http: https: 'unsafe-inline' 'unsafe-eval' ; img-src * 'self' data: https:;
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sso.paypalcorp.com
t.paypal.com
www.paypal.vantagecircle.com
www.paypalobjects.com
104.111.228.123
139.59.51.246
173.224.165.37
23.45.98.207
40bf9eda16c493020efb401c99271261a3f9b2beb12623e0b98fb7846ec6fa39
4c11c1530b21620ea626e17a40e56b8202be2f58c4e0653b499195bcc5004b96
6409d983ba798e43caf417c527c960d02e42d7508687477f78cbb6b887b20542
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
8fa1a9066e9159e38cbea27df7cefabd1db811dc594eee603d7f59f45827975f
8ff5837b594f7bf62706dbbfe16141d8def1ecaf16da40ded65e36534fcf4966
9aa558a47291ca6c2178b679bd7bb71d902f6a39da36ea0bcb872cf8d299d2cf

sso.paypalcorp.com Open in urlscan Pro 173.224.165.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

7 Requests

86 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

43 kBTransfer

69 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

sso.paypalcorp.com Open in urlscan Pro
173.224.165.37 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

86 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

43 kB
Transfer

69 kB
Size

3
Cookies

7 HTTP transactions
0 data transactions