login.costco.com
Open in
urlscan Pro
170.167.103.202
Public Scan
Effective URL: https://login.costco.com/idp/SSO.saml2
Submission: On February 28 via manual from US
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 5th 2018. Valid for: 2 years.
This is the only time login.costco.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 170.167.111.194 170.167.111.194 | 11283 (COSTCO) (COSTCO) | |
1 2 | 170.167.111.193 170.167.111.193 | 11283 (COSTCO) (COSTCO) | |
4 | 170.167.103.202 170.167.103.202 | 11283 (COSTCO) (COSTCO) | |
5 | 2 |
ASN11283 (COSTCO, US)
PTR: kronosmobile.costco.com
login.costco.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
costco.com
3 redirects
ecc.costco.com ess.costco.com login.costco.com |
202 KB |
5 | 1 |
Domain | Requested by | |
---|---|---|
4 | login.costco.com |
ess.costco.com
login.costco.com |
2 | ess.costco.com | 1 redirects |
2 | ecc.costco.com | 2 redirects |
5 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
fssts.costco.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
ess.costco.com DigiCert SHA2 Secure Server CA |
2019-06-18 - 2021-06-22 |
2 years | crt.sh |
login.costco.com DigiCert SHA2 Secure Server CA |
2018-06-05 - 2020-06-24 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.costco.com/idp/SSO.saml2
Frame ID: 495AE7BF745368CCE18E091B6490BB85
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://ecc.costco.com/sap/bc/webdynpro/sap/HRESS_A_MENU;sap-ext-sid=CxLR17B4wWSAF55WPXn_Qw--loDgOc...
HTTP 302
https://ecc.costco.com/sap/bc/webdynpro/sap/HRESS_A_MENU;sap-ext-sid=CxLR17B4wWSAF55WPXn_Qw--loDgOc... HTTP 302
https://ess.costco.com/F5Networks-SSO-Req?SSO_ORIG_URI=aHR0cHM6Ly9lY2MuY29zdGNvLmNvbS9zYXAvYmMvd2Vi... HTTP 302
https://ess.costco.com/my.policy Page URL
- https://login.costco.com/idp/SSO.saml2 Page URL
Detected technologies
F5 BigIP (Reverse Proxy) ExpandDetected patterns
- headers server /^big-?ip$/i
ZURB Foundation (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+foundation[^>"]+css/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Trouble Signing In?
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ecc.costco.com/sap/bc/webdynpro/sap/HRESS_A_MENU;sap-ext-sid=CxLR17B4wWSAF55WPXn_Qw--loDgOcKVNY4HheiHqVWeSQ--?sap-ep-iviewhandle=0071468384482&&sap-wd-tstamp=1582924983371&sap-sessioncmd=USR_ABORT&~SAPSessionCmd=USR_ABORT&SAPWP_ACTIVE=1&dsmguid=1582924991139
HTTP 302
https://ecc.costco.com/sap/bc/webdynpro/sap/HRESS_A_MENU;sap-ext-sid=CxLR17B4wWSAF55WPXn_Qw--loDgOcKVNY4HheiHqVWeSQ--?sap-ep-iviewhandle=0071468384482&&sap-wd-tstamp=1582924983371&sap-sessioncmd=USR_ABORT&~SAPSessionCmd=USR_ABORT&SAPWP_ACTIVE=1&dsmguid=1582924991139 HTTP 302
https://ess.costco.com/F5Networks-SSO-Req?SSO_ORIG_URI=aHR0cHM6Ly9lY2MuY29zdGNvLmNvbS9zYXAvYmMvd2ViZHlucHJvL3NhcC9IUkVTU19BX01FTlU7c2FwLWV4dC1zaWQ9Q3hMUjE3QjR3V1NBRjU1V1BYbl9Rdy0tbG9EZ09jS1ZOWTRIaGVpSHFWV2VTUS0tP3NhcC1lcC1pdmlld2hhbmRsZT0wMDcxNDY4Mzg0NDgyJiZzYXAtd2QtdHN0YW1wPTE1ODI5MjQ5ODMzNzEmc2FwLXNlc3Npb25jbWQ9VVNSX0FCT1JUJn5TQVBTZXNzaW9uQ21kPVVTUl9BQk9SVCZTQVBXUF9BQ1RJVkU9MSZkc21ndWlkPTE1ODI5MjQ5OTExMzk%3d HTTP 302
https://ess.costco.com/my.policy Page URL
- https://login.costco.com/idp/SSO.saml2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://ecc.costco.com/sap/bc/webdynpro/sap/HRESS_A_MENU;sap-ext-sid=CxLR17B4wWSAF55WPXn_Qw--loDgOcKVNY4HheiHqVWeSQ--?sap-ep-iviewhandle=0071468384482&&sap-wd-tstamp=1582924983371&sap-sessioncmd=USR_ABORT&~SAPSessionCmd=USR_ABORT&SAPWP_ACTIVE=1&dsmguid=1582924991139 HTTP 302
- https://ecc.costco.com/sap/bc/webdynpro/sap/HRESS_A_MENU;sap-ext-sid=CxLR17B4wWSAF55WPXn_Qw--loDgOcKVNY4HheiHqVWeSQ--?sap-ep-iviewhandle=0071468384482&&sap-wd-tstamp=1582924983371&sap-sessioncmd=USR_ABORT&~SAPSessionCmd=USR_ABORT&SAPWP_ACTIVE=1&dsmguid=1582924991139 HTTP 302
- https://ess.costco.com/F5Networks-SSO-Req?SSO_ORIG_URI=aHR0cHM6Ly9lY2MuY29zdGNvLmNvbS9zYXAvYmMvd2ViZHlucHJvL3NhcC9IUkVTU19BX01FTlU7c2FwLWV4dC1zaWQ9Q3hMUjE3QjR3V1NBRjU1V1BYbl9Rdy0tbG9EZ09jS1ZOWTRIaGVpSHFWV2VTUS0tP3NhcC1lcC1pdmlld2hhbmRsZT0wMDcxNDY4Mzg0NDgyJiZzYXAtd2QtdHN0YW1wPTE1ODI5MjQ5ODMzNzEmc2FwLXNlc3Npb25jbWQ9VVNSX0FCT1JUJn5TQVBTZXNzaW9uQ21kPVVTUl9BQk9SVCZTQVBXUF9BQ1RJVkU9MSZkc21ndWlkPTE1ODI5MjQ5OTExMzk%3d HTTP 302
- https://ess.costco.com/my.policy
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
my.policy
ess.costco.com/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
Primary Request
Cookie set
SSO.saml2
login.costco.com/idp/ |
9 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
foundation.css
login.costco.com/assets/css/ |
176 KB 177 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
login.costco.com/assets/css/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
costco_logo_160px.png
login.costco.com/assets/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| iframefix function| postOk function| postCancel function| postOnReturn function| setFocus function| setMobile function| getScreenWidth object| bodyTag number| width boolean| remember2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.costco.com/ | Name: vb3SUftSQ61vN9VxXZGrmo2kErC6pYcGAPzB5iT7C0iciK03k Value: !T0Xs5D8tQTxTZhI+koWB6Y0IbausKwBUTd10x8gyF8N+/huqQ3aV3Z8vL8C4i8E1Ams6k3sGo9cfYg== |
|
login.costco.com/ | Name: PF Value: rxHKloR5D1Q87m3uyDA3kGAD7vsKSpdkhDzMQpVHxbw6 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | |
X-Frame-Options | ALLOW |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ecc.costco.com
ess.costco.com
login.costco.com
170.167.103.202
170.167.111.193
170.167.111.194
318dcc765e40e6d30ca36ec07a61d1ab062c193f776047f3a5d8e37bbf0bb5a6
894fdb5de8f134561d61e1c6ab77280b6a067415673604025bfedd00d42c22e4
cd5ce30993756a260f5bbcd56ddf359e8533e0166423d4e838d8bd3d54991d68
e1f4adc8125ef2d5f625d2cd97ba7c39713bf908c2537a6824e7931f50ba3eff
ec147ba6fc006244c0505530e092b3027eeb63d9998d776f125ff53a3a536bbb