t.paypal.com
151.101.1.35  Public Scan Open in urlscan Pro

Internal
urlscan.io (IP) urlscan.io (Domain)
Effective Hostname
VirusTotal SecurityTrails crt.sh
Submitted URL
Google Safe Browsing Archive.org
Effective IP
VirusTotal SecurityTrails Domaintools Censys
Go To Rescan
Add Verdict Report
URL:
https://t.paypal.com/ts?v=1 13yr old
Submission: On July 17 via api (July 17th 2024, 12:54:56 pm UTC) from AE — Scanned from DE
Summary HTTP 2 Redirects  Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 151.101.1.35, located in San Francisco, United States and belongs to FASTLY, US. The main domain is t.paypal.com. The Cisco Umbrella rank of the primary domain is 4582. 13yr old
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 21st 2024. Valid for: 1yr.
This is the only time t.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 151.101.1.35 151.101.1.35 54113 (FASTLY) (FASTLY)
2 1
Apex Domain
Subdomains		 Transfer
2 paypal.com
t.paypal.com — Cisco Umbrella Rank: 4582 13yr old
1 KB
2 1
Domain Requested by
2 t.paypal.com
2 1

This site contains no links.

Subject Issuer Validity Valid
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2025-06-20		 1yr crt.sh

This page contains 1 frames:

Primary Page: https://t.paypal.com/ts?v=1
Frame ID: 4E0B8B2D6938D1F845EB4E70F9D2D6CE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ts (1×1)

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1 kB
Transfer

0 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method
Protocol		 Status Resource
Path		 Size
x-fer		 Time
Latency		 Type
MIME-Type		 IP
Location
GET
H2 		200
 Primary Request ts Show response
t.paypal.com/ 		42 B
889 B 		172ms
151ms 		Document
image/gif		 151.101.1.35
FASTLY
General
Check archive.org
Download Go to
Full URL
https://t.paypal.com/ts?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-type
image/gif
correlation-id
738cf38e01a50
date
Wed, 17 Jul 2024 12:54:56 GMT
expires
Wed, 17 Jul 2024 12:54:56 GMT
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
738cf38e01a50
pragma
no-cache
server-timing
"traceparent;desc="00-0000000000000000000738cf38e01a50-7922b5c39cc4fbac-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
traceparent
00-0000000000000000000738cf38e01a50-b54b7aef18e650af-01
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230143-FRA
x-timer
S1721220896.491397,VS0,VE143
GET
H2 		404
 favicon.ico
t.paypal.com/ 		0
138 B 		153ms
152ms 		Other
text/plain		 151.101.1.35
FASTLY
General
Check archive.org
Download Go to
Full URL
https://t.paypal.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://t.paypal.com/ts?v=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230143-FRA
date
Wed, 17 Jul 2024 12:54:56 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-00000000000000000003deae8c8d5a69-a2c1054a79ee0a97-01
x-timer
S1721220897.659925,VS0,VE145
vary
Accept-Encoding
x-cache
MISS
paypal-debug-id
3deae8c8d5a69
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
0
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path Expires Name / Value
.paypal.com/ 1970-01-21
07:43:00 		Name: ts
Value: vreXpYrS%3D1815828896%26vteXpYrS%3D1721222696%26vr%3Dc0c297361900aa59f83596b7fea8b074%26vt%3Dc0c297361900aa59f83596b7fea8b073
.paypal.com/ 1970-01-21
07:43:00 		Name: ts_c
Value: vr%3Dc0c297361900aa59f83596b7fea8b074%26vt%3Dc0c297361900aa59f83596b7fea8b073

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source Level URL
Text
network error URL: https://t.paypal.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

t.paypal.com
151.101.1.35
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855