www.paypal.com
Open in
urlscan Pro
23.210.248.226
Public Scan
Effective URL: https://www.paypal.com/de/error
Submission Tags: phishing malicious Search All
Submission: On January 21 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 10th 2019. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 185.233.186.238 185.233.186.238 | 30860 (YURTEH-AS) (YURTEH-AS) | |
3 | 23.210.248.226 23.210.248.226 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
8 | 151.101.14.133 151.101.14.133 | 54113 (FASTLY) (FASTLY) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:814::200e | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c0c::9d | 15169 (GOOGLE) (GOOGLE) | |
1 2 | 2001:4860:480... 2001:4860:4802:34::75 | 15169 (GOOGLE) (GOOGLE) | |
12 | 3 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-226.deploy.static.akamaitechnologies.com
www.paypal.com | |
t.paypal.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
paypalobjects.com
www.paypalobjects.com |
141 KB |
3 |
paypal.com
www.paypal.com t.paypal.com |
14 KB |
1 |
google.de
www.google.de |
109 B |
1 |
google.com
1 redirects
www.google.com |
180 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
161 B |
1 |
google-analytics.com
1 redirects
www.google-analytics.com |
173 B |
1 |
vukumoti.com
1 redirects
vukumoti.com |
393 B |
12 | 7 |
Domain | Requested by | |
---|---|---|
8 | www.paypalobjects.com |
www.paypal.com
www.paypalobjects.com |
2 | t.paypal.com | |
1 | www.google.de | |
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.google-analytics.com | 1 redirects |
1 | www.paypal.com | |
1 | vukumoti.com | 1 redirects |
12 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2019-09-10 - 2020-08-18 |
a year | crt.sh |
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA |
2019-12-09 - 2021-12-13 |
2 years | crt.sh |
www.google.de GTS CA 1O1 |
2019-12-20 - 2020-03-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.paypal.com/de/error
Frame ID: 48391D0ADB417F44459AA61B31BCE245
Requests: 12 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://vukumoti.com/7654736a77d5466289adcfd2632510912f1a845a2ec597b2e57fe796a249f279
HTTP 302
https://www.paypal.com/de/error Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://vukumoti.com/7654736a77d5466289adcfd2632510912f1a845a2ec597b2e57fe796a249f279
HTTP 302
https://www.paypal.com/de/error Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://www.google-analytics.com/r/collect?v=1&_v=j46&a=795651951&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paypal.com%2Fde%2Ferror&ul=en-us&de=UTF-8&dt=PayPal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=iGAACEABN~&jid=738334824&cid=1062539163.1579599717&tid=UA-53389718-12&_r=1&cd1=1062539163.1579599717&cd3=0&cd4=https%3A%2F%2Fwww.paypal.com%2Fde%2Ferror&cd5=de&cd8=&cd9=&cd10=errorsnodeweb&cd19=101538&cd20=104959&cd22=main%3AgenericError%3A404&cd25=&cd26=1&cg3=0&z=169627382 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-53389718-12&cid=1062539163.1579599717&jid=738334824&_v=j46&z=169627382 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-12&cid=1062539163.1579599717&jid=738334824&_v=j46&z=169627382 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-12&cid=1062539163.1579599717&jid=738334824&_v=j46&z=169627382&slf_rd=1&random=460045697
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
error
www.paypal.com/de/ Redirect Chain
|
11 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_1.0.0.css
www.paypalobjects.com/css/static/enweb/ |
43 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_paypal_106x27.png
www.paypalobjects.com/webstatic/logo/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pa.js
www.paypalobjects.com/pa/js/ |
44 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansSmall-Regular.woff2
www.paypalobjects.com/digitalassets/c/paypal-ui/fonts/ |
18 KB 18 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
miconfig.js
www.paypalobjects.com/pa/mi/ |
73 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.paypalobjects.com/gajs/ |
27 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtag.js
www.paypalobjects.com/pa/mi/3p/gtag/ |
63 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.paypalobjects.com/pa/mi/3p/gtag/ |
44 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
t.paypal.com/ |
42 B 585 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
t.paypal.com/ |
42 B 585 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| PAYPAL object| fpti string| fptiserverurl object| _ifpti function| hideGdprBanner function| showGdprBanner object| miconfig function| ga object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| gDataLayer string| GoogleAnalyticsObject function| gtag object| google_tag_data9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.paypal.com/ | Name: akavpau_ppsd Value: 1579600316~id=d0596c93ff18be3e756717620becb6ba |
|
www.paypal.com/ | Name: connect.sid Value: s%3AKrAurYYJChLTo8QAdnb0HQ_TthDNIxiP.0x6Kq3H%2FzS8anEE4%2BUlBavddzQp4JNLRVqFhep79Fdk |
|
.paypal.com/ | Name: ts Value: vr%3Dc77ae04316f0a89120a6a7eafffbab90%26vreXpYrS%3D1674270493%26vteXpYrS%3D1579601516%26vt%3Dc77ae04c16f0a89120a6a7eafffbab8f |
|
.paypal.com/ | Name: x-pp-s Value: eyJ0IjoiMTU3OTU5OTcxNjQ1MSIsImwiOiIwIiwibSI6IjAifQ |
|
.paypal.com/ | Name: X-PP-SILOVER Value: name%3DLIVE5.WEB.1%26silo_version%3D880%26app%3Derrorsnodeweb%26TIME%3D1579599716%26HTTP_X_PP_AZ_LOCATOR%3Ddcg14.slc |
|
.paypal.com/ | Name: tsrce Value: errorsnodeweb |
|
.paypal.com/ | Name: LANG Value: de_DE%3BDE |
|
.paypal.com/ | Name: X-PP-L7 Value: 1 |
|
.paypal.com/ | Name: enforce_policy Value: gdpr_eu |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-A02e7fUhvwmEp0Xa7qAatAXL1u0BsXvOOsusbNTSJh9WgEfu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src https: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp |
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
stats.g.doubleclick.net
t.paypal.com
vukumoti.com
www.google-analytics.com
www.google.com
www.google.de
www.paypal.com
www.paypalobjects.com
151.101.14.133
185.233.186.238
2001:4860:4802:34::75
23.210.248.226
2a00:1450:4001:814::200e
2a00:1450:400c:c0c::9d
0fa586d42dadbe7582f450f432223e98a3f50ed6037568f79e13dc469c26aa13
15ec627a8e1fb132161d292dc4d404fad091ad98875cf6738feba8544bc028ba
62bb5685d837089cd6aedb6f5fe5375c83ce5facc879632628e1e63e51399580
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
98581bf58e5c202c1742212bb1351053431567fc3da31a0ee29f4f4826bb5214
af93d1d952b2dc42c029871cbbb92988835b31c86d4f0cb6a9674b1d1714a20f
b31b681d2ca2629e5e8d9eb328402a156088a9fb0a854d8fb37b24c797a70cc0
b7b511e45223dc1e83a8688e0b5f76bfd9b5c6d529ba7af4873f08cd12cf029b
c24a3a6ae39bb725f3c844abd1070811168f1c34cea1e1ec0b0497672da0a81b
d5b4b06879f67d270c16984685854fffa267be3e05db4d025761676ddd46a1c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629