![](/screenshots/df341f0b-c4a5-4711-9b2a-d337083105d1.png)
view.emails.paypal.com
Open in
urlscan Pro
13.110.203.71
Public Scan
Submission: On October 14 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 21st 2022. Valid for: a year.
This is the only time view.emails.paypal.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 13.110.203.71 13.110.203.71 | 14340 (SALESFORCE) (SALESFORCE) | |
1 | 13.110.199.75 13.110.199.75 | 14340 (SALESFORCE) (SALESFORCE) | |
3 | 2600:9000:24f... 2600:9000:24f0:5800:12:94b3:c380:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 34.234.142.110 34.234.142.110 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 151.101.130.133 151.101.130.133 | 54113 (FASTLY) (FASTLY) | |
8 | 5 |
ASN14340 (SALESFORCE, US)
PTR: view.emails.paypal.com
view.emails.paypal.com |
ASN14340 (SALESFORCE, US)
PTR: click.emails.paypal.com
click.emails.paypal.com |
ASN16509 (AMAZON-02, US)
images.ctfassets.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-142-110.compute-1.amazonaws.com
pixel.app.returnpath.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3916 |
9 KB |
2 |
paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2248 |
96 KB |
2 |
paypal.com
view.emails.paypal.com click.emails.paypal.com — Cisco Umbrella Rank: 152106 |
33 KB |
1 |
returnpath.net
pixel.app.returnpath.net — Cisco Umbrella Rank: 10345 |
|
8 | 4 |
Domain | Requested by | |
---|---|---|
3 | images.ctfassets.net |
view.emails.paypal.com
|
2 | www.paypalobjects.com |
view.emails.paypal.com
|
1 | pixel.app.returnpath.net |
view.emails.paypal.com
|
1 | click.emails.paypal.com |
view.emails.paypal.com
|
1 | view.emails.paypal.com | |
8 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
click.emails.paypal.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
view.emails.paypal.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-21 - 2023-10-22 |
a year | crt.sh |
click.emails.paypal.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-21 - 2023-10-22 |
a year | crt.sh |
images.ctfassets.net Amazon |
2022-02-17 - 2023-03-18 |
a year | crt.sh |
*.app.returnpath.net Amazon |
2022-01-21 - 2023-02-19 |
a year | crt.sh |
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2022-04-12 - 2023-04-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://view.emails.paypal.com/?qs=a06bc87506f489849810089749df4a85cc30c7ebbbeed73ebfc6bbc10773ad7cf755caa1eb7b2239f647bdcbedbc48632960b326317c3305d167af581efd7cc0037ac1fef456ecd82ba68b2ba1359c99
Frame ID: 02CF19EA68569A7B8AFBF01FD6A77965
Requests: 8 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Policy Updates page
Search URL Search Domain Scan URL
Title: get in touch
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
view.emails.paypal.com/ |
33 KB 33 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
open.aspx
click.emails.paypal.com/ |
43 B 199 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPal_logo_blue.png
images.ctfassets.net/7rifqg28wcbd/52UVBwiCFFmTktrlmJYRAr/3adedd4218c0ccb648245e74761fb336/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
headergrad_onwhite.jpg
images.ctfassets.net/7rifqg28wcbd/1tFsF7cjjNpwaLC3AKwtu7/3709b2fab644d1c377323faf87f300f9/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spacer.gif
images.ctfassets.net/7rifqg28wcbd/6Xa3RLs8deEywtgXmAo9JV/61b1ee3576f0473ea04f86166fc8f4b1/ |
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
pixel.app.returnpath.net/ |
22 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansBig-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ |
49 KB 49 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansSmall-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ |
46 KB 47 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
click.emails.paypal.com
images.ctfassets.net
pixel.app.returnpath.net
view.emails.paypal.com
www.paypalobjects.com
13.110.199.75
13.110.203.71
151.101.130.133
2600:9000:24f0:5800:12:94b3:c380:93a1
34.234.142.110
35f062a41a05f7c303a45a27451bc038588515374fb7079ecfdb5d960943271c
4d5c29e41277f543455e865a69634f17a2846fd001553890d5801379df3a7c47
96a6c012d122b61f9009756b4092b984fe9e33286c7deed6eb7b2a173035313a
9d756ca862f9d0de9b9011dd45c32453b2368bafb8fd121dc1234ca8bb239814
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
dea668f585bdc0e57147e8425862f42ec31188b27225c6ae8619e6bc80d409c8