urlscan.io logo urlscan.io
SecurityTrails logo

view.emails.paypal.com Open in urlscan Pro
13.110.203.71  Public Scan

Go To Rescan Add Verdict Report
URL: https://view.emails.paypal.com/?qs=a06bc87506f489849810089749df4a85cc30c7ebbbeed73ebfc6bbc10773ad7cf755caa1eb7b2239f647bdcbedbc...
Submission: On October 14 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 13.110.203.71, located in United States and belongs to SALESFORCE, US. The main domain is view.emails.paypal.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 21st 2022. Valid for: a year.
This is the only time view.emails.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.110.203.71 14340 (SALESFORCE)
1 13.110.199.75 14340 (SALESFORCE)
3 2600:9000:24f... 16509 (AMAZON-02)
1 34.234.142.110 14618 (AMAZON-AES)
2 151.101.130.133 54113 (FASTLY)
8 5
1    13.110.203.71 (United States)

ASN14340 (SALESFORCE, US)
PTR: view.emails.paypal.com
view.emails.paypal.com
1    13.110.199.75 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.emails.paypal.com
click.emails.paypal.com
3    2600:9000:24f0:5800:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)
images.ctfassets.net
1    34.234.142.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-142-110.compute-1.amazonaws.com
pixel.app.returnpath.net
2    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
Apex Domain
Subdomains		 Transfer
3 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3916
9 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2248
96 KB
2 paypal.com
view.emails.paypal.com
click.emails.paypal.com — Cisco Umbrella Rank: 152106
33 KB
1 returnpath.net
pixel.app.returnpath.net — Cisco Umbrella Rank: 10345
8 4
Domain Requested by
3 images.ctfassets.net view.emails.paypal.com
2 www.paypalobjects.com view.emails.paypal.com
1 pixel.app.returnpath.net view.emails.paypal.com
1 click.emails.paypal.com view.emails.paypal.com
1 view.emails.paypal.com
8 5

This site contains links to these domains. Also see Links.

Domain
click.emails.paypal.com
Subject Issuer Validity Valid
view.emails.paypal.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-21 -
2023-10-22		 a year crt.sh
click.emails.paypal.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-21 -
2023-10-22		 a year crt.sh
images.ctfassets.net
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
*.app.returnpath.net
Amazon		 2022-01-21 -
2023-02-19		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://view.emails.paypal.com/?qs=a06bc87506f489849810089749df4a85cc30c7ebbbeed73ebfc6bbc10773ad7cf755caa1eb7b2239f647bdcbedbc48632960b326317c3305d167af581efd7cc0037ac1fef456ecd82ba68b2ba1359c99
Frame ID: 02CF19EA68569A7B8AFBF01FD6A77965
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PayPal

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Page Statistics

8
Requests

100 %
HTTPS

20 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

138 kB
Transfer

136 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
view.emails.paypal.com/ 		33 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.emails.paypal.com/?qs=a06bc87506f489849810089749df4a85cc30c7ebbbeed73ebfc6bbc10773ad7cf755caa1eb7b2239f647bdcbedbc48632960b326317c3305d167af581efd7cc0037ac1fef456ecd82ba68b2ba1359c99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.203.71 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
view.emails.paypal.com
Software
/
Resource Hash
9d756ca862f9d0de9b9011dd45c32453b2368bafb8fd121dc1234ca8bb239814

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private
Connection
close
Content-Length
33354
Content-Type
text/html; charset=utf-8
Date
Fri, 14 Oct 2022 16:02:59 GMT
open.aspx
click.emails.paypal.com/ 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://click.emails.paypal.com/open.aspx?ffcb10-fef310737c6d07-fe2817777560057a761377-fe3611727364047f721671-ffc912-fe1b10777c6d0478731c74-ff2c11757161&d=120005&bmt=0
Requested by
Host: view.emails.paypal.com
URL: https://view.emails.paypal.com/?qs=a06bc87506f489849810089749df4a85cc30c7ebbbeed73ebfc6bbc10773ad7cf755caa1eb7b2239f647bdcbedbc48632960b326317c3305d167af581efd7cc0037ac1fef456ecd82ba68b2ba1359c99
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.199.75 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
click.emails.paypal.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 14 Oct 2022 16:02:59 GMT
Cache-Control
no-cache; max-age=0
Connection
close
Content-Length
43
Content-Type
image/gif
PayPal_logo_blue.png
images.ctfassets.net/7rifqg28wcbd/52UVBwiCFFmTktrlmJYRAr/3adedd4218c0ccb648245e74761fb336/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/7rifqg28wcbd/52UVBwiCFFmTktrlmJYRAr/3adedd4218c0ccb648245e74761fb336/PayPal_logo_blue.png
Requested by
Host: view.emails.paypal.com
URL: https://view.emails.paypal.com/?qs=a06bc87506f489849810089749df4a85cc30c7ebbbeed73ebfc6bbc10773ad7cf755caa1eb7b2239f647bdcbedbc48632960b326317c3305d167af581efd7cc0037ac1fef456ecd82ba68b2ba1359c99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:5800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
96a6c012d122b61f9009756b4092b984fe9e33286c7deed6eb7b2a173035313a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 11:03:56 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
last-modified
Mon, 12 Oct 2020 10:48:01 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
age
17945
etag
"467da77f9fc09880d929dadead17ab87"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
5625
x-amz-cf-id
Gdh1rsMKDEXD11OiyCgaop4ib3cYcFzT5M5KZl2xL5pMxK8ZLktGVg==
headergrad_onwhite.jpg
images.ctfassets.net/7rifqg28wcbd/1tFsF7cjjNpwaLC3AKwtu7/3709b2fab644d1c377323faf87f300f9/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/7rifqg28wcbd/1tFsF7cjjNpwaLC3AKwtu7/3709b2fab644d1c377323faf87f300f9/headergrad_onwhite.jpg
Requested by
Host: view.emails.paypal.com
URL: https://view.emails.paypal.com/?qs=a06bc87506f489849810089749df4a85cc30c7ebbbeed73ebfc6bbc10773ad7cf755caa1eb7b2239f647bdcbedbc48632960b326317c3305d167af581efd7cc0037ac1fef456ecd82ba68b2ba1359c99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:5800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
35f062a41a05f7c303a45a27451bc038588515374fb7079ecfdb5d960943271c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 06:55:23 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
last-modified
Mon, 12 Oct 2020 10:53:10 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
age
32860
etag
"44e7cb43eea9db0af392380f78ef0d56"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
1311
x-amz-cf-id
KMV0gXWP7lrWLHqmkIZJnmcL40BVrEMRKAW5ijTpeIw2RYd0aU270A==
spacer.gif
images.ctfassets.net/7rifqg28wcbd/6Xa3RLs8deEywtgXmAo9JV/61b1ee3576f0473ea04f86166fc8f4b1/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.ctfassets.net/7rifqg28wcbd/6Xa3RLs8deEywtgXmAo9JV/61b1ee3576f0473ea04f86166fc8f4b1/spacer.gif
Requested by
Host: view.emails.paypal.com
URL: https://view.emails.paypal.com/?qs=a06bc87506f489849810089749df4a85cc30c7ebbbeed73ebfc6bbc10773ad7cf755caa1eb7b2239f647bdcbedbc48632960b326317c3305d167af581efd7cc0037ac1fef456ecd82ba68b2ba1359c99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:5800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
dea668f585bdc0e57147e8425862f42ec31188b27225c6ae8619e6bc80d409c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 10:10:25 GMT
via
1.1 836a4a85ed2221f76e2beedeab244eba.cloudfront.net (CloudFront)
last-modified
Wed, 07 Oct 2020 12:11:41 GMT
server
Contentful Images API
x-amz-cf-pop
JFK50-P3
age
21156
etag
"4ef026add9b038543403d95af9a52c77"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
1183
x-amz-cf-id
ITNB_AR9HXfgYNjNDA171rcHFh-fOhSLZSkSqRLagwnWXSgffuq2tg==
pixel.gif
pixel.app.returnpath.net/ 		22 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.app.returnpath.net/pixel.gif?r=2f6be46d47e11b222de691bd456fc58eb37b72dd
Requested by
Host: view.emails.paypal.com
URL: https://view.emails.paypal.com/?qs=a06bc87506f489849810089749df4a85cc30c7ebbbeed73ebfc6bbc10773ad7cf755caa1eb7b2239f647bdcbedbc48632960b326317c3305d167af581efd7cc0037ac1fef456ecd82ba68b2ba1359c99
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.142.110 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-142-110.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 14 Oct 2022 16:03:00 GMT
cache-control
no-store, no-cache, must-revalidate
x-content-type-options
nosniff
content-type
image/gif
PayPalSansBig-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansBig-Regular.woff
Requested by
Host: view.emails.paypal.com
URL: https://view.emails.paypal.com/?qs=a06bc87506f489849810089749df4a85cc30c7ebbbeed73ebfc6bbc10773ad7cf755caa1eb7b2239f647bdcbedbc48632960b326317c3305d167af581efd7cc0037ac1fef456ecd82ba68b2ba1359c99
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d5c29e41277f543455e865a69634f17a2846fd001553890d5801379df3a7c47
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://view.emails.paypal.com/
Origin
https://view.emails.paypal.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:03:00 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
e5fe70db9e689
dc
phx-origin-www-3.paypal.com
content-length
50031
x-served-by
cache-sjc10069-SJC, cache-yul12822-YUL
last-modified
Wed, 30 Sep 2015 05:09:04 GMT
x-timer
S1665763380.141674,VS0,VE1
etag
"560b6e70-c36f"
content-type
font/woff
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
4269, 1
PayPalSansSmall-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/PayPalSansSmall-Regular.woff
Requested by
Host: view.emails.paypal.com
URL: https://view.emails.paypal.com/?qs=a06bc87506f489849810089749df4a85cc30c7ebbbeed73ebfc6bbc10773ad7cf755caa1eb7b2239f647bdcbedbc48632960b326317c3305d167af581efd7cc0037ac1fef456ecd82ba68b2ba1359c99
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://view.emails.paypal.com/
Origin
https://view.emails.paypal.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 14 Oct 2022 16:03:00 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
dc9f7adddf8b6
dc
ccg11-origin-www-1.paypal.com
content-length
47339
x-served-by
cache-sjc10059-SJC, cache-yul12822-YUL
last-modified
Wed, 30 Sep 2015 05:09:04 GMT
x-timer
S1665763380.141671,VS0,VE0
etag
"560b6e70-b8eb"
content-type
font/woff
access-control-allow-origin
*
cache-control
public,max-age=3600
accept-ranges
bytes
x-cache-hits
79, 47326

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies