www.paypal.com
Open in
urlscan Pro
151.101.193.21
Public Scan
Effective URL: https://www.paypal.com/connect/?client_id=AfAbB3wzSaqAe_s42zpG8RVkup478sXVyc_kVaEaMMOEEwY2_T20dDvlftpRebBjV6FzjM1kyxgHi...
Submission: On December 05 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 10th 2022. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.110.8.61 13.110.8.61 | 14340 (SALESFORCE) (SALESFORCE) | |
1 3 | 151.101.193.21 151.101.193.21 | 54113 (FASTLY) (FASTLY) | |
15 | 151.101.66.133 151.101.66.133 | 54113 (FASTLY) (FASTLY) | |
1 | 104.17.209.240 104.17.209.240 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 192.229.221.25 192.229.221.25 | 15133 (EDGECAST) (EDGECAST) | |
20 | 4 |
ASN14340 (SALESFORCE, US)
PTR: dcl1-ncg0-iad3.na91-ia2.my.salesforce.com
goto.my.salesforce.com |
ASN13335 (CLOUDFLARENET, US)
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2020 |
281 KB |
5 |
paypal.com
1 redirects
www.paypal.com — Cisco Umbrella Rank: 2271 t.paypal.com — Cisco Umbrella Rank: 2932 |
7 KB |
1 |
qualtrics.com
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com — Cisco Umbrella Rank: 14355 |
9 KB |
1 |
salesforce.com
1 redirects
goto.my.salesforce.com — Cisco Umbrella Rank: 700206 |
2 KB |
20 | 4 |
Domain | Requested by | |
---|---|---|
15 | www.paypalobjects.com |
www.paypal.com
www.paypalobjects.com |
3 | www.paypal.com |
1 redirects
www.paypal.com
|
2 | t.paypal.com | |
1 | zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com |
www.paypalobjects.com
|
1 | goto.my.salesforce.com | 1 redirects |
20 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2022-11-10 - 2023-11-10 |
a year | crt.sh |
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA |
2022-10-13 - 2023-11-13 |
a year | crt.sh |
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-04 - 2023-05-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.paypal.com/connect/?client_id=AfAbB3wzSaqAe_s42zpG8RVkup478sXVyc_kVaEaMMOEEwY2_T20dDvlftpRebBjV6FzjM1kyxgHinxD&forwardFrom=idsw&redirect_uri=https%3A%2F%2Fgoto.my.salesforce.com%2Fservices%2Fauthcallback%2FLog_In_with_PayPal&response_type=code&scope=profile%20email%20address%20phone%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fpaypalattributes%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fpaypalattributes%2Fbusiness&state=CAAAAYTjaU1qMDAwMDAwMDAwMDAwMDAwAAAA8ETCTefG8oDccl5ahkydb6ptTbXBwmWSGevG8FNXq4KMcz1-pMQnJZlAJxVZxkEp3zGw8w8Ttz_fEX_0jRf8Lrr3gWrLV1wFvJ1zyZ0zDXeR3Gy1Nb0yEdSCJ5KCa64aFtafVQnSBbBcsbWEhkXTWa4nkhb_UbHT9UrzSjl-4bu0DpxDVxLuXOBmKqRn-qLDzXM6Zjp_IS-uxeyWjlG8hBA%3D
Frame ID: E0F527D9886877C58534195834772B8D
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
EntschuldigungPage URL History Show full URLs
-
https://goto.my.salesforce.com/services/auth/sso/00D300000000LaYEAU/Log_In_with_PayPal
HTTP 302
https://www.paypal.com/webapps/auth/protocol/openidconnect/v1/authorize?response_type=code&client_i... HTTP 301
https://www.paypal.com/connect/?client_id=AfAbB3wzSaqAe_s42zpG8RVkup478sXVyc_kVaEaMMOEEwY2_T20dDvlf... Page URL
Detected technologies
PayPal (Payment Processors) ExpandDetected patterns
- paypalobjects\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://goto.my.salesforce.com/services/auth/sso/00D300000000LaYEAU/Log_In_with_PayPal
HTTP 302
https://www.paypal.com/webapps/auth/protocol/openidconnect/v1/authorize?response_type=code&client_id=AfAbB3wzSaqAe_s42zpG8RVkup478sXVyc_kVaEaMMOEEwY2_T20dDvlftpRebBjV6FzjM1kyxgHinxD&redirect_uri=https%3A%2F%2Fgoto.my.salesforce.com%2Fservices%2Fauthcallback%2FLog_In_with_PayPal&scope=profile+email+address+phone+https%3A%2F%2Furi.paypal.com%2Fservices%2Fpaypalattributes+https%3A%2F%2Furi.paypal.com%2Fservices%2Fpaypalattributes%2Fbusiness&state=CAAAAYTjaU1qMDAwMDAwMDAwMDAwMDAwAAAA8ETCTefG8oDccl5ahkydb6ptTbXBwmWSGevG8FNXq4KMcz1-pMQnJZlAJxVZxkEp3zGw8w8Ttz_fEX_0jRf8Lrr3gWrLV1wFvJ1zyZ0zDXeR3Gy1Nb0yEdSCJ5KCa64aFtafVQnSBbBcsbWEhkXTWa4nkhb_UbHT9UrzSjl-4bu0DpxDVxLuXOBmKqRn-qLDzXM6Zjp_IS-uxeyWjlG8hBA%3D HTTP 301
https://www.paypal.com/connect/?client_id=AfAbB3wzSaqAe_s42zpG8RVkup478sXVyc_kVaEaMMOEEwY2_T20dDvlftpRebBjV6FzjM1kyxgHinxD&forwardFrom=idsw&redirect_uri=https%3A%2F%2Fgoto.my.salesforce.com%2Fservices%2Fauthcallback%2FLog_In_with_PayPal&response_type=code&scope=profile%20email%20address%20phone%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fpaypalattributes%20https%3A%2F%2Furi.paypal.com%2Fservices%2Fpaypalattributes%2Fbusiness&state=CAAAAYTjaU1qMDAwMDAwMDAwMDAwMDAwAAAA8ETCTefG8oDccl5ahkydb6ptTbXBwmWSGevG8FNXq4KMcz1-pMQnJZlAJxVZxkEp3zGw8w8Ttz_fEX_0jRf8Lrr3gWrLV1wFvJ1zyZ0zDXeR3Gy1Nb0yEdSCJ5KCa64aFtafVQnSBbBcsbWEhkXTWa4nkhb_UbHT9UrzSjl-4bu0DpxDVxLuXOBmKqRn-qLDzXM6Zjp_IS-uxeyWjlG8hBA%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.paypal.com/connect/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.ltr.css
www.paypalobjects.com/web/res/9c3/8869ce303b3857fa6bcf1ab8f8b49/css/ |
60 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
consent.js
www.paypalobjects.com/web/res/9c3/8869ce303b3857fa6bcf1ab8f8b49/js/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pa.js
www.paypalobjects.com/pa/js/ |
55 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp
www.paypal.com/csplog/api/log/ |
2 B 2 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latmconf.js
www.paypalobjects.com/pa/mi/ |
293 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lg-attention-warning.png
www.paypalobjects.com/images/shared/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon_PP_monogram_2x.png
www.paypalobjects.com/webstatic/i/consumer/onboarding/ |
946 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansBig-Light.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ |
48 KB 48 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansSmall-Light.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ |
46 KB 46 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansSmall-Regular.woff
www.paypalobjects.com/webstatic/mktg/2014design/font/PP-Sans/ |
46 KB 46 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OrchestratorMain.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12.2e4d3453d92fa382c1f6.chunk.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ |
56 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Targeting.php
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
135 KB 9 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CoreModule.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ |
100 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.bee7caf079144a7b9980.chunk.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.1303dc17a61da0f506d3.chunk.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ |
29 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17.0e47ac923c1fa85e46cf.chunk.js
www.paypalobjects.com/pa/3pjs/qualtrics/1.64.1/ |
19 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
t.paypal.com/ |
42 B 757 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
t.paypal.com/ |
42 B 550 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange object| form object| transition undefined| transitioning object| returnUrl undefined| redirectUri object| externalRedirect object| otpForm object| rememberedForm object| infoIcon object| transistionPage object| cancelLink object| groupModalWindow object| closeModalWindow object| escModalWindow undefined| otpCode object| redirectInContext object| categories object| keyDates object| sharedData object| PPXM_SURVEY_CONFIG function| addEvent function| showSpinner function| showTransitionPage function| displaceFooter function| showError function| isNotEmpty function| isValidOtp function| validation function| hideError function| verifyOtp function| toggleInfo function| openModal function| hideModal function| closeModalOnESC function| waitToRedirect function| triggerSurvey object| PAYPAL object| fpti string| fptiserverurl object| _ifpti object| latmconf object| laDataLayer object| QSI object| WAFQualtricsWebpackJsonP-hosted-1.64.1 object| _qsie13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
goto.my.salesforce.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
goto.my.salesforce.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
.salesforce.com/ | Name: BrowserId Value: PG5OBHTDEe2iw5vDAwjGOw |
|
.salesforce.com/ | Name: BrowserId_sec Value: PG5OBHTDEe2iw5vDAwjGOw |
|
goto.my.salesforce.com/ | Name: idccsrf Value: 31533498305816409041670261739978159074968894559079 |
|
.paypal.com/ | Name: l7_az Value: dcg15.slc |
|
.paypal.com/ | Name: ts_c Value: vr%3De35b92771840a1d5167683a4fc58d831%26vt%3De35b92771840a1d5167683a4fc58d830 |
|
.paypal.com/ | Name: enforce_policy Value: gdpr_v2.1 |
|
.paypal.com/ | Name: LANG Value: de_DE%3BDE |
|
www.paypal.com/ | Name: nsid Value: s%3AAVE7_e8J06pZyHInrKfTXZHDXcYOU4xL.h0X5MLUjZ%2B0MhlDr5I5VVwuCTh8GnytUXa9rIqy7IQc |
|
.paypal.com/ | Name: x-pp-s Value: eyJ0IjoiMTY3MDI2MTc0MDgwMyIsImwiOiIwIiwibSI6IjAifQ |
|
.paypal.com/ | Name: tsrce Value: cspreportnodeweb |
|
.paypal.com/ | Name: ts Value: vreXpYrS%3D1764956142%26vteXpYrS%3D1670263542%26vr%3De35b92771840a1d5167683a4fc58d831%26vt%3De35b92771840a1d5167683a4fc58d830%26vtyp%3Dnew |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-OTaYPAXMDnYssZRHRWMILMu8qvBYip+twK/SD8Hjof488q5s' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src 'self' https:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com https://*.trustwave.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
goto.my.salesforce.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
zn1ynnliufrct75cb-paypalxm.siteintercept.qualtrics.com
104.17.209.240
13.110.8.61
151.101.193.21
151.101.66.133
192.229.221.25
28972dd38f4f1b85288b11aa23262195e3ab2f972b920c64414d00e3751c7ca8
42991774f119425b2cfed72fa543d351ee37288db686f4f3390996ff739a34de
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56dec61f2e8ba0abda1927cabf9600ecefea384147ab04a7b2ae44424482df44
6120490479faed6d8d729d04ef2cedcc67231444ee41c2b01e8f88bcdef229fa
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
843e67ad522a908162007f4b7601819a5bbfef00e38ac7aec778766da8b7b2ab
8767babfb3f21942cdfe8d67455e6a1d87898708f63f2704e5985d8c4273b859
8b43508aba121c079651841e31c71adc6ddecca7cfbb0ee310498bf415d907b8
9678dd86513c236593527c9b89e5a95d64621c8b7dbe5f27638ab6c5c858a106
ae67c709e18343ab7a996e949c6a40689f314aaba37b92c8efa40ba8a59c7582
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
b3a8d966d249beda7f50ac3c2bfbb549109d5aee49c948aaba10cffade528715
b779c38eac145d662cc3f51f228544b595c600a75cd0b928991cce194f094f52
ba4691262fbf1abd2bd988530282374fbe5517357d414d61cba2b6739374d565
c599c554590d1a336ffcb9627f6caaac34b6228f60e15f5f25454bff38facb7e
c753a29eda13304a21a5b583989d8cd23639f45b92f4a215b106116b9a5f8b02
e7d287b90b3a071aed8c9860f22cff01bcb34fcfc45bd90319bac450226d1e6d
ea680c36b1e632fc0a96cd21231f1d9e17db700b8b68729328c5b8972e2d3622