www.paypal.com
Open in
urlscan Pro
2.21.38.79
Public Scan
Effective URL: https://www.paypal.com/us/receipt/?id=INV2-3EE8-S9UB-WKGU-XCLV
Submission: On January 30 via manual from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 10th 2019. Valid for: a year.
This is the only time www.paypal.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 2.21.38.79 2.21.38.79 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
7 | 151.101.14.133 151.101.14.133 | 54113 (FASTLY) (FASTLY) | |
1 | 104.109.59.87 104.109.59.87 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:814::200e | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:400c:c00::9a | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:809::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
13 | 6 |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-21-38-79.deploy.static.akamaitechnologies.com
www.paypal.com | |
t.paypal.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-59-87.deploy.static.akamaitechnologies.com
pics.paypal.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
paypalobjects.com
www.paypalobjects.com |
172 KB |
5 |
paypal.com
1 redirects
www.paypal.com pics.paypal.com t.paypal.com |
23 KB |
1 |
google.de
www.google.de |
109 B |
1 |
google.com
1 redirects
www.google.com |
191 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
160 B |
1 |
google-analytics.com
1 redirects
www.google-analytics.com |
170 B |
1 |
googleapis.com
maps.googleapis.com |
8 KB |
13 | 7 |
Domain | Requested by | |
---|---|---|
7 | www.paypalobjects.com |
www.paypal.com
www.paypalobjects.com |
3 | www.paypal.com |
1 redirects
www.paypal.com
|
1 | t.paypal.com | |
1 | www.google.de | |
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | www.google-analytics.com | 1 redirects |
1 | maps.googleapis.com |
www.paypal.com
|
1 | pics.paypal.com |
www.paypal.com
|
13 | 9 |
This site contains links to these domains. Also see Links.
Domain |
---|
paypal.com |
itunes.apple.com |
play.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2019-09-10 - 2020-08-18 |
a year | crt.sh |
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA |
2019-12-09 - 2021-12-13 |
2 years | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-01-14 - 2020-04-07 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-01-14 - 2020-04-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.paypal.com/us/receipt/?id=INV2-3EE8-S9UB-WKGU-XCLV
Frame ID: BF190C34D3E8D19AAAC291B0417AE5ED
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.paypal.com/us/cgi-bin/?cmd=_pay-inv&id=INV2-3EE8-S9UB-WKGU-XCLV&ireceipt=1
HTTP 302
https://www.paypal.com/us/receipt/?id=INV2-3EE8-S9UB-WKGU-XCLV Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: PayPal
Search URL Search Domain Scan URL
Title: Available on the App Store
Search URL Search Domain Scan URL
Title: Android app on Google Play
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.paypal.com/us/cgi-bin/?cmd=_pay-inv&id=INV2-3EE8-S9UB-WKGU-XCLV&ireceipt=1
HTTP 302
https://www.paypal.com/us/receipt/?id=INV2-3EE8-S9UB-WKGU-XCLV Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://www.google-analytics.com/r/collect?v=1&_v=j46&a=2032984118&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paypal.com%2Fus%2Freceipt&ul=en-us&de=UTF-8&dt=PayPal&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=iGAACEABN~&jid=745793784&cid=669169358.1580396962&tid=UA-53389718-12&_r=1&cd1=669169358.1580396962&cd2=68HA89DHAE57U&cd3=1&cd4=https%3A%2F%2Fwww.paypal.com%2Fus%2Freceipt&cd5=us&cd8=&cd9=&cd10=pphreceiptsnodeweb&cd22=main%3Apph%3Areceipt%3Asuccess%3A&cd25=&cd26=1&cg3=1&z=68179817 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-53389718-12&cid=669169358.1580396962&jid=745793784&_v=j46&z=68179817 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-12&cid=669169358.1580396962&jid=745793784&_v=j46&z=68179817 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-53389718-12&cid=669169358.1580396962&jid=745793784&_v=j46&z=68179817&slf_rd=1&random=3074375494
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.paypal.com/us/receipt/ Redirect Chain
|
7 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
full.css
www.paypalobjects.com/web/res/aa0/a56ac922cc7404c7ed40ef75c7fc7/css/receipt/ |
99 KB 63 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
$_1.JPG
pics.paypal.com/00/s/MjkzWDUyMA==/z/ogwAAOSwZjJU75~I/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
staticmap
maps.googleapis.com/maps/api/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pa.js
www.paypalobjects.com/pa/js/ |
44 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
receipt.js
www.paypalobjects.com/web/res/aa0/a56ac922cc7404c7ed40ef75c7fc7/js/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp
www.paypal.com/csplog/api/log/ |
2 B 1 KB |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
139 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
406 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
182 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
303 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
162 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
382 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
367 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
miconfig.js
www.paypalobjects.com/pa/mi/ |
73 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.paypalobjects.com/gajs/ |
27 KB 14 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtag.js
www.paypalobjects.com/pa/mi/3p/gtag/ |
63 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.paypalobjects.com/pa/mi/3p/gtag/ |
44 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
t.paypal.com/ |
42 B 588 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| PAYPAL object| fpti string| fptiserverurl object| _ifpti object| miconfig function| ga object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| gDataLayer string| GoogleAnalyticsObject function| gtag object| google_tag_data11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www.paypal.com/ | Name: akavpau_ppsd Value: 1580397561~id=0605ba4777519e808473daa8e8788258 |
|
.paypal.com/ | Name: X-PP-SILOVER Value: name%3DLIVE3.WEB.1%26silo_version%3D880%26app%3Dcspreportnodeweb%26TIME%3D1580396960%26HTTP_X_PP_AZ_LOCATOR%3Ddcg14.slc |
|
.paypal.com/ | Name: tsrce Value: cspreportnodeweb |
|
.paypal.com/ | Name: x-pp-s Value: eyJ0IjoiMTU4MDM5Njk2MDkxOCIsImwiOiIwIiwibSI6IjAifQ |
|
.paypal.com/ | Name: ts Value: vr%3Df6ffda8316f0a89ad82185a3fffff7ce%26vreXpYrS%3D1675067737%26vteXpYrS%3D1580398760%26vt%3Df6ffda9016f0a89ad82185a3fffff7cd |
|
.paypal.com/ | Name: navcmd Value: _pay-inv |
|
.paypal.com/ | Name: LANG Value: en_US%3BUS |
|
.paypal.com/ | Name: cookie_check Value: yes |
|
.paypal.com/ | Name: X-PP-L7 Value: 1 |
|
www.paypal.com/ | Name: nsid Value: s%3AbI7ORP0gvGWEUQ7Z09Z0cqs_u97RLtOK.OcAcyBVg709Vhbv5b4L6Q1WTWHDxJnn9ZWSO%2BxNlca0 |
|
.paypal.com/ | Name: cwrClyrK4LoCV1fydGbAxiNL6iG Value: mcE5PgHGQ1H95gQBfkgkdVyvFf9l8_1VTV3z2kUdj8Jlj9kwpTOo4mPefeMuuJzCaoSIOG-4BS3JOSlAdD4okGgM_gFV3BH4p375UpI1OTANJdnMWS_jt8AnxKfAQn-fpfwMUgHNWv2iNB9BbjOlt82xq0rkwrD5UvXSJX3W1hDOHeiNaw6szEqzWoA5yaiSfiSgnkYN0FMopgV5SGJ1IOguFrdRE-5T0_mRASNsPfOhgaDZLNho-VtOQp4 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-BvRgmDIJdq2kWd+GAOefqOZsfBhwCJm9XpQpMgKPnAy29kyu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * 'self' https: 'unsafe-inline' 'unsafe-eval' blob: data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp |
Strict-Transport-Security | max-age=63072000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
maps.googleapis.com
pics.paypal.com
stats.g.doubleclick.net
t.paypal.com
www.google-analytics.com
www.google.com
www.google.de
www.paypal.com
www.paypalobjects.com
104.109.59.87
151.101.14.133
2.21.38.79
2a00:1450:4001:806::2003
2a00:1450:4001:809::2004
2a00:1450:4001:814::200e
2a00:1450:4001:820::200a
2a00:1450:400c:c00::9a
0fa586d42dadbe7582f450f432223e98a3f50ed6037568f79e13dc469c26aa13
113900ff00e39d78134f072412faf22ce9f9bc68a1e4b814561bc97e8c00fb1a
2b646d8fdee1b2c09650f18fcf5435f3f06fbea111ddd73e76907579ad918210
49c0dfff26b30743111dd94f1912df5a64b04baf280b70923532e186fa620140
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a0799a17ffce79c098c522ed22b9bb5b6dd1846101ebbf80ae449b006aac0ab
62bb5685d837089cd6aedb6f5fe5375c83ce5facc879632628e1e63e51399580
6d2c7e98352fcbf476a02b6cc1bd733b8c37866ea7c728c3a75396cd0b7d285b
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
89898339a767319fb54049150e3f964d0dea2fb61e11015d5337710ce34214fc
98581bf58e5c202c1742212bb1351053431567fc3da31a0ee29f4f4826bb5214
9d9a17b25721d8bd4bc09f0121bd3cad6c41254b21dee9827c1fc52acb564dc5
aa5db409777f82e0ce449b088da9fcbe93e091d93054b412342709b3355a05a8
b7b511e45223dc1e83a8688e0b5f76bfd9b5c6d529ba7af4873f08cd12cf029b
d600d0b740acbb8c19bcd8cced8ae106773191860245312d695f76c179f57581
da77efe4380d91b4e0318561be8f617f18fe627624c885c00f75264905c6f393
dba4e0fbc4bd0f9a586a7c713645ce5ac16c5c2639a4680de9dccd78c21201d0
e801e52bf15f0888b5c7438b2f0548ddbc580c4c6243f5533809cf37ee8e0321
ed40737b2e36a4d76b45bee1f7ee42d1f77cc0041817c5ab815900dace6b83d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f279a7108bf0afb3cd59b7e48a29d1fd9322381467073f7e907d8ea04df43a40
f3b2619db48a45952b4f2904043b1cf3eb2d74aeb476b6d40b66667c8189466e
f769bdd1f568663326bfb5ee3e06db6745d302859697f703c3ed05d7a734cfa8