Site report for https://www.paypal.com
Lookup another site?
| Site title | Send Money, Pay Online or Set Up a Merchant Account - PayPal |
|---|---|
| Site rank | 91 |
| Description | PayPal is the faster, safer way to send money and make an online payment or set up a merchant account. |
| Date first seen | October 2001 |
|---|---|
| Netcraft Risk Rating | 0/10 |
| Primary language | English |
| Site | https://www.paypal.com |
|---|---|
| Netblock Owner | Akamai International, BV |
| Domain | paypal.com |
| Nameserver | ppns1.phx.paypal.com |
| IP address | 104.123.101.84 (VirusTotal) |
| DNS admin | hostmaster@paypal.com |
| IPv6 address | Not Present |
| Reverse DNS | a104-123-101-84.deploy.static.akamaitechnologies.com |
| Domain registrar | markmonitor.com |
|---|---|
| Nameserver organisation | whois.markmonitor.com |
| Organisation | PayPal Inc., 2211 North First Street,, San Jose, 95131, United States |
| Hosting company | Akamai Technologies |
| Top Level Domain | Commercial entities (.com) |
| DNS Security Extensions | Enabled |
| Hosting country | NL |
| Latest Performance | Performance Graph |
| IP range | Country | Name | Description |
|---|---|---|---|
| 0.0.0.0-255.255.255.255 | N/A | IANA-BLK | The whole IPv4 address space |
| ↳ 104.0.0.0-104.255.255.255 | United States | NET104 | American Registry for Internet Numbers |
| ↳ 104.64.0.0-104.127.255.255 | United States | AKAMAI | Akamai Technologies, Inc. |
| ↳ 104.123.96.0-104.123.103.255 | Netherlands | AIBV | Akamai International, BV |
| ↳ 104.123.101.84 | Netherlands | AIBV | Akamai International, BV |
| Assurance | Extended validation |
|---|---|
| Common name | www.paypal.com |
| Organisation | PayPal, Inc. |
| State | California |
| Country | US |
| Organisational unit | CDN Support |
| Subject Alternative Name | www.paypal.com, login.paypal.com, history.paypal.com, www.paypalobjects.com, pics.paypal.com |
| Validity period | From Jan 9 2020 to Jan 12 2022 (24 months, 3 days) |
| Matches hostname | Yes |
| Server | AkamaiGHost |
| Public key algorithm | rsaEncryption |
| Protocol version | TLSv1.2 |
| Public key length | 2048 |
| Certificate check | ok |
| Signature algorithm | sha256WithRSAEncryption |
| Serial number | 0x0ec34e770257004fadccf4a2f519d60c |
| Cipher | ECDHE-RSA-AES128-GCM-SHA256 |
| Version number | 0x02 |
| Perfect Forward Secrecy | Yes |
|---|---|
| Next Protocol Negotiation | h2,h2-14,http/1.1,http/1.0 |
| Supported TLS Extensions | RFC5746 renegotiation info, RFC4366 server name, RFC4492 EC point formats, RFC5077 session ticket, RFC4366 status request, Next Protocol Negotiation |
| Issuing organisation | DigiCert Inc |
| Issuer common name | DigiCert SHA2 Extended Validation Server CA |
| Issuer unit | www.digicert.com |
| Issuer location | Not Present |
| Issuer country | US |
| Issuer state | Not Present |
| Certificate Revocation Lists |
http://crl3.digicert.com/sha2-ev-server-g2.crl http://crl4.digicert.com/sha2-ev-server-g2.crl |
| Certificate Hash | hKVo/uWx9K9D4kEpIkayKCUvYeg |
| Public Key Hash | 89a8c63b0a0c33b90e6af48bbc915d59f56f8877bed084a942455cf0d1d37ff5 |
| OCSP servers | http://ocsp.digicert.com - 92.95% uptime in the past 24 hours |
| OCSP stapling response | Certificate valid |
| OCSP data generated | Jul 8 03:44:57 2020 GMTÇŠ%16ËõuÝ\Å%09Ö%127>ã |
| OCSP data expires | Jul 15 02:59:57 2020 GMT |
Signed Certificate Timestamps (SCTs)
| Source | Log | Timestamp | Signature Verification |
|---|---|---|---|
| Certificate | Google Pilot pLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BA= |
2020-01-09 00:41:33 | Success |
| Certificate | DigiCert 1 VhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0= |
2020-01-09 00:41:33 | Success |
| Certificate | Google Rocketeer 7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/cs= |
2020-01-09 00:41:33 | Success |
Google EV whitelist
Certificate is not in Google's EV whitelist.
SSLv3/POODLE
This site does not support the SSL version 3 protocol.
More information about SSL version 3 and the POODLE vulnerability.
Heartbleed
The site offered the Heartbeat TLS extension prior to the Heartbleed disclosure, but is using a new certificate and no longer offers Heartbeat.
This test does not exploit the Heartbleed vulnerability but uses information from conventional HTTPS requests. More information about Heartbleed detection.
| Common name | DigiCert High Assurance EV Root CA |
|---|---|
| Organisational unit | www.digicert.com |
| Organisation | DigiCert Inc |
| Validity period | From 2006-11-10 to 2031-11-10 |
| Common name | DigiCert SHA2 Extended Validation Server CA |
|---|---|
| Organisational unit | www.digicert.com |
| Organisation | DigiCert Inc |
| Validity period | From 2013-10-22 to 2028-10-22 |
| Netblock owner | IP address | OS | Web server | Last seen |
|---|---|---|---|---|
| Akamai Technologies | 92.122.164.9 | Linux | unknown | 5-Jul-2020 |
| Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB | 96.6.121.165 | Linux | unknown | 28-Jun-2020 |
| Akamai Technologies | 92.122.164.9 | Linux | unknown | 6-Jun-2020 |
| Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB | 96.6.121.165 | Linux | unknown | 28-May-2020 |
| Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB | 104.82.192.50 | Linux | unknown | 21-May-2020 |
| Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB | 96.6.121.165 | Linux | unknown | 12-May-2020 |
| Akamai Technologies, Inc. 150 Broadway Cambridge MA US 02142 | 104.115.33.50 | Linux | unknown | 9-May-2020 |
| Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB | 96.6.121.165 | Linux | unknown | 1-May-2020 |
| Akamai Technologies | 92.122.164.9 | Linux | unknown | 29-Mar-2020 |
| Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB | 96.6.121.165 | Linux | unknown | 21-Mar-2020 |
A host's Sender Policy Framework (SPF) describes who can send mail on its behalf. This is done by publishing an SPF record containing a series of rules. Each rule consists of a qualifier followed by a specification of which domains to apply this qualifier to. For more information please see open-spf.org.
Warning: It appears that this host does not have an SPF record. There may be an SPF record on paypal.com: Check the site report.
Setting up an SPF record helps prevent the delivery of forged emails from your domain. Please note that an SPF record will only protect the domain it is added to and not any mail-enabled subdomains. It is recommended to add an SPF record to any subdomain with an MX record.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is a mechanism for domain owners to indicate how mail purporting to originate from their domain should be authenticated. It builds on SPF and DKIM, providing a method to set policy and to give reporting of failures. For more information please see dmarc.org.
This host does not have a DMARC record. There may be a DMARC record on the site report for paypal.com: Check the site report.
Web Trackers are third-party resources loaded onto a webpage. Trackable resources include social sharing widgets, javascript files, and images. These trackers can be used to monitor individual user behaviour across the web. Data derived from these trackers are primarily used for advertising or analytics purposes.
3 known trackers were identified.| Company | Primary Category | Tracker | Popular Sites with this Tracker |
|---|---|---|---|
| Ensighten | Analytics | Ensighten | www.td.com, www.paypal.com, www.regions.com |
| Analytics | Google Analytics | www.researchgate.net, www.bom.gov.au, www.liveomg.com | |
| PayPal | Widget | PayPal | www.cpuid.com, www.paypal.me, www.liveatc.net |
-
Includes all the main technologies that Netcraft detects as running on the server such as PHP.
Technology Description Popular sites using this technology CGI Applications The Common Gateway Interface (CGI) is a standard method for web server software to delegate the generation of web content to executable files www1.bmo.com, www.nab.com.au, www.schneier.com SSL A cryptographic protocol providing communication security over the Internet login.microsoftonline.com Perl Perl is a high-level, general-purpose, interpreted, dynamic programming language www.dianomi.com, www.kabum.com.br, www.drudgereport.com -
Includes all the main technologies that run on the browser (such as JavaScript and Adobe Flash).
Technology Description Popular sites using this technology Asynchronous Javascript No description www.ebay.com, www.bbc.co.uk, freebitco.in JavaScript Widely-supported programming language commonly used to power client-side dynamic content on websites t.co -
Frameworks or libraries allow for easier development of applications by providing an Application Program Interface (API) or a methodology to follow whilst developing.
Technology Description Popular sites using this technology Google Hosted Libraries Google API to retrieve JavaScript libraries www.google.com, www.researchgate.net, www.foxnews.com AJAX No description www.amazon.de, www.primevideo.com, www.amazon.fr -
A character encoding system consists of a code that pairs each character from a given repertoire with something else such as a bit pattern, sequence of natural numbers, octets, or electrical pulses in order to facilitate the transmission of data (generally numbers or text) through telecommunication networks or for data storage.
-
HTTP compression is a capability that can be built into web servers and web clients to make better use of available bandwidth, and provide greater transmission speeds between both.
Technology Description Popular sites using this technology Gzip Content Encoding Gzip HTTP Compression protocol www.kinopoisk.ru, www.idealo.de, www.tsetmc.com -
Web browser targeting enables software applications to make use of specific functions of the browser as well as optimizing the application for specific browser versions.
Technology Description Popular sites using this technology Strict Transport Security Web security policy mechanism whereby a web server declares that complying user agents are to interact with it using only secure HTTP connections www.amazon.com, disqus.com, medium.com Content Security Policy Detect and mitigate attacks in the browser www.pinterest.com, www.mozilla.org, dtm.advertising.com Document Compatibility Mode A meta-tag used in Internet Explorer 8 to enable compatibility mode www.baidu.com, teams.microsoft.com X-Content-Type-Options Browser MIME type sniffing is disabled www.googleadservices.com, accounts.google.com, vars.hotjar.com X-Frame-Options Same Origin Do not allow this site to be rendered within an iframe Content Security Policy Report Detect, mitigate and report attacks in the browser www.icloud.com, www.bol.com, www.seznam.cz X-XSS-Protection Block Block pages on which cross-site scripting is detected login.salesforce.com, discordapp.com -
A Document Type Declaration, or DOCTYPE, is an instruction that associates a particular SGML or XML document (for example, a webpage) with a Document Type Definition (DTD).
-
HTML5 is a markup language for structuring and presenting content for the World Wide Web and a core technology of the Internet. It is the fifth revision of the HTML standard.
Technology Description Popular sites using this technology Viewport meta tag HTML5 tag usually used for mobile optimization -
Cascading Style Sheets (CSS) is a style sheet language used for describing the presentation semantics (the look and formatting) of a document written in a markup language (such as XHTML).
Technology Description Popular sites using this technology External Styles defined within an external CSS file www.linkedin.com, www.microsoft.com, www.amazon.co.uk CSS Media Query No description www.imdb.com, www.paypal.com, www.msn.com