Site report for https://www.paypal.com

Lookup another site?

Background

Site title	Send Money, Pay Online or Set Up a Merchant Account - PayPal
Site rank	93
Description	PayPal is the faster, safer way to send money and make an online payment or set up a merchant account.

Date first seen	October 2001
Netcraft Risk Rating	0/10
Primary language	English

Network

Site	https://www.paypal.com
Netblock Owner	Akamai Technologies
Domain	paypal.com
Nameserver	ppns1.phx.paypal.com
IP address	2.16.21.128 (VirusTotal)
DNS admin	hostmaster@paypal.com
IPv6 address	Not Present
Reverse DNS	a2-16-21-128.deploy.static.akamaitechnologies.com

Domain registrar	markmonitor.com
Nameserver organisation	whois.markmonitor.com
Organisation	PayPal Inc., 2211 North First Street,, San Jose, 95131, United States
Hosting company	Akamai Technologies
Top Level Domain	Commercial entities (.com)
DNS Security Extensions	Enabled
Hosting country	EU
Latest Performance	Performance Graph

IP delegation

IPv4 address (2.16.21.128)

IP range	Country	Name	Description
0.0.0.0-255.255.255.255	N/A	IANA-BLK	The whole IPv4 address space
↳ 2.0.0.0-2.255.255.255	Netherlands	2-RIPE	RIPE Network Coordination Centre
↳ 2.16.0.0-2.23.255.255	European Union	EU-AKAMAI-20100910
↳ 2.16.20.0-2.16.21.255	European Union	AKAMAI-PA	Akamai Technologies
↳ 2.16.21.128	European Union	AKAMAI-PA	Akamai Technologies

SSL/TLS

Assurance	Extended validation
Common name	www.paypal.com
Organisation	PayPal, Inc.
State	California
Country	US
Organisational unit	CDN Support
Subject Alternative Name	www.paypal.com, login.paypal.com, history.paypal.com, www.paypalobjects.com, pics.paypal.com
Validity period	From Jan 9 2020 to Jan 12 2022 (24 months, 3 days)
Matches hostname	Yes
Server	AkamaiGHost
Public key algorithm	rsaEncryption
Protocol version	TLSv1.2
Public key length	2048
Certificate check	ok
Signature algorithm	sha256WithRSAEncryption
Serial number	0x0ec34e770257004fadccf4a2f519d60c
Cipher	ECDHE-RSA-AES128-GCM-SHA256
Version number	0x02

Perfect Forward Secrecy	Yes
Next Protocol Negotiation	h2,h2-14,http/1.1,http/1.0
Supported TLS Extensions	RFC5746 renegotiation info, RFC4366 server name, RFC4492 EC point formats, RFC5077 session ticket, RFC4366 status request, Next Protocol Negotiation
Issuing organisation	DigiCert Inc
Issuer common name	DigiCert SHA2 Extended Validation Server CA
Issuer unit	www.digicert.com
Issuer location	Not Present
Issuer country	US
Issuer state	Not Present
Certificate Revocation Lists	http://crl3.digicert.com/sha2-ev-server-g2.crl http://crl4.digicert.com/sha2-ev-server-g2.crl
Certificate Hash	hKVo/uWx9K9D4kEpIkayKCUvYeg
Public Key Hash	89a8c63b0a0c33b90e6af48bbc915d59f56f8877bed084a942455cf0d1d37ff5
OCSP servers	http://ocsp.digicert.com - 100% uptime in the past 24 hours
OCSP stapling response	Certificate valid
OCSP data generated	Apr 6 03:45:11 2020 GMT
OCSP data expires	Apr 13 03:00:11 2020 GMT

Certificate Transparency

Signed Certificate Timestamps (SCTs)

Source	Log	Timestamp	Signature Verification
Certificate	Google Pilot pLkJkLQYWBSHuxOizGdwCjw1mAT5G9+443fNDsgN3BA=	2020-01-09 00:41:33	Success
Certificate	DigiCert 1 VhQGmi/XwuzT9eG9RLI+x0Z2ubyZEVzA75SYVdaJ0N0=	2020-01-09 00:41:33	Success
Certificate	Google Rocketeer 7ku9t3XOYLrhQmkfq+GeZqMPfl+wctiDAMR7iXqo/cs=	2020-01-09 00:41:33	Success

Google EV whitelist

Certificate is not in Google's EV whitelist.

SSLv3/POODLE

This site does not support the SSL version 3 protocol.

More information about SSL version 3 and the POODLE vulnerability.

Heartbleed

The site offered the Heartbeat TLS extension prior to the Heartbleed disclosure, but is using a new certificate and no longer offers Heartbeat.

This test does not exploit the Heartbleed vulnerability but uses information from conventional HTTPS requests. More information about Heartbleed detection.

SSL Certificate Chain

Common name	DigiCert High Assurance EV Root CA
Organisational unit	www.digicert.com
Organisation	DigiCert Inc
Validity period	From 2006-11-10 to 2031-11-10

Common name	DigiCert SHA2 Extended Validation Server CA
Organisational unit	www.digicert.com
Organisation	DigiCert Inc
Validity period	From 2013-10-22 to 2028-10-22

Hosting History

Netblock owner	IP address	OS	Web server	Last seen
Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB	96.6.121.165	Linux	unknown	5-Apr-2020
Akamai Technologies	92.122.164.9	Linux	unknown	29-Mar-2020
Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB	96.6.121.165	Linux	unknown	21-Mar-2020
Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB	23.212.232.101	Linux	unknown	14-Mar-2020
Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB	96.6.121.165	Linux	unknown	6-Mar-2020
Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB	173.222.129.174	Linux	unknown	20-Feb-2020
Akamai Technologies, Inc. 150 Broadway Cambridge MA US 02142	104.85.58.24	Linux	unknown	13-Feb-2020
Akamai International, BV Prins Bernhardplein 200 Amsterdam NL 1097 JB	23.212.232.226	Linux	unknown	6-Feb-2020
Akamai Technologies, Inc. 150 Broadway Cambridge MA US 02142	104.85.58.24	Linux	unknown	30-Jan-2020
Akamai	88.221.16.233	Linux	unknown	21-Jan-2020

Sender Policy Framework

A host's Sender Policy Framework (SPF) describes who can send mail on its behalf. This is done by publishing an SPF record containing a series of rules. Each rule consists of a qualifier followed by a specification of which domains to apply this qualifier to. For more information please see open-spf.org.

Warning: It appears that this host does not have an SPF record. There may be an SPF record on paypal.com: Check the site report.

Setting up an SPF record helps prevent the delivery of forged emails from your domain. Please note that an SPF record will only protect the domain it is added to and not any mail-enabled subdomains. It is recommended to add an SPF record to any subdomain with an MX record.

DMARC

DMARC (Domain-based Message Authentication, Reporting and Conformance) is a mechanism for domain owners to indicate how mail purporting to originate from their domain should be authenticated. It builds on SPF and DKIM, providing a method to set policy and to give reporting of failures. For more information please see dmarc.org.

This host does not have a DMARC record. There may be a DMARC record on the site report for paypal.com: Check the site report.

Web Trackers

Web Trackers are third-party resources loaded onto a webpage. Trackable resources include social sharing widgets, javascript files, and images. These trackers can be used to monitor individual user behaviour across the web. Data derived from these trackers are primarily used for advertising or analytics purposes.

3 known trackers were identified.

Company	Primary Category	Tracker	Popular Sites with this Tracker
Ensighten	Analytics	Ensighten	www.mayoclinic.org, www.dell.com, www.td.com
Google	Analytics	Google Analytics	www.roblox.com, www.arco.co.uk, www.globo.com
PayPal	Widget	PayPal	www.cpuid.com, www.paypal.me, www.leo.org

Site Technology (fetched 25 days ago)

Server-Side

Includes all the main technologies that Netcraft detects as running on the server such as PHP.

Technology	Description	Popular sites using this technology
CGI Applications	The Common Gateway Interface (CGI) is a standard method for web server software to delegate the generation of web content to executable files	www.nab.com.au, www.gnu.org, www.netweather.tv
SSL	A cryptographic protocol providing communication security over the Internet	login.microsoftonline.com
Perl	Perl is a high-level, general-purpose, interpreted, dynamic programming language	www.bahn.de, www.drudgereport.com, www.centrum24.pl

Client-Side

Includes all the main technologies that run on the browser (such as JavaScript and Adobe Flash).

Technology	Description	Popular sites using this technology
Asynchronous Javascript	No description	www.t-online.de, aws.amazon.com
JavaScript	Widely-supported programming language commonly used to power client-side dynamic content on websites

Client-Side Scripting Frameworks

Frameworks or libraries allow for easier development of applications by providing an Application Program Interface (API) or a methodology to follow whilst developing.

Technology	Description	Popular sites using this technology
Google Hosted Libraries	Google API to retrieve JavaScript libraries	www.researchgate.net, www.google.com, www.roblox.com
AJAX	No description	www.amazon.es, www.bbc.co.uk, www.amazon.fr

Character Encoding

A character encoding system consists of a code that pairs each character from a given repertoire with something else such as a bit pattern, sequence of natural numbers, octets, or electrical pulses in order to facilitate the transmission of data (generally numbers or text) through telecommunication networks or for data storage.

Technology	Description	Popular sites using this technology
UTF8	UCS Transformation Format 8 bit	googleads.g.doubleclick.net

HTTP Compression

HTTP compression is a capability that can be built into web servers and web clients to make better use of available bandwidth, and provide greater transmission speeds between both.

Technology	Description	Popular sites using this technology
Gzip Content Encoding	Gzip HTTP Compression protocol	www.mathworks.com, www.tsetmc.com, fr.shopping.rakuten.com

Web Browser Targeting

Web browser targeting enables software applications to make use of specific functions of the browser as well as optimizing the application for specific browser versions.

Technology	Description	Popular sites using this technology
Strict Transport Security	Web security policy mechanism whereby a web server declares that complying user agents are to interact with it using only secure HTTP connections	www.linkedin.com, www.paypal.com, medium.com
Content Security Policy	Detect and mitigate attacks in the browser	www.bitmex.com, accounts.google.com, discordapp.com
Document Compatibility Mode	A meta-tag used in Internet Explorer 8 to enable compatibility mode	www.ebay.com, teams.microsoft.com, 9gag.com
X-Content-Type-Options	Browser MIME type sniffing is disabled	www.googleadservices.com, gmail.com, disqus.com
X-Frame-Options Same Origin	Do not allow this site to be rendered within an iframe	clickserve.dartsearch.net, vars.hotjar.com
Content Security Policy Report	Detect, mitigate and report attacks in the browser	www.seznam.cz, www.airbnb.com, mail.google.com
X-XSS-Protection Block	Block pages on which cross-site scripting is detected

Doctype

A Document Type Declaration, or DOCTYPE, is an instruction that associates a particular SGML or XML document (for example, a webpage) with a Document Type Definition (DTD).

Technology	Description	Popular sites using this technology
HTML5	Latest revision of the HTML standard, the main markup language on the web

HTML 5

HTML5 is a markup language for structuring and presenting content for the World Wide Web and a core technology of the Internet. It is the fifth revision of the HTML standard.

Technology	Description	Popular sites using this technology
Viewport meta tag	HTML5 tag usually used for mobile optimization

CSS Usage

Cascading Style Sheets (CSS) is a style sheet language used for describing the presentation semantics (the look and formatting) of a document written in a markup language (such as XHTML).

Technology	Description	Popular sites using this technology
External	Styles defined within an external CSS file	www.facebook.com, www.microsoft.com, www.amazon.co.uk
CSS Media Query	No description	www.digikala.com, www.w3schools.com, www.zerohedge.com