ScanMalware.com

Security Scan Report: www.paypal.com

Redirected to: https://www.paypal.com/auth/validatecaptcha

Site favicon
Submitted: Oct 22, 2025, 6:14:48 PMCompleted: Oct 22, 2025, 6:17:29 PMpubliccompleted
Loading additional data...

Summary

This website contacted 14 IPs in 2 countries across 7 domains to perform 107 HTTP transactions. The main domain is paypal.com and was registered NaN years ago.

Submitted URL: https://www.paypal.com/ncp/payment/UH9YQKMTCDBX8

Effective URL: https://www.paypal.com/auth/validatecaptchaRedirected

AI Security Verdict

Safe Website

Confidence: 95%

0
Risk Score

Legitimate PayPal security challenge page with no phishing or scam indicators.

Safety Factors
Official PayPal domain
Established domain age
No credential or payment collection on the page
Domain age information unavailable

Details

Page Title

PayPal

Scan Type

public

Language

🇺🇸

English

(62% confidence)

Category

technology software

(64%)

Domain Information

You're looking at domain 'www.paypal.com' on the commercial generic top-level domain (.com) and includes subdomain 'www'. Its registrable label 'paypal' stretches across 6 characters holding two vowels versus 4 consonants. Splitting it apart reveals 1 word: paypal. The linguistic tilt is Catalan for 'paypal'. It also appears in English and Vietnamese contexts.

Screenshot

Security scan screenshot of https://www.paypal.com/ncp/payment/UH9YQKMTCDBX8

Page Load Overview

1.37s
Total Load Time
107
HTTP Requests
7
Domains
1.9 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:62%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:62%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software64% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
64%
documentation technical
30%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
63172.64.153.163United States
AS13335CLOUDFLARENET
16142.250.186.67United States
AS15169GOOGLE
10142.250.185.131United States
AS15169GOOGLE
10146.75.121.21Frankfurt am Main, Hesse, Germany
AS54113FASTLY
7142.250.186.131United States
AS15169GOOGLE
7142.250.185.195United States
AS15169GOOGLE
72a00:1450:4001:82a::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
72a00:1450:4001:811::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
72a00:1450:4001:81d::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
72600:1901:0:179c::Kansas City, Missouri, United States
AS396982GOOGLE-CLOUD-PLATFORM
10714--

Detected Technologies8

Modernizrv2.6.1
100%
JQueryv3.7.1
100%
PayPal
60%
Underscore.js
50%
HSTS
40%
hCaptcha
30%
RequireJS
20%
Backbone.js
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1604272EE5D90E514A7019AD881F0F52D8247F66FED80DCD5F8EC81F92BD8BE61C02929

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:Zz8tc8t9Fq3OsdWe8mpPD9iPSCF79TYqNX7ec0ODGqvLxE:QFiOsdWe8mpPD9iPSCF79TYqNSkDGqvi

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:12336:RSFApwDkYlgYA9L8B3MILBAIwENwRfFFCAZAoQNUxYWkHcigAEAcyAvUAwiCAAFLApxUAdEiAagCgD0ByAWwcQYM+C/mEFgg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7e7ffffffffff
Perceptual Hash:e6669b9999992466
Difference Hash:000c0c0000000000
Wavelet Hash:fce4e0f800000000
Color Hash:#1f3e93

Other Hashes

Crop Resistant:000c0c0000000000

Scan History

Scan history not available

Unable to load historical scan data