out of 100

SAFE

Is paypal.com safe?

PayPal.com is safe and legitimate based on this scan. It has a 93/100 safety score, clean threat results, and a valid DigiCert-issued TLS 1.3 certificate.

Google Safe Browsing

URLhaus

Spamhaus DNS BL

SURBL

SSL

Valid · TLSv1.3

Threats

None detected

Registrar

MarkMonitor.

Scanned

March 18, 2026

Website Screenshots

Desktop · 1920×1080

Mobile

PayPal.com scores 93/100 in our scan and is classified as safe. The site uses a valid TLS 1.3 certificate issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1, and every major threat check came back clean.

SSL Certificate & HTTPS Security

PayPal.com uses a valid SSL certificate with TLSv1.3, which is the current modern standard for secure web traffic. The certificate is issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1 (DigiCert Inc), expires in 111 days, and HSTS is enabled. That combination means the connection is encrypted and the browser is instructed to use HTTPS for future visits.

The redirect path also stays within the official domain: https://paypal.com/ redirects to https://www.paypal.com/, and the final URL resolves to https://www.paypal.com/es/home. That is normal behavior for a large international service and does not indicate a malicious redirect.

Threat Intelligence Results

The threat checks are clean across the board. Google Safe Browsing reports Clean, URLhaus reports Clean, and DNS blocklists from Spamhaus/SURBL also report Clean. Those results matter because they show the domain is not currently associated with phishing, malware distribution, or spam infrastructure.

The scanner also identifies paypal.com as a known domain with trusted reputation and a financial services category. Combined with the 93/100 safety score, the live scan supports the conclusion that this is the legitimate PayPal domain and not a lookalike scam site.

Domain History & Registrar Analysis

paypal.com is registered through MarkMonitor, Inc., a registrar commonly used by major brands to protect high-value domains. The scanner�s AI summary notes a long-standing history of over 26 years, which is consistent with a mature, established financial platform rather than a newly registered phishing domain.

The domain creation date is listed as unknown in the scan output, but the reputation signals are still strong: known domain, trusted reputation, and official brand alignment. For users checking legitimacy, that combination is far more important than a single missing WHOIS field.

Is PayPal Legitimate?

Yes. The scan confirms paypal.com is the official PayPal domain and classifies it as safe. The evidence is strong: 93/100 safety score, valid TLS 1.3 SSL, clean threat intelligence, trusted reputation, and reputable registrar management.

One caution: the scan flags missing security headers including X-Frame-Options, Referrer-Policy, COOP, COEP, and CORP. That is worth noting from a hardening perspective, but it does not override the overall safe verdict or indicate active compromise.

Scan Details

Safety Score93/100

VerdictSafe

SSL ValidYes

SSL IssuerDigiCert Global G2 TLS RSA SHA256 2020 CA1 (DigiCert Inc)

SSL ProtocolTLSv1.3

SSL Expires in111 days

HSTSEnabled

HTTP Status200

Response Time1068ms

RegistrarMarkMonitor, Inc.

Domain Created—

CategoryFinancial services

TechnologiesCloudflare, Google Analytics

Security Headers

HSTS X-Content-Type-Options CSP Permissions-Policy X-XSS-ProtectionX-Frame-OptionsReferrer-PolicyCOOPCOEPCORP

Frequently Asked Questions

is paypal safe?

Yes. Our scan gives paypal.com a 93/100 safety score and a safe verdict. Google Safe Browsing, URLhaus, and DNS blocklists all returned clean results, and the site uses a valid TLS 1.3 certificate from DigiCert.

Is paypal.com the official PayPal website?

Yes. The scanner identifies paypal.com as a known, trusted domain in the financial services category. The redirect chain stays on the official PayPal domain and ends at www.paypal.com.

Does PayPal use a secure SSL certificate?

Yes. PayPal.com uses a valid TLSv1.3 certificate issued by DigiCert Global G2 TLS RSA SHA256 2020 CA1 (DigiCert Inc). The certificate expires in 111 days, and HSTS is enabled.

Are there any malware or phishing warnings for PayPal?

No. Google Safe Browsing is clean, URLhaus is clean, and Spamhaus/SURBL DNS blocklists are clean. Those are strong indicators that the domain is not currently flagged for malware or phishing activity.

What security issues did the scan find on PayPal?

The scan found missing security headers: X-Frame-Options, Referrer-Policy, COOP, COEP, and CORP. These are hardening gaps, but the domain still scores 93/100 and remains classified as safe.

Run your own scan

Check any URL instantly

Private, free, no account required. Your scan results are never made public — unlike VirusTotal.

Re-scan paypal.com Download PDF report Scan a different URL