verificationsystem-x8014.greenoffice.es
Open in
urlscan Pro
81.21.65.98
Malicious Activity!
Public Scan
Submission Tags: phishing malicious Search All
Submission: On January 30 via api from US — Scanned from GB
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 30th 2022. Valid for: 3 months.
This is the only time verificationsystem-x8014.greenoffice.es was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 81.21.65.98 81.21.65.98 | 20738 (GD-EMEA-D...) (GD-EMEA-DC-LD5) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 151.101.66.133 151.101.66.133 | 54113 (FASTLY) (FASTLY) | |
2 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
16 | 4 |
ASN20738 (GD-EMEA-DC-LD5, DE)
PTR: ptr.greenoffice.es
verificationsystem-x8014.greenoffice.es |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
greenoffice.es
verificationsystem-x8014.greenoffice.es |
626 KB |
2 |
gstatic.com
fonts.gstatic.com |
23 KB |
1 |
paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 1385 |
71 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
1 KB |
16 | 4 |
Domain | Requested by | |
---|---|---|
12 | verificationsystem-x8014.greenoffice.es |
verificationsystem-x8014.greenoffice.es
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.paypalobjects.com |
verificationsystem-x8014.greenoffice.es
|
1 | fonts.googleapis.com |
verificationsystem-x8014.greenoffice.es
|
16 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
verificationsystem-x8014.greenoffice.es cPanel, Inc. Certification Authority |
2022-01-30 - 2022-04-30 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
www.paypal.com DigiCert SHA2 Extended Validation Server CA |
2021-11-02 - 2022-03-15 |
4 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-12-27 - 2022-03-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/myaccount/identity/
Frame ID: 56A9C5279206CDAF87E1125F47370921
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
PayPal Safety & SecurityDetected technologies
PayPal (Payment Processors) ExpandDetected patterns
- paypalobjects\.com
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/myaccount/identity/ |
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
G-Z118.css
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/lib/css/ |
50 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
U1-Z118.css
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/myaccount/identity/INC/ |
27 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/lib/js/ |
84 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.validate.js
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/lib/js/ |
45 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.filer.js
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/myaccount/identity/INC/ |
56 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
A4F0G5Z846G.jpg
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/lib/img/ |
119 KB 120 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ppcom-white.svg
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/lib/img/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
superbowlAsset.png
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/lib/img/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
14303695_853354554765349_388275294_o.jpg
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/myaccount/identity/INC/ |
133 KB 134 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite_countries_flag4.png
www.paypalobjects.com/webstatic/mktg/icons/ |
71 KB 71 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansBig-Regular.woff2
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/lib/css/font/ |
38 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PayPalSansBig-Light.woff2
verificationsystem-x8014.greenoffice.es/customer_center/customer-IDPP00C791/lib/css/font/ |
37 KB 38 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v24/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ieVl2ZhZI2eCN5jzbjEETS9weq8-19G7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v24/ |
7 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
verificationsystem-x8014.greenoffice.es/ | Name: PHPSESSID Value: 3b8ubcvaj37ikad93ilg5di641 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
verificationsystem-x8014.greenoffice.es
www.paypalobjects.com
151.101.66.133
2a00:1450:4001:809::200a
2a00:1450:4001:813::2003
81.21.65.98
2351bbc39303736cd3a670db10427adc13c256dd6b639f0545bfd104947d3427
2a1f1370eb7b24a307312112427dfd544fb838a8bef66babc936f5e870a22e52
4619d70d7bd1b3d7572940e9ee7f31bc4c07f4c9cad6ae2d3e5b2eb555b6a2c0
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6d8c1aaa12cc42c14544a8fce3bea6bfb906a0d5a771121dda683c35fb0fccf7
85f70e68e3ba976fbfee39a96c5275550eb881f302c7dedf91aa7d0a802ba5f6
9c14b809ca4d5de12a569239d46ab8ef5f7ac1b3804c9801583cbafb66d3e550
a66ae5acde6aa5a92add6680bdd5692103642584cbb7074df3f72430054cce39
b690e9792f4ced65ba995b886dd8af6fe90bfa752978ada6785de6468737765a
bdf62895ffb9e40aaf21ac88380750a4ec4800183bbab2bc74c0467ac143c0c4
d030f6633a5d0efd3f76fcf5ec98a0468c76770e618a401ffe5ddc7f6ccc844b
d11774a230aafc84e1bb3ee1f2d9279e1b2db4cbd2cce5e7797b2f689ad6287d
e1ea27fdcd7685662aafddcb85508914ec4dbeecfb6525a81e1e7976f385419b
e35c57fad02017983d4261c8d65697ec8b312a2a19127cb93f92d1eca6408015
f256bd19248337a5534120f439ee7d8955a4bab26c19033ea6b69d64bb884e56
fe192efe8fcf4b8d4f9d940c7617b25248a5d7186d6334ddd2410c4aebe4cd07