words.last-technology.com
Open in
urlscan Pro
108.179.243.134
Malicious Activity!
Public Scan
Submission: On May 16 via manual from SE — Scanned from SE
Summary
TLS certificate: Issued by R3 on March 24th 2024. Valid for: 3 months.
This is the only time words.last-technology.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Autopay (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 108.179.243.134 108.179.243.134 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
1 | 151.101.1.195 151.101.1.195 | 54113 (FASTLY) (FASTLY) | |
10 | 3 |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 108-179-243-134.unifiedlayer.com
words.last-technology.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
last-technology.com
words.last-technology.com |
2 MB |
1 |
autopay.io
autopay.io |
20 KB |
10 | 2 |
Domain | Requested by | |
---|---|---|
9 | words.last-technology.com |
words.last-technology.com
|
1 | autopay.io |
words.last-technology.com
|
10 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.words.last-technology.com R3 |
2024-03-24 - 2024-06-22 |
3 months | crt.sh |
autopay.io WR3 |
2024-05-15 - 2024-08-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://words.last-technology.com/plugins/autono/
Frame ID: F5904BDA476B204CB66BA8D27245EA14
Requests: 13 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
words.last-technology.com/plugins/autono/ |
104 KB 36 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
raven.min.js
words.last-technology.com/cdn.ravenjs.com/3.24.2/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
init.html
words.last-technology.com/plugins/_/raven/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.298bd7c7fcbf5092a9d3.js
words.last-technology.com/plugins/autono/css/ |
4 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.298bd7c7fcbf5092a9d3.css
words.last-technology.com/plugins/autono/css/ |
1 MB 470 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
310 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
neIXzD-0qpwxpaWvjeD0X88SAOeasc8btSyqxA.woff2
autopay.io/fonts/ |
18 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.html
words.last-technology.com/plugins/ |
746 B 518 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-16x16.html
words.last-technology.com/plugins/ |
746 B 494 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-96x96.html
words.last-technology.com/plugins/ |
746 B 494 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
android-icon-192x192.html
words.last-technology.com/plugins/ |
746 B 518 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Autopay (Transportation)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
autopay.io
words.last-technology.com
108.179.243.134
151.101.1.195
2955d02287c795f380ad7e7f4fa781b36c926fbc379a040a4115186878ea65df
5ef8b1d2286af41a1d5859f67979f84b48037484ebeda0af5f18270e8c7c0ebe
6393f566cd132d52d76eeec9e95c5563bdb6a1fd2fc9d32d20d9271e6ac8ec0e
63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666
655199b2752e3af7d438b913d76dc47604d96f8f1dfeea0f2541e0c598beb1fd
97d008fb403dd9b58a4293ce2e543488ccba64f8644b7e11ff4070670dff51ec
e4ea46fe174609ff5f5460eaebd4e1eb98763b1cda636af69238922be0f51d7a
e9bdebb56f6570d058efb3ced46404b0ac6e1e22211034718e2be3e45cfd76a9