laatransportation.com

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 148.72.119.75, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is laatransportation.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 15th 2019. Valid for: a year.

This is the only time laatransportation.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial) Generic Banking (Banking)

Domain & IP information

	IP Address		AS Autonomous System
5	148.72.119.75 148.72.119.75		26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
5	1

5 148.72.119.75 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-148-72-119-75.ip.secureserver.net

laatransportation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	laatransportation.com laatransportation.com	31 KB
5	1

	Domain	Requested by
5	laatransportation.com	laatransportation.com
5	1

This site contains no links.

Subject Issuer	Validity	Valid
247limocarservice.com Go Daddy Secure Certificate Authority - G2	`2019-06-15` - `2020-06-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/
Frame ID: B6B94DC09A27E7C73D0FE581DA7ED110
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

31 kB
Transfer

88 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/	4 KB 3 KB	538ms 219ms	Document text/html	148.72.119.75 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 148.72.119.75 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-148-72-119-75.ip.secureserver.net Software Apache / PHP/5.6.40 Resource Hash `215a69508583079a6c06d6203b5f84882c6ae4dd580b785de6335119afc462a1` Request headers :method GET :authority laatransportation.com :scheme https :path /Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 date Mon, 07 Oct 2019 21:45:11 GMT server Apache x-powered-by PHP/5.6.40 vary Accept-Encoding,User-Agent content-encoding gzip content-length 3021 content-type text/html; charset=UTF-8
GET H2	200	encrypter.js Show response laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/img/	10 KB 3 KB	109ms 108ms	Script application/javascript	148.72.119.75 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/img/encrypter.js Requested by Host: laatransportation.com URL: https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 148.72.119.75 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-148-72-119-75.ip.secureserver.net Software Apache / Resource Hash `61d72488b597b64396b1cca9e6d3b3e37473d014e48f29d810da8ad3b55a6442` Request headers Sec-Fetch-Mode no-cors Referer https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 07 Oct 2019 21:45:11 GMT content-encoding gzip last-modified Mon, 07 Oct 2019 06:51:05 GMT server Apache etag "262a1f-263f-5944c79c81fe3-gzip" vary Accept-Encoding,User-Agent content-type application/javascript status 200 accept-ranges bytes content-length 2773
GET H2	200	style.css laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/st/	53 KB 6 KB	103ms 102ms	Stylesheet text/css	148.72.119.75 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/st/style.css Requested by Host: laatransportation.com URL: https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 148.72.119.75 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-148-72-119-75.ip.secureserver.net Software Apache / Resource Hash `7806624ba5b8f472649750ff7ad3224b88ecb490e6e75275d6cf2dddea805db5` Request headers Sec-Fetch-Mode no-cors Referer https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 07 Oct 2019 21:45:11 GMT content-encoding gzip last-modified Mon, 07 Oct 2019 06:51:05 GMT server Apache etag "262a09-d3ae-5944c79c8142b-gzip" vary Accept-Encoding,User-Agent content-type text/css status 200 accept-ranges bytes content-length 6468
GET H2	200	alert.png laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/img/	17 KB 17 KB	105ms 105ms	Image image/png	148.72.119.75 GoDaddy.com
General Check archive.org Show headers Download Go to Show image Full URL https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/img/alert.png Requested by Host: laatransportation.com URL: https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 148.72.119.75 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-148-72-119-75.ip.secureserver.net Software Apache / Resource Hash `e72d5d5057dd618349cc5c13c78d856ecfab9715e9b8485d7d82f5e578ea7e35` Request headers Sec-Fetch-Mode no-cors Referer https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 07 Oct 2019 21:45:11 GMT last-modified Mon, 07 Oct 2019 06:51:05 GMT server Apache etag "262a18-42e5-5944c79c81bfb" content-type image/png status 200 accept-ranges bytes content-length 17125
GET H2	200	lo9o.svg laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/img/	5 KB 2 KB	100ms 99ms	Image image/svg+xml	148.72.119.75 GoDaddy.com
General Check archive.org Show headers Download Go to Show image Full URL https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/img/lo9o.svg Requested by Host: laatransportation.com URL: https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 148.72.119.75 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-148-72-119-75.ip.secureserver.net Software Apache / Resource Hash `b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5` Request headers Sec-Fetch-Mode no-cors Referer https://laatransportation.com/Access/clients/clients/clients/05b20f19b67ae97f78829b6830a57c46/st/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 07 Oct 2019 21:45:11 GMT content-encoding gzip last-modified Mon, 07 Oct 2019 06:51:05 GMT server Apache etag "262a12-1351-5944c79c81bfb-gzip" vary Accept-Encoding,User-Agent content-type image/svg+xml status 200 accept-ranges bytes content-length 1929

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial) Generic Banking (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

laatransportation.com
148.72.119.75
215a69508583079a6c06d6203b5f84882c6ae4dd580b785de6335119afc462a1
61d72488b597b64396b1cca9e6d3b3e37473d014e48f29d810da8ad3b55a6442
7806624ba5b8f472649750ff7ad3224b88ecb490e6e75275d6cf2dddea805db5
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
e72d5d5057dd618349cc5c13c78d856ecfab9715e9b8485d7d82f5e578ea7e35

laatransportation.com Open in urlscan Pro 148.72.119.75 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

31 kBTransfer

88 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

Indicators

laatransportation.com Open in urlscan Pro
148.72.119.75 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

31 kB
Transfer

88 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!