pmodappl.us.lt
Open in
urlscan Pro
109.235.66.68
Malicious Activity!
Public Scan
Submission: On March 15 via manual from AU — Scanned from US
Summary
This is the only time pmodappl.us.lt was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Runescape (Online) Generic (Online) Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 109.235.66.68 109.235.66.68 | 62282 (RACKRAY U...) (RACKRAY UAB Rakrejus) | |
6 | 91.235.140.148 91.235.140.148 | 44521 (JAGEX-AS) (JAGEX-AS) | |
8 | 3 |
ASN44521 (JAGEX-AS, GB)
PTR: nginx.web.any.jagex.com
www.runescape.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
runescape.com
www.runescape.com — Cisco Umbrella Rank: 233433 |
627 KB |
2 |
us.lt
pmodappl.us.lt |
1 KB |
8 | 2 |
Domain | Requested by | |
---|---|---|
6 | www.runescape.com |
pmodappl.us.lt
www.runescape.com |
2 | pmodappl.us.lt |
pmodappl.us.lt
|
8 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.runescape.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-04 - 2024-10-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://pmodappl.us.lt/index/index.html
Frame ID: 22FE7C8ACA176C842004823481888E08
Requests: 10 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
pmodappl.us.lt/index/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Criciousand-meth-shake-Exit-be-till-in-ches-Shad
pmodappl.us.lt/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vendor-134.css
www.runescape.com/css/c/responsive/dual/ |
108 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site-134.css
www.runescape.com/css/c/responsive/dual/ |
399 KB 98 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
oldschool.png
www.runescape.com/img/responsive/common/logos/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runescape.png
www.runescape.com/img/responsive/common/logos/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tile.jpg
www.runescape.com/img/responsive/runescape/backgrounds/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dual2022.jpg
www.runescape.com/img/responsive/common/backgrounds/ |
501 KB 501 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
59 KB 59 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
25 KB 25 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Runescape (Online) Generic (Online) Microsoft (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
pmodappl.us.lt
www.runescape.com
109.235.66.68
91.235.140.148
1b89ca6caf8519eae363240a624f2139e5e5647adfe382b1c445734398d7f5fc
20c865ce77047a5c5803795945e97ee228b3a86bc72c6ac1779c96681e4ebac3
30ba861be995e2c6a3d2004e5bc4d51ab871a3656dde68069b57293f5101f9f3
3687b09c4994ffee6d6cc814f6096ff9bcf660d76f05f5e3a8240fa7ce7ae0bf
480f0c53edc1e4dfa14bc1479b8a298ecb4f4c5a92ba2917a3612eb8b242d13d
6865695148fa8984d5d3d639003a358bf01f2b89934b861d35d72fad4f341646
e48e93362cdac23391f9bb460098291904bcc73fb4f57446e22701860a07ed89
f050a0243705f05f9e0f007c0bfc75b6c2b29a315a3c563f14561e633671b238
f42de956764030289b870040bbb2d1f75aac9af3a0c087a0f1609880147fd346