apple-g3.com Open in urlscan Pro
38.21.23.159 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://apple-g3.com/
Submission Tags: @phishunt_io
Submission: On July 03 via api (July 3rd 2023, 2:52:09 am UTC) from DE — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 38.21.23.159, located in United States and belongs to ROOT-NETWORKS Root Networks, GB. The main domain is apple-g3.com.
TLS certificate: Issued by R3 on May 8th 2023. Valid for: 3 months.

This is the only time apple-g3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	38.21.23.159 38.21.23.159	32708 (ROOT-NETW...) (ROOT-NETWORKS Root Networks)
1	216.118.239.165 216.118.239.165	45753 (NETSEC-HK...) (NETSEC-HK Netsec Limited)
8	3

6 38.21.23.159 (United States)

ASN32708 (ROOT-NETWORKS Root Networks, GB)
PTR: connect.rcp.net

apple-g3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.118.239.165 (Hong Kong)

ASN45753 (NETSEC-HK Netsec Limited, HK)

www.china51766.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	apple-g3.com apple-g3.com	15 KB
1	china51766.com www.china51766.com	6 KB
0	bet83a.com Failed www.bet83a.com Failed
8	3

	Domain	Requested by
6	apple-g3.com	apple-g3.com
1	www.china51766.com	apple-g3.com
0	www.bet83a.com Failed	www.china51766.com
8	3

This site contains no links.

Subject Issuer	Validity	Valid
apple-g3.com R3	`2023-05-08` - `2023-08-06`	3 months	crt.sh
china51766.com R3	`2023-06-24` - `2023-09-22`	3 months	crt.sh

This page contains 1 frames:

Frame: https://www.bet83a.com/
Frame ID: F2608F4701ABC6C8F856B7DFB1A76FE2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

21 kB
Transfer

72 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response apple-g3.com/	27 KB 7 KB	699ms 188ms	Document text/html	38.21.23.159 ROOT-NETWORKS Roo...
General Check archive.org Show headers Download Go to Full URL https://apple-g3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.23.159 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB), Reverse DNS connect.rcp.net Software nginx / Resource Hash `4074e27871f5e48e44dba3f76d884c75cf1016d3d8e3a2b7bb0dcc9d59f421d7` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 03 Jul 2023 02:51:47 GMT ETag W/"5d46962e-6afb" Last-Modified Sun, 04 Aug 2019 08:24:14 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	yesads.js Show response apple-g3.com/	1 KB 818 B	184ms 184ms	Script application/javascript	38.21.23.159 ROOT-NETWORKS Roo...
General Check archive.org Show headers Download Go to Full URL https://apple-g3.com/yesads.js Requested by Host: apple-g3.com URL: https://apple-g3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.23.159 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB), Reverse DNS connect.rcp.net Software nginx / Resource Hash `3721133f42296c4c9622aea69f2855b23a4092f7f40dffe9d33a690d49981451` Request headers accept-language de-DE,de;q=0.9 Referer https://apple-g3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Mon, 03 Jul 2023 02:51:48 GMT Content-Encoding gzip Last-Modified Sun, 09 Apr 2023 07:36:12 GMT Server nginx ETag W/"64326aec-4a5" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	dfiles11432indextplpubliccsscsscss.css apple-g3.com/images/	21 KB 6 KB	370ms 185ms	Stylesheet text/css	38.21.23.159 ROOT-NETWORKS Roo...
General Check archive.org Show headers Download Go to Full URL https://apple-g3.com/images/dfiles11432indextplpubliccsscsscss.css Requested by Host: apple-g3.com URL: https://apple-g3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.23.159 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB), Reverse DNS connect.rcp.net Software nginx / Resource Hash `2315b66f01d5bf82add8a8570f4740f3d5d1a3313b29393ea327d0704db07e8e` Request headers accept-language de-DE,de;q=0.9 Referer https://apple-g3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Mon, 03 Jul 2023 02:51:48 GMT Content-Encoding gzip Last-Modified Tue, 19 Jun 2018 06:16:40 GMT Server nginx ETag W/"5b289fc8-5415" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	_sitegray_sitegray_dcss.css apple-g3.com/images/	20 B 248 B	526ms 176ms	Stylesheet text/css	38.21.23.159 ROOT-NETWORKS Roo...
General Check archive.org Show headers Download Go to Full URL https://apple-g3.com/images/_sitegray_sitegray_dcss.css Requested by Host: apple-g3.com URL: https://apple-g3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.23.159 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB), Reverse DNS connect.rcp.net Software nginx / Resource Hash `183f83b69b6f7ced023f06bc9b98b2d00c9e08b5c627c1f6e9002f48f0bbfb5c` Request headers accept-language de-DE,de;q=0.9 Referer https://apple-g3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Mon, 03 Jul 2023 02:51:48 GMT Last-Modified Tue, 19 Jun 2018 06:16:41 GMT Server nginx ETag "5b289fc9-14" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 20
GET H/1.1	200 OK	indexvsbcss.css apple-g3.com/images/	187 B 416 B	535ms 178ms	Stylesheet text/css	38.21.23.159 ROOT-NETWORKS Roo...
General Check archive.org Show headers Download Go to Full URL https://apple-g3.com/images/indexvsbcss.css Requested by Host: apple-g3.com URL: https://apple-g3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.23.159 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB), Reverse DNS connect.rcp.net Software nginx / Resource Hash `9252ad971e8adddea652e654df1e3f65c67769487ce8aee70e86aea924dbf79f` Request headers accept-language de-DE,de;q=0.9 Referer https://apple-g3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Mon, 03 Jul 2023 02:51:48 GMT Last-Modified Tue, 19 Jun 2018 06:16:41 GMT Server nginx ETag "5b289fc9-bb" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 187
GET H/1.1	200 OK	openpvp.js Show response apple-g3.com/	103 B 346 B	338ms 181ms	Script application/javascript	38.21.23.159 ROOT-NETWORKS Roo...
General Check archive.org Show headers Download Go to Full URL https://apple-g3.com/openpvp.js Requested by Host: apple-g3.com URL: https://apple-g3.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 38.21.23.159 , United States, ASN32708 (ROOT-NETWORKS Root Networks, GB), Reverse DNS connect.rcp.net Software nginx / Resource Hash `88e3eb1eccb08ac40c7e6ffa4e9db241d44279523158ece34c53ef8449a609e7` Request headers accept-language de-DE,de;q=0.9 Referer https://apple-g3.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Mon, 03 Jul 2023 02:51:48 GMT Last-Modified Sun, 09 Apr 2023 07:36:12 GMT Server nginx ETag "64326aec-67" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 103
GET H/1.1	200 OK	1.js Show response www.china51766.com/	22 KB 6 KB	1105ms 217ms	Script application/javascript	216.118.239.165 NETSEC-HK Netsec ...
General Check archive.org Show headers Download Go to Full URL https://www.china51766.com/1.js Requested by Host: apple-g3.com URL: https://apple-g3.com/openpvp.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 216.118.239.165 , Hong Kong, ASN45753 (NETSEC-HK Netsec Limited, HK), Reverse DNS Software nginx / Resource Hash `9ba356e548942b8dd3b7d2aef4425185dcaff20812103b1b1b33bb4e0486329a` Request headers Referer https://apple-g3.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Mon, 03 Jul 2023 02:51:57 GMT Content-Encoding gzip Last-Modified Sun, 09 Apr 2023 07:04:40 GMT Server nginx ETag W/"64326388-59ab" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET		/ www.bet83a.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.bet83a.com
URL: https://www.bet83a.com/

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://apple-g3.com/openpvp.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.china51766.com/1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://apple-g3.com/openpvp.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.china51766.com/1.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apple-g3.com
www.bet83a.com
www.china51766.com
www.bet83a.com
216.118.239.165
38.21.23.159
183f83b69b6f7ced023f06bc9b98b2d00c9e08b5c627c1f6e9002f48f0bbfb5c
2315b66f01d5bf82add8a8570f4740f3d5d1a3313b29393ea327d0704db07e8e
3721133f42296c4c9622aea69f2855b23a4092f7f40dffe9d33a690d49981451
4074e27871f5e48e44dba3f76d884c75cf1016d3d8e3a2b7bb0dcc9d59f421d7
88e3eb1eccb08ac40c7e6ffa4e9db241d44279523158ece34c53ef8449a609e7
9252ad971e8adddea652e654df1e3f65c67769487ce8aee70e86aea924dbf79f
9ba356e548942b8dd3b7d2aef4425185dcaff20812103b1b1b33bb4e0486329a

apple-g3.com Open in urlscan Pro 38.21.23.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

21 kBTransfer

72 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

apple-g3.com Open in urlscan Pro
38.21.23.159 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

21 kB
Transfer

72 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions