![](/screenshots/44e7f493-ddbb-4476-9c7e-625bb1a5625c.png)
appleid.apple.store-giftcard.app
Open in
urlscan Pro
45.85.90.91
Malicious Activity!
Public Scan
Effective URL: https://appleid.apple.store-giftcard.app/shop/do.php?cmd=bag&idx=70424716
Submission Tags: @phishunt_io
Submission: On April 14 via api from ES
Summary
TLS certificate: Issued by R3 on April 13th 2021. Valid for: 3 months.
This is the only time appleid.apple.store-giftcard.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 4 | 45.85.90.91 45.85.90.91 | 213035 (SERVERION...) (SERVERION-AS Serverion B.V.) | |
14 | 23.218.208.158 23.218.208.158 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2a02:26f0:710... 2a02:26f0:7100:1a9::1aca | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 104.111.230.79 104.111.230.79 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
18 | 4 |
ASN213035 (SERVERION-AS Serverion B.V., NL)
PTR: slot0.tymicare.com
appleid.apple.store-giftcard.app |
ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-158.deploy.static.akamaitechnologies.com
store.storeimages.cdn-apple.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-79.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
cdn-apple.com
store.storeimages.cdn-apple.com appleid.cdn-apple.com |
111 KB |
4 |
store-giftcard.app
2 redirects
appleid.apple.store-giftcard.app |
10 KB |
1 |
apple.com
www.apple.com |
|
18 | 3 |
Domain | Requested by | |
---|---|---|
14 | store.storeimages.cdn-apple.com |
appleid.apple.store-giftcard.app
store.storeimages.cdn-apple.com |
4 | appleid.apple.store-giftcard.app |
2 redirects
appleid.apple.store-giftcard.app
|
1 | appleid.cdn-apple.com |
appleid.apple.store-giftcard.app
|
1 | www.apple.com |
appleid.apple.store-giftcard.app
|
18 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.apple.com |
covid19.apple.com |
locate.apple.com |
apple.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
appleid.apple.store-giftcard.app R3 |
2021-04-13 - 2021-07-12 |
3 months | crt.sh |
store.storeimages.cdn-apple.com Apple Public Server RSA CA 12 - G1 |
2021-02-10 - 2022-03-12 |
a year | crt.sh |
www.apple.com DigiCert SHA2 Extended Validation Server CA-3 |
2020-10-07 - 2021-10-08 |
a year | crt.sh |
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1 |
2021-01-19 - 2022-02-18 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://appleid.apple.store-giftcard.app/shop/do.php?cmd=bag&idx=70424716
Frame ID: 84FF5BBF7ED8FB770CF35069AC9148B3
Requests: 18 HTTP requests in this frame
Screenshot
![](/screenshots/44e7f493-ddbb-4476-9c7e-625bb1a5625c.png)
Page URL History Show full URLs
-
https://appleid.apple.store-giftcard.app/shop
HTTP 301
https://appleid.apple.store-giftcard.app/shop/ HTTP 302
https://appleid.apple.store-giftcard.app/shop/do.php?cmd=bag&idx=70424716 Page URL
Detected technologies
![](/vendor/wappa/icons/Debian.png)
Detected patterns
- headers server /Debian/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
23 Outgoing links
These are links going to different origins than the main page.
Title: Apple
Search URL Search Domain Scan URL
Title: Shopping Bag
Search URL Search Domain Scan URL
Title: Mac
Search URL Search Domain Scan URL
Title: iPad
Search URL Search Domain Scan URL
Title: iPhone
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: TV
Search URL Search Domain Scan URL
Title: Music
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: COVID-19 Information
Search URL Search Domain Scan URL
Title: Visiting an Apple Store FAQ
Search URL Search Domain Scan URL
Title: Shop Apple Store Online
Search URL Search Domain Scan URL
Title: Accessories
Search URL Search Domain Scan URL
Title: AirPods
Search URL Search Domain Scan URL
Title: Find an Apple Store
Search URL Search Domain Scan URL
Title: other retailer
Search URL Search Domain Scan URL
Title: United States
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Sales and Refunds
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://appleid.apple.store-giftcard.app/shop
HTTP 301
https://appleid.apple.store-giftcard.app/shop/ HTTP 302
https://appleid.apple.store-giftcard.app/shop/do.php?cmd=bag&idx=70424716 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
do.php
appleid.apple.store-giftcard.app/shop/ Redirect Chain
|
32 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
v.js
appleid.apple.store-giftcard.app/shop/files/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
unified-signin.css
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/rs-account/3/dist/ |
237 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
external.css
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/shop/rs-external/rel/us/ |
211 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts
www.apple.com/wss/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authService.latest.min.js
appleid.cdn-apple.com/appleauth/static/jsapi/ |
44 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
giftcard-mail-billie-eilish-select-2021
store.storeimages.cdn-apple.com/4982/as-images.apple.com/is/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnav_apple_image__cxwwnrj0urau_large.svg
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/shop/rs-external/rel/us/ac-globalnav-dist/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ |
554 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnav_links_mac_image__fv4ktb435mum_large.svg
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/shop/rs-external/rel/us/ac-globalnav-dist/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ |
802 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnav_links_ipad_image__fefum478f4uq_large.svg
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/shop/rs-external/rel/us/ac-globalnav-dist/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ |
1002 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnav_links_iphone_image__dhepc4hn14cy_large.svg
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/shop/rs-external/rel/us/ac-globalnav-dist/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnav_links_watch_image__dfo5u4bhooqe_large.svg
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/shop/rs-external/rel/us/ac-globalnav-dist/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnav_links_tv_image__dtzdy60o3imq_large.svg
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/shop/rs-external/rel/us/ac-globalnav-dist/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ |
264 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnav_links_music_image__bewxrazzig02_large.svg
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/shop/rs-external/rel/us/ac-globalnav-dist/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnav_links_support_image__b24reo1n4fbm_large.svg
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/shop/rs-external/rel/us/ac-globalnav-dist/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnav_search_image__fca9mfoh8a2q_large.svg
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/shop/rs-external/rel/us/ac-globalnav-dist/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ |
707 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globalnav_bag_image__bmix8075eg4i_large.svg
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/shop/rs-external/rel/us/ac-globalnav-dist/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ |
718 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aosicons_regular.woff
store.storeimages.cdn-apple.com/4982/store.apple.com/shop/rs-account/3/dist/assets/as-icons/fonts/ |
9 KB 10 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| Validator function| set_addnl_vfunction function| clear_all_validations function| form_submit_handler function| add_validation function| ValidationDesc function| vdesc_validate function| ValidationSet function| add_validationdesc function| vset_validate function| validateEmailv2 function| mod10 function| V2validateData boolean| irOn object| AppleID object| idmsapis object| chatConfig object| assets object| fragments0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
appleid.apple.store-giftcard.app
appleid.cdn-apple.com
store.storeimages.cdn-apple.com
www.apple.com
104.111.230.79
23.218.208.158
2a02:26f0:7100:1a9::1aca
45.85.90.91
0cca8e3229f9e7d6f463ae4339a87dc393694106fbf1cc65e0bbc0ae9ba5d9a1
16e30f5480bc1dd538ad90ab859cda8a78badb4c3e9ddc3dfb5a5b6a358091e4
1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5
399d0a79cfcbff3da5d759355b463f507250c69b17fb3b90c5911fa8e12671f1
4209a6165a7b44b64f4a2b7bae04d1eac5367dcb03e823d9836bdaddfac5491a
42f0aa6c03d0bc9c101ae0c21bb85ccd0b8962bf08848149145cfde42ad4d825
81849741dc42d40b8338a222866c5009893103efb5bdc4101d0ae5ca4d6e1375
81f68951fe8b0d2bde8f61e6db2d17195934b90602172c709d6caf065832828e
8b25224a4527ed4efee23b222227fe0f00f1ef2ecfc3a64d0d55f9ba8a77d06b
8b8f63492e37e18fe9526aff4ee8c07cc5fb79828225e06151b7f1dfa9bbe9dc
9d73f1b11a90bae4f4619384aae0b4a89ef5f48efe3989bcd62b51f93621723b
a6184c9c55c75d613c2e81f5238d7e436714fab15e116eb29059d22817a90ef2
b11be71db6b645b3b039f69b5ffb6e627393ea4dc7f4df5e782a2fd90af0f181
d577c9d1bad004bdabb9d0995cec0714e98b76e6053f2765ed09c23de6f328b0
db645e8610c56a69be65cf9cf0ceebbb20bc505f1b91661b1617f8f7f26dbfc9
e3e8f864a3893b44258aedeb6260d85723541a9cdb5dc4daf141ccb769214648
f1cd98822be46341b217b662db5cf71af58e176b471250d3099b1370dcce57fa