URL: https://applecard.me/
Submission: On August 03 via api from ES

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 10 HTTP transactions. The main IP is 130.185.73.137, located in Iran, Islamic Republic Of and belongs to PARVASYSTEM, IR. The main domain is applecard.me.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 2nd 2020. Valid for: 3 months.
This is the only time applecard.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

IP Address AS Autonomous System
10 130.185.73.137 60631 (PARVASYSTEM)
10 1
Apex Domain
Subdomains
Transfer
10 applecard.me
applecard.me
662 KB
10 1
Domain Requested by
10 applecard.me applecard.me
10 1

This site contains no links.

Subject Issuer Validity Valid
applecard.me
Let's Encrypt Authority X3
2020-07-02 -
2020-09-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://applecard.me/
Frame ID: 85905F0F53F348A090927A8D23B88FC1
Requests: 10 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

662 kB
Transfer

981 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
applecard.me/
9 KB
3 KB
Document
General
Full URL
https://applecard.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.185.73.137 , Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
Apache/2 / PHP/7.2.22
Resource Hash
8afa64c978e2de29efa6cd8c044927309872220db64dc7a0a925d2f2c7b9580b

Request headers

:method
GET
:authority
applecard.me
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 03 Aug 2020 11:01:59 GMT
server
Apache/2
x-powered-by
PHP/7.2.22
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6ImdwcGRmQWI0ZUVBRG9SOWFRUHI3RXc9PSIsInZhbHVlIjoiNHRWNlNTOE1TOU9TT2F4NXFiWUI0SVVLQXhXVEdwZ0pVclByL3l1ODA4V1k4UVhzeG4wZlBTc1dZOUMxQUFaMSIsIm1hYyI6ImNjNzRlNjA3OTU5MjkyMzNkZWQ1MDFjZmRjYmY0ZDgzMDIwODZkYTE2MGFhZTJiM2M3MmEyYzZkMmI1N2E1YmEifQ%3D%3D; expires=Mon, 03-Aug-2020 13:01:59 GMT; Max-Age=7200; path=/; samesite=lax apple_id_session=eyJpdiI6ImJlL3FteXprTWNuQStEbEtWZ0VzMXc9PSIsInZhbHVlIjoiTlpqbWszcVBZL3B4N2VoRFNxL3BHc2Mrb3AxRkg3T2xBOS9kL3JwNVIxL2dXYytkMmRVblhYT3BiSkZvNUltMCIsIm1hYyI6IjgyMjM0ZTJiZjZmZTI1NmRlNWYyOTMxMTFkMzIxZWMxODhmZDg3YTNkYjFjNjc3ZDhiMmY1Yzc5ZGI2YjI1ZDYifQ%3D%3D; expires=Mon, 03-Aug-2020 13:01:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
2455
content-type
text/html; charset=UTF-8
app.css
applecard.me/css/
161 KB
24 KB
Stylesheet
General
Full URL
https://applecard.me/css/app.css?id=c53e3db5130b48b55167
Requested by
Host: applecard.me
URL: https://applecard.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.185.73.137 , Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
Apache/2 /
Resource Hash
d4ba2c41da284f8f4f8b610820a21c23d3a843ded31eab94787267ac372a5509

Request headers

Referer
https://applecard.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 11:01:59 GMT
content-encoding
gzip
last-modified
Sun, 03 May 2020 08:33:02 GMT
server
Apache/2
etag
"2820b-5a4ba43356b80-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
status
200
accept-ranges
bytes
content-length
24763
alert.png
applecard.me/images/
994 B
1 KB
Image
General
Full URL
https://applecard.me/images/alert.png
Requested by
Host: applecard.me
URL: https://applecard.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.185.73.137 , Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
Apache/2 /
Resource Hash
a5eb36a3035c0ce0494496eefecf2285229eb4273ca87e5430fdeb75e093269d

Request headers

Referer
https://applecard.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 11:01:59 GMT
last-modified
Fri, 01 May 2020 14:35:48 GMT
server
Apache/2
etag
"3e2-5a49718e17900"
content-type
image/png
status
200
accept-ranges
bytes
content-length
994
iphone.png
applecard.me/images/
98 KB
99 KB
Image
General
Full URL
https://applecard.me/images/iphone.png
Requested by
Host: applecard.me
URL: https://applecard.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.185.73.137 , Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
Apache/2 /
Resource Hash
096f36e22f4d964c4cfc2e043d020c9cd69ace7503415612de8f1afd9c009237

Request headers

Referer
https://applecard.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 11:01:59 GMT
last-modified
Fri, 01 May 2020 14:35:48 GMT
server
Apache/2
etag
"188a8-5a49718e17900"
content-type
image/png
status
200
accept-ranges
bytes
content-length
100520
app.js
applecard.me/js/
264 KB
85 KB
Script
General
Full URL
https://applecard.me/js/app.js?id=c1c2e9d59020d190efa4
Requested by
Host: applecard.me
URL: https://applecard.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.185.73.137 , Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
Apache/2 /
Resource Hash
f0339e2203df3d0a516ecb1c2bf8b42f6375c22de459ae3f3ad2975757398dec

Request headers

Referer
https://applecard.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 11:01:59 GMT
content-encoding
gzip
last-modified
Sun, 03 May 2020 08:33:02 GMT
server
Apache/2
etag
"41f33-5a4ba43356b80-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
accept-ranges
bytes
image_large.svg
applecard.me/images/
554 B
412 B
Image
General
Full URL
https://applecard.me/images/image_large.svg
Requested by
Host: applecard.me
URL: https://applecard.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.185.73.137 , Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
Apache/2 /
Resource Hash
1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5

Request headers

Referer
https://applecard.me/css/app.css?id=c53e3db5130b48b55167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 11:01:59 GMT
content-encoding
gzip
last-modified
Fri, 01 May 2020 14:35:48 GMT
server
Apache/2
etag
"22a-5a49718e17900-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
status
200
accept-ranges
bytes
content-length
347
bg.jpg
applecard.me/images/
221 KB
223 KB
Image
General
Full URL
https://applecard.me/images/bg.jpg
Requested by
Host: applecard.me
URL: https://applecard.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.185.73.137 , Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
Apache/2 /
Resource Hash
edf843496ebd952f73325e42d511cdb0be75b59521cfeb78c5f8b65bddd2c86f

Request headers

Referer
https://applecard.me/css/app.css?id=c53e3db5130b48b55167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 11:01:59 GMT
last-modified
Fri, 01 May 2020 14:35:48 GMT
server
Apache/2
etag
"37458-5a49718e17900"
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
226392
submit.png
applecard.me/images/
18 KB
19 KB
Image
General
Full URL
https://applecard.me/images/submit.png
Requested by
Host: applecard.me
URL: https://applecard.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.185.73.137 , Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
Apache/2 /
Resource Hash
05699a43ce70f8a18db57c2a6a3a6a4dde8515ffaf1e6ed2a3c1d5c153e4366e

Request headers

Referer
https://applecard.me/css/app.css?id=c53e3db5130b48b55167
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 11:01:59 GMT
last-modified
Fri, 01 May 2020 14:35:48 GMT
server
Apache/2
etag
"49ac-5a49718e17900"
content-type
image/png
status
200
accept-ranges
bytes
content-length
18860
sf-pro-text_regular.woff2
applecard.me/fonts/SFFonts/
97 KB
97 KB
Font
General
Full URL
https://applecard.me/fonts/SFFonts/sf-pro-text_regular.woff2
Requested by
Host: applecard.me
URL: https://applecard.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.185.73.137 , Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
Apache/2 /
Resource Hash
1ef469b1526ad41d57fec895170dc9c894c5b2283a893abec6270ce9f93d5959

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://applecard.me/css/app.css?id=c53e3db5130b48b55167
Origin
https://applecard.me

Response headers

date
Mon, 03 Aug 2020 11:01:59 GMT
content-encoding
gzip
last-modified
Fri, 01 May 2020 14:35:48 GMT
server
Apache/2
etag
"182cc-5a49718e17900-gzip"
vary
Accept-Encoding,User-Agent
status
200
accept-ranges
bytes
sf-pro-text_medium.woff2
applecard.me/fonts/SFFonts/
112 KB
111 KB
Font
General
Full URL
https://applecard.me/fonts/SFFonts/sf-pro-text_medium.woff2
Requested by
Host: applecard.me
URL: https://applecard.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.185.73.137 , Iran, Islamic Republic Of, ASN60631 (PARVASYSTEM, IR),
Reverse DNS
Software
Apache/2 /
Resource Hash
921bf32d3aaba5b460d5314311375ad4b41ccfd7b58cc00097c5a4d6c4881ae1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://applecard.me/css/app.css?id=c53e3db5130b48b55167
Origin
https://applecard.me

Response headers

date
Mon, 03 Aug 2020 11:01:59 GMT
content-encoding
gzip
last-modified
Fri, 01 May 2020 14:35:48 GMT
server
Apache/2
etag
"1c140-5a49718e17900-gzip"
vary
Accept-Encoding,User-Agent
status
200
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ClipboardJS function| _ function| jQuery function| $ function| Popper function| axios object| Master object| Header object| Home

2 Cookies

Domain/Path Name / Value
applecard.me/ Name: apple_id_session
Value: eyJpdiI6ImJlL3FteXprTWNuQStEbEtWZ0VzMXc9PSIsInZhbHVlIjoiTlpqbWszcVBZL3B4N2VoRFNxL3BHc2Mrb3AxRkg3T2xBOS9kL3JwNVIxL2dXYytkMmRVblhYT3BiSkZvNUltMCIsIm1hYyI6IjgyMjM0ZTJiZjZmZTI1NmRlNWYyOTMxMTFkMzIxZWMxODhmZDg3YTNkYjFjNjc3ZDhiMmY1Yzc5ZGI2YjI1ZDYifQ%3D%3D
applecard.me/ Name: XSRF-TOKEN
Value: eyJpdiI6ImdwcGRmQWI0ZUVBRG9SOWFRUHI3RXc9PSIsInZhbHVlIjoiNHRWNlNTOE1TOU9TT2F4NXFiWUI0SVVLQXhXVEdwZ0pVclByL3l1ODA4V1k4UVhzeG4wZlBTc1dZOUMxQUFaMSIsIm1hYyI6ImNjNzRlNjA3OTU5MjkyMzNkZWQ1MDFjZmRjYmY0ZDgzMDIwODZkYTE2MGFhZTJiM2M3MmEyYzZkMmI1N2E1YmEifQ%3D%3D