applecard.me
Open in
urlscan Pro
130.185.73.137
Malicious Activity!
Public Scan
Submission: On August 03 via api from ES
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on July 2nd 2020. Valid for: 3 months.
This is the only time applecard.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 130.185.73.137 130.185.73.137 | 60631 (PARVASYSTEM) (PARVASYSTEM) | |
10 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
applecard.me
applecard.me |
662 KB |
10 | 1 |
Domain | Requested by | |
---|---|---|
10 | applecard.me |
applecard.me
|
10 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
applecard.me Let's Encrypt Authority X3 |
2020-07-02 - 2020-09-30 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://applecard.me/
Frame ID: 85905F0F53F348A090927A8D23B88FC1
Requests: 10 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
applecard.me/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
applecard.me/css/ |
161 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert.png
applecard.me/images/ |
994 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iphone.png
applecard.me/images/ |
98 KB 99 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
applecard.me/js/ |
264 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_large.svg
applecard.me/images/ |
554 B 412 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.jpg
applecard.me/images/ |
221 KB 223 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
submit.png
applecard.me/images/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sf-pro-text_regular.woff2
applecard.me/fonts/SFFonts/ |
97 KB 97 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sf-pro-text_medium.woff2
applecard.me/fonts/SFFonts/ |
112 KB 111 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| ClipboardJS function| _ function| jQuery function| $ function| Popper function| axios object| Master object| Header object| Home2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
applecard.me/ | Name: apple_id_session Value: eyJpdiI6ImJlL3FteXprTWNuQStEbEtWZ0VzMXc9PSIsInZhbHVlIjoiTlpqbWszcVBZL3B4N2VoRFNxL3BHc2Mrb3AxRkg3T2xBOS9kL3JwNVIxL2dXYytkMmRVblhYT3BiSkZvNUltMCIsIm1hYyI6IjgyMjM0ZTJiZjZmZTI1NmRlNWYyOTMxMTFkMzIxZWMxODhmZDg3YTNkYjFjNjc3ZDhiMmY1Yzc5ZGI2YjI1ZDYifQ%3D%3D |
|
applecard.me/ | Name: XSRF-TOKEN Value: eyJpdiI6ImdwcGRmQWI0ZUVBRG9SOWFRUHI3RXc9PSIsInZhbHVlIjoiNHRWNlNTOE1TOU9TT2F4NXFiWUI0SVVLQXhXVEdwZ0pVclByL3l1ODA4V1k4UVhzeG4wZlBTc1dZOUMxQUFaMSIsIm1hYyI6ImNjNzRlNjA3OTU5MjkyMzNkZWQ1MDFjZmRjYmY0ZDgzMDIwODZkYTE2MGFhZTJiM2M3MmEyYzZkMmI1N2E1YmEifQ%3D%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
applecard.me
130.185.73.137
05699a43ce70f8a18db57c2a6a3a6a4dde8515ffaf1e6ed2a3c1d5c153e4366e
096f36e22f4d964c4cfc2e043d020c9cd69ace7503415612de8f1afd9c009237
1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5
1ef469b1526ad41d57fec895170dc9c894c5b2283a893abec6270ce9f93d5959
8afa64c978e2de29efa6cd8c044927309872220db64dc7a0a925d2f2c7b9580b
921bf32d3aaba5b460d5314311375ad4b41ccfd7b58cc00097c5a4d6c4881ae1
a5eb36a3035c0ce0494496eefecf2285229eb4273ca87e5430fdeb75e093269d
d4ba2c41da284f8f4f8b610820a21c23d3a843ded31eab94787267ac372a5509
edf843496ebd952f73325e42d511cdb0be75b59521cfeb78c5f8b65bddd2c86f
f0339e2203df3d0a516ecb1c2bf8b42f6375c22de459ae3f3ad2975757398dec