apple.24x7care.us Open in urlscan Pro
194.163.161.7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://apple.24x7care.us/
Submission Tags: @phishunt_io
Submission: On April 02 via api (April 2nd 2022, 2:46:48 am UTC) from DE — Scanned from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 194.163.161.7, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is apple.24x7care.us.
TLS certificate: Issued by R3 on April 1st 2022. Valid for: 3 months.

This is the only time apple.24x7care.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	194.163.161.7 194.163.161.7	51167 (CONTABO) (CONTABO)
9	209.126.11.74 209.126.11.74	40021 (CONTABO) (CONTABO)
11	3

1 194.163.161.7 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: mta0.hideit0xyz.com

apple.24x7care.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 209.126.11.74 (St Louis, United States)

ASN40021 (CONTABO, US)
PTR: vmi817078.contaboserver.net

zxcare.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	zxcare.site zxcare.site	236 KB
1	24x7care.us apple.24x7care.us	391 B
11	2

	Domain	Requested by
9	zxcare.site	apple.24x7care.us zxcare.site
1	apple.24x7care.us
11	2

This site contains no links.

Subject Issuer	Validity	Valid
apple.24x7care.us R3	`2022-04-01` - `2022-06-30`	3 months	crt.sh
zxcare.site R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://apple.24x7care.us/
Frame ID: 22B9E865B5093D26FAD1C860DA6485F7
Requests: 1 HTTP requests in this frame

Frame: https://zxcare.site/
Frame ID: F50A954C54706CCE3A58EA0077EBEC72
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

237 kB
Transfer

991 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response apple.24x7care.us/	95 B 391 B	293ms 80ms	Document text/html	194.163.161.7 CONTABO
General Check archive.org Show headers Download Go to Full URL https://apple.24x7care.us/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 194.163.161.7 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS mta0.hideit0xyz.com Software nginx / Resource Hash `f707e150a98e2a1e904f28116384c2b7a4a374c8e4dc5fc5162b3062bb818e57` Request headers Accept-Language en-US,en;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 104 Content-Type text/html Date Sat, 02 Apr 2022 02:46:43 GMT ETag "5f-5db9ea9b6c511-gzip" Last-Modified Fri, 01 Apr 2022 21:43:02 GMT Server nginx Vary Accept-Encoding
GET H2	200	/ Show response zxcare.site/ Frame F50A	31 KB 7 KB	155ms 55ms	Document text/html	209.126.11.74 CONTABO
General Check archive.org Show headers Download Go to Full URL https://zxcare.site/ Requested by Host: apple.24x7care.us URL: https://apple.24x7care.us/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.126.11.74 St Louis, United States, ASN40021 (CONTABO, US), Reverse DNS vmi817078.contaboserver.net Software ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 / Resource Hash `d1b900a15ad37358d3f8d8fe910986bdec17adc15244aa05d1891e6dd43448a6` Request headers Accept-Language en-US,en;q=0.9 Referer https://apple.24x7care.us/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers cache-control private content-encoding gzip content-length 7370 content-type text/html; charset=utf-8 date Sat, 02 Apr 2022 02:46:43 GMT p3p CP="NON CUR OUR STP STA PRE" server ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0
GET H2	200	Script.ashx Show response zxcare.site/ Frame F50A	504 KB 91 KB	33ms 32ms	Script text/javascript	209.126.11.74 CONTABO
General Check archive.org Show headers Download Go to Full URL https://zxcare.site/Script.ashx?__Cache=eda52fef-2efe-48f4-93d2-fbd856ce37af Requested by Host: zxcare.site URL: https://zxcare.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.126.11.74 St Louis, United States, ASN40021 (CONTABO, US), Reverse DNS vmi817078.contaboserver.net Software ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 / Resource Hash `537d2ffe49087cc1d1d1e94eeef58fcd2e89d73f4e16d10143b32e4cd7f31606` Request headers Accept-Language en-US,en;q=0.9 Referer https://zxcare.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sat, 02 Apr 2022 02:46:43 GMT content-encoding gzip server ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 vary Accept-Encoding, Accept-Language, Host, X-Forwarded-Host, X-Forwarded-Port, X-Forwarded-Proto content-type text/javascript; charset=utf-8 cache-control public, max-age=31469519 content-length 93326 expires Sat, 01 Apr 2023 08:18:43 GMT
GET H2	200	Default.css zxcare.site/App_Themes/LightWithBlue/ Frame F50A	361 KB 105 KB	59ms 59ms	Stylesheet text/css	209.126.11.74 CONTABO
General Check archive.org Show headers Download Go to Full URL https://zxcare.site/App_Themes/LightWithBlue/Default.css?__Cache=781edceb-0423-4866-859f-76a14c6aa87f Requested by Host: zxcare.site URL: https://zxcare.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.126.11.74 St Louis, United States, ASN40021 (CONTABO, US), Reverse DNS vmi817078.contaboserver.net Software ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 / Resource Hash `073d45aea07ee3351ca6391bf2557c9b6854f13e33303b88d4f35ee37c5b8299` Request headers Accept-Language en-US,en;q=0.9 Referer https://zxcare.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sat, 02 Apr 2022 02:46:43 GMT content-encoding gzip server ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 vary Accept-Encoding content-type text/css; charset=utf-8 cache-control public, max-age=31469519 content-length 106953 expires Sat, 01 Apr 2023 08:18:43 GMT
GET H2	200	Style.css zxcare.site/App_Extensions/82ff7736-d40b-43f0-9375-3394e4cdfb61/ Frame F50A	7 KB 5 KB	60ms 60ms	Stylesheet text/css	209.126.11.74 CONTABO
General Check archive.org Show headers Download Go to Full URL https://zxcare.site/App_Extensions/82ff7736-d40b-43f0-9375-3394e4cdfb61/Style.css Requested by Host: zxcare.site URL: https://zxcare.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.126.11.74 St Louis, United States, ASN40021 (CONTABO, US), Reverse DNS vmi817078.contaboserver.net Software ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 / Resource Hash `4d8c6971c72ade531df3f4c52119b0c84e6ca3f7bd60a1bd836618e52bb85679` Request headers Accept-Language en-US,en;q=0.9 Referer https://zxcare.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Sat, 02 Apr 2022 02:46:43 GMT content-encoding gzip server ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 content-type text/css; charset=utf-8 cache-control no-cache content-length 4553 expires -1
GET DATA	200 OK	truncated / Frame F50A	20 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Referer Origin https://zxcare.site Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Type text/plain;charset=US-ASCII
GET DATA	200 OK	truncated / Frame F50A	20 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Referer Origin https://zxcare.site Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Type text/plain;charset=US-ASCII
GET DATA	200 OK	truncated / Frame F50A	20 KB 0		Font text/plain
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Referer Origin https://zxcare.site Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Type text/plain;charset=US-ASCII
POST H2	200	GetGuestSessionInfo Show response zxcare.site/Services/PageService.ashx/ Frame F50A	105 B 224 B	60ms 60ms	XHR application/json	209.126.11.74 CONTABO
General Check archive.org Show headers Download Go to Full URL https://zxcare.site/Services/PageService.ashx/GetGuestSessionInfo Requested by Host: zxcare.site URL: https://zxcare.site/Script.ashx?__Cache=eda52fef-2efe-48f4-93d2-fbd856ce37af Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.126.11.74 St Louis, United States, ASN40021 (CONTABO, US), Reverse DNS vmi817078.contaboserver.net Software ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 / Resource Hash `e5bf263062a9788184d9ee8667754df15a3288053bc4d77de50fc3e67bb69844` Request headers Referer https://zxcare.site/ X-Anti-Forgery-Token 5/1InvbvKQ89IiKLDUP31zxsR5RzRRa5TGKRXRQbXuUBAAD9lidgs7MtQg== Accept-Language en-US,en;q=0.9 X-Unauthorized-Status-Code 403 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Sat, 02 Apr 2022 02:46:43 GMT server ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 content-type application/json; charset=utf-8 access-control-allow-origin https://zxcare.site cache-control no-cache, no-store access-control-allow-credentials true content-length 105 expires -1
GET H2	200	ActivityIndicator.gif zxcare.site/Images/ Frame F50A	27 KB 27 KB	51ms 51ms	Image image/gif	209.126.11.74 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://zxcare.site/Images/ActivityIndicator.gif Requested by Host: zxcare.site URL: https://zxcare.site/App_Themes/LightWithBlue/Default.css?__Cache=781edceb-0423-4866-859f-76a14c6aa87f Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.126.11.74 St Louis, United States, ASN40021 (CONTABO, US), Reverse DNS vmi817078.contaboserver.net Software ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 / Resource Hash `9d070c98f02f1d6287952256b47f7cd72eda89bda25ef99782325214a042f01a` Request headers Accept-Language en-US,en;q=0.9 Referer https://zxcare.site/App_Themes/LightWithBlue/Default.css?__Cache=781edceb-0423-4866-859f-76a14c6aa87f User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sat, 02 Apr 2022 02:46:43 GMT last-modified Thu, 10 Mar 2022 22:11:18 GMT server ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 etag "1D834CBC412C700" content-type image/gif cache-control public accept-ranges bytes content-length 27503 expires Sun, 03 Apr 2022 02:46:44 GMT
GET H2	200	Extras.svg zxcare.site/Images/ Frame F50A	322 B 374 B	50ms 50ms	Image image/svg+xml	209.126.11.74 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://zxcare.site/Images/Extras.svg Requested by Host: zxcare.site URL: https://zxcare.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.126.11.74 St Louis, United States, ASN40021 (CONTABO, US), Reverse DNS vmi817078.contaboserver.net Software ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 / Resource Hash `8fce4aad3b04f9b76a08bad9b2459e355bbf16a470486d689fa801b9a30e3061` Request headers Accept-Language en-US,en;q=0.9 Referer https://zxcare.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sat, 02 Apr 2022 02:46:43 GMT last-modified Thu, 10 Mar 2022 22:11:18 GMT server ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 etag "1D834CBC412C700" content-type image/svg+xml cache-control public accept-ranges bytes content-length 322 expires Sun, 03 Apr 2022 02:46:44 GMT
GET H2	200	WaffleIcon.svg zxcare.site/Images/ Frame F50A	821 B 861 B	52ms 51ms	Image image/svg+xml	209.126.11.74 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://zxcare.site/Images/WaffleIcon.svg Requested by Host: zxcare.site URL: https://zxcare.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.126.11.74 St Louis, United States, ASN40021 (CONTABO, US), Reverse DNS vmi817078.contaboserver.net Software ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 / Resource Hash `5bf4f707f250958980d313203989f1fca55b9446f34d667e7256f853d52e494d` Request headers Accept-Language en-US,en;q=0.9 Referer https://zxcare.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Sat, 02 Apr 2022 02:46:43 GMT last-modified Thu, 10 Mar 2022 22:11:18 GMT server ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 etag "1D834CBC412C700" content-type image/svg+xml cache-control public accept-ranges bytes content-length 821 expires Sun, 03 Apr 2022 02:46:44 GMT
GET DATA	200 OK	truncated / Frame F50A	241 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f65d4472eab3ae1671e14b2d09ccfc0345458929a18f797afd82dcf7cd3e1628` Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Type image/svg+xml
POST H2	200	GetGuestSessionInfo Show response zxcare.site/Services/PageService.ashx/ Frame F50A	105 B 165 B	49ms 49ms	XHR application/json	209.126.11.74 CONTABO
General Check archive.org Show headers Download Go to Full URL https://zxcare.site/Services/PageService.ashx/GetGuestSessionInfo Requested by Host: zxcare.site URL: https://zxcare.site/Script.ashx?__Cache=eda52fef-2efe-48f4-93d2-fbd856ce37af Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 209.126.11.74 St Louis, United States, ASN40021 (CONTABO, US), Reverse DNS vmi817078.contaboserver.net Software ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 / Resource Hash `0d3fa71d31c187ea666f5e62e0fd6181c8db53f164d051e72b4306fd81ff50a7` Request headers Referer https://zxcare.site/ X-Anti-Forgery-Token 5/1InvbvKQ89IiKLDUP31zxsR5RzRRa5TGKRXRQbXuUBAAD9lidgs7MtQg== Accept-Language en-US,en;q=0.9 X-Unauthorized-Status-Code 403 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Sat, 02 Apr 2022 02:46:45 GMT server ScreenConnect/22.2.7244.8111-871885741 Microsoft-HTTPAPI/2.0 content-type application/json; charset=utf-8 access-control-allow-origin https://zxcare.site cache-control no-cache, no-store access-control-allow-credentials true content-length 105 expires -1
POST		GetGuestSessionInfo zxcare.site/Services/PageService.ashx/ Frame F50A	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: zxcare.site
URL: https://zxcare.site/Services/PageService.ashx/GetGuestSessionInfo

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apple.24x7care.us
zxcare.site
zxcare.site
194.163.161.7
209.126.11.74
073d45aea07ee3351ca6391bf2557c9b6854f13e33303b88d4f35ee37c5b8299
0d3fa71d31c187ea666f5e62e0fd6181c8db53f164d051e72b4306fd81ff50a7
4d8c6971c72ade531df3f4c52119b0c84e6ca3f7bd60a1bd836618e52bb85679
537d2ffe49087cc1d1d1e94eeef58fcd2e89d73f4e16d10143b32e4cd7f31606
5bf4f707f250958980d313203989f1fca55b9446f34d667e7256f853d52e494d
8fce4aad3b04f9b76a08bad9b2459e355bbf16a470486d689fa801b9a30e3061
9d070c98f02f1d6287952256b47f7cd72eda89bda25ef99782325214a042f01a
d1b900a15ad37358d3f8d8fe910986bdec17adc15244aa05d1891e6dd43448a6
e5bf263062a9788184d9ee8667754df15a3288053bc4d77de50fc3e67bb69844
f65d4472eab3ae1671e14b2d09ccfc0345458929a18f797afd82dcf7cd3e1628
f707e150a98e2a1e904f28116384c2b7a4a374c8e4dc5fc5162b3062bb818e57

apple.24x7care.us Open in urlscan Pro 194.163.161.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

237 kBTransfer

991 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

apple.24x7care.us Open in urlscan Pro
194.163.161.7 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

237 kB
Transfer

991 kB
Size

0
Cookies

11 HTTP transactions
4 data transactions