![](/screenshots/8c2b99cb-e873-4c6a-a77e-70ac8f12915b.png)
appcake.xyz
Open in
urlscan Pro
46.165.223.4
Malicious Activity!
Public Scan
Submission: On September 04 via manual from DE — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 16th 2022. Valid for: 3 months.
This is the only time appcake.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 46.165.223.4 46.165.223.4 | 28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10) | |
2 | 2a00:1450:400... 2a00:1450:400e:801::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:223... 2600:9000:223e:b000:d:6e55:e100:21 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2600:9000:225... 2600:9000:225e:6a00:12:a4d0:1300:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6812:acf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 46.105.201.240 46.105.201.240 | 16276 (OVH) (OVH) | |
1 | 192.99.8.27 192.99.8.27 | 16276 (OVH) (OVH) | |
21 | 8 |
ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: sharedserver12.host-stage-dns.com
appcake.xyz |
ASN16509 (AMAZON-02, US)
d1se0epgzz0xac.cloudfront.net |
ASN16509 (AMAZON-02, US)
d35kbxc0t24sp8.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
appcake.xyz
appcake.xyz |
223 KB |
6 |
cloudfront.net
d1se0epgzz0xac.cloudfront.net d35kbxc0t24sp8.cloudfront.net |
26 KB |
2 |
histats.com
s10.histats.com — Cisco Umbrella Rank: 18276 s4.histats.com — Cisco Umbrella Rank: 15820 |
5 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
2 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 691 |
18 KB |
1 |
gstatic.com
fonts.gstatic.com |
10 KB |
21 | 6 |
Domain | Requested by | |
---|---|---|
9 | appcake.xyz |
appcake.xyz
|
5 | d35kbxc0t24sp8.cloudfront.net |
d1se0epgzz0xac.cloudfront.net
|
2 | fonts.googleapis.com |
appcake.xyz
|
1 | s4.histats.com |
s10.histats.com
|
1 | s10.histats.com |
appcake.xyz
|
1 | maxcdn.bootstrapcdn.com |
appcake.xyz
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | d1se0epgzz0xac.cloudfront.net |
appcake.xyz
|
21 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
appcake.xyz cPanel, Inc. Certification Authority |
2022-07-16 - 2022-10-14 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-08-15 - 2022-11-07 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-29 - 2023-01-29 |
a year | crt.sh |
histats.com R3 |
2022-07-11 - 2022-10-09 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://appcake.xyz/gta-shark-cards/
Frame ID: E9F7F04A3C6EE7716168E27B631FC39B
Requests: 21 HTTP requests in this frame
Screenshot
![](/screenshots/8c2b99cb-e873-4c6a-a77e-70ac8f12915b.png)
Page Title
GTA Online Shark Card GeneratorDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
appcake.xyz/gta-shark-cards/ |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles38603860.css
appcake.xyz/gta-shark-cards/gift-images/maxed/ |
2 KB 746 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
appcake.xyz/gta-shark-cards/ajax.googleapis.com/ajax/libs/jquery/3.1.1/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
appcake.xyz/gta-shark-cards/use.fontawesome.com/releases/v5.4.2/css/ |
50 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
appcake.xyz/gta-shark-cards/maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
appcake.xyz/gta-shark-cards/maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
119 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 618 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d042753.js
d1se0epgzz0xac.cloudfront.net/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
appcake.xyz/gta-shark-cards/gift-images/maxed/ |
148 KB 148 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
verify.png
appcake.xyz/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.2870855.2725a.0.js
d35kbxc0t24sp8.cloudfront.net/public/external/v2/ |
10 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
d35kbxc0t24sp8.cloudfront.net/public/external/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
select.png
appcake.xyz/gta-shark-cards/gift-images/maxed/ |
362 B 405 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js15_as.js
s10.histats.com/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.php
s4.histats.com/stats/ |
50 B 184 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
d35kbxc0t24sp8.cloudfront.net/public/clockers/CustomButton/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
d35kbxc0t24sp8.cloudfront.net/public/ |
0 286 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
d35kbxc0t24sp8.cloudfront.net/public/external/ |
78 B 372 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)36 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery boolean| devmode function| makeid function| og_converted object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
appcake.xyz/ | Name: _cpguid Value: x32leqig7 |
|
appcake.xyz/ | Name: HstCfa3906868 Value: 1662286987714 |
|
appcake.xyz/ | Name: HstCla3906868 Value: 1662286987714 |
|
appcake.xyz/ | Name: HstCmu3906868 Value: 1662286987714 |
|
appcake.xyz/ | Name: HstPn3906868 Value: 1 |
|
appcake.xyz/ | Name: HstPt3906868 Value: 1 |
|
appcake.xyz/ | Name: HstCnv3906868 Value: 1 |
|
appcake.xyz/ | Name: HstCns3906868 Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
appcake.xyz
d1se0epgzz0xac.cloudfront.net
d35kbxc0t24sp8.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
s10.histats.com
s4.histats.com
192.99.8.27
2600:9000:223e:b000:d:6e55:e100:21
2600:9000:225e:6a00:12:a4d0:1300:21
2606:4700::6812:acf
2a00:1450:4001:813::2003
2a00:1450:400e:801::200a
46.105.201.240
46.165.223.4
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5f751a49e40b43dfb71aa80693cfde3547e28cc9710f1bb475f6abf50e0e7809
6b6ac09473d3ae4ec8e48ae077b50599e1855330ba5bfe7e23c578a40e9d53bc
6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb
817c144a7de95c03dd00337f2e6c0011e9afa24044999d4c52615ee90a6765a8
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
929f2abce2352fc3337a9a81ccf96ab76eaaa30235b77bac55c21885a040b859
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
d8591b93ad978d196a04e11b36484fc7cd41f9511ae3bc0810030c17dcff1831
d9b56c5dfceb688b3fcab1dfd6638f6be5ab87b3c10dff3f3f082eb2e3c20c48
da0663cc601417577cf79460972f94e9485c1d94918f0a0310828c5d17731c36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecad375d94c4acda2784c4c9fc6b7819af54bb52abb6b17862fdaf06ec5bbe76
ed1c95c172406e0dbf564ec4035cffad26eb419cf9644ae04598dae9ae1724d6
f0f2a573c8865ae8576b67d2a40ab1077a9e068c038447391d28db9ea98af931
fa17664c0ed622f2968d28a9905336e7c4095dbe6ddac8a5e48b651c918f474f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c