urlscan.io logo urlscan.io
SecurityTrails logo

www.applewatchs6.com Open in urlscan Pro
3.229.59.32  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.applewatchs6.com/2
Submission Tags: @phishunt_io
Submission: On January 22 via api from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 16 HTTP transactions. The main IP is 3.229.59.32, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.applewatchs6.com.
TLS certificate: Issued by R3 on January 21st 2021. Valid for: 3 months.
This is the only time www.applewatchs6.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 3.229.59.32 14618 (AMAZON-AES)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
5 50.16.152.191 14618 (AMAZON-AES)
4 65.9.73.50 16509 (AMAZON-02)
16 7
1    3.229.59.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-59-32.compute-1.amazonaws.com
www.applewatchs6.com
4    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2600:9000:2057:9800:14:1a55:4f40:21 (United States)

ASN16509 (AMAZON-02, US)
d3iryrda585xkt.cloudfront.net
3    2606:4700:3037::ac43:82cb (United States)

ASN13335 (CLOUDFLARENET, US)
randomuser.me
5    50.16.152.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-152-191.compute-1.amazonaws.com
espire.api.hasoffers.com
4    65.9.73.50 (Seattle, United States)

ASN16509 (AMAZON-02, US)
media.go2speed.org
Domain Requested by
5 espire.api.hasoffers.com d3iryrda585xkt.cloudfront.net
4 media.go2speed.org
4 unpkg.com 2 redirects www.applewatchs6.com
3 randomuser.me
1 d3iryrda585xkt.cloudfront.net www.applewatchs6.com
1 www.applewatchs6.com
16 6

This site contains links to these domains. Also see Links.

Domain
www.getthatapp.co
Subject Issuer Validity Valid
www.applewatchs6.com
R3		 2021-01-21 -
2021-04-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-02 -
2021-08-02		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.api.hasoffers.com
Amazon		 2020-09-13 -
2021-10-15		 a year crt.sh
media.go2speed.org
Amazon		 2020-11-03 -
2021-12-04		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.applewatchs6.com/2
Frame ID: 648C84DC74A2F55C1CAE4CF0FE804F1B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /gunicorn(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /gunicorn(?:\/([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

7
IPs

1
Countries

954 kB
Transfer

3088 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://unpkg.com/react@16/umd/react.production.min.js HTTP 302
  • https://unpkg.com/react@16.14.0/umd/react.production.min.js
Request Chain 1
  • https://unpkg.com/react-dom@16/umd/react-dom.production.min.js HTTP 302
  • https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2
www.applewatchs6.com/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.applewatchs6.com/2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.59.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-59-32.compute-1.amazonaws.com
Software
gunicorn/19.9.0 /
Resource Hash
de5dd426b9de985016e4c9e674acbd6183542172045ea1f48b1afff572b810c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Host
www.applewatchs6.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Server
gunicorn/19.9.0
Date
Fri, 22 Jan 2021 14:19:27 GMT
Content-Type
text/html; charset=utf-8
X-Frame-Options
DENY
Content-Length
1244
X-Content-Type-Options
nosniff
Vary
Origin
Via
1.1 vegur
react.production.min.js
unpkg.com/react@16.14.0/umd/
Redirect Chain
  • https://unpkg.com/react@16/umd/react.production.min.js
  • https://unpkg.com/react@16.14.0/umd/react.production.min.js
12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.14.0/umd/react.production.min.js
Requested by
Host: www.applewatchs6.com
URL: https://www.applewatchs6.com/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 14:19:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2370114
vary
Accept-Encoding
cf-request-id
07cc0ff1b50000062da7064000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
c5f81f2dafb488ce25be1a026c410860
cache-control
public, max-age=31536000
cf-ray
6159e8fc5f8f062d-FRA

Redirect headers

date
Fri, 22 Jan 2021 14:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
263
vary
Accept, Accept-Encoding
content-length
64
cf-request-id
07cc0ff1a40000062d24a01000000001
server
cloudflare
location
/react@16.14.0/umd/react.production.min.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
f4c334898cecc5eaeb4edc69389958b4
cache-control
public, s-maxage=600, max-age=60
cf-ray
6159e8fc3f3c062d-FRA
react-dom.production.min.js
unpkg.com/react-dom@16.14.0/umd/
Redirect Chain
  • https://unpkg.com/react-dom@16/umd/react-dom.production.min.js
  • https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
Requested by
Host: www.applewatchs6.com
URL: https://www.applewatchs6.com/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 14:19:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2370115
vary
Accept-Encoding
cf-request-id
07cc0ff1b70000062d4abce000000001
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
e3cd430b7528aa0432d49a4e9730ee00
cache-control
public, max-age=31536000
cf-ray
6159e8fc5f9a062d-FRA

Redirect headers

date
Fri, 22 Jan 2021 14:19:28 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
291
vary
Accept, Accept-Encoding
content-length
72
cf-request-id
07cc0ff1a40000062d8e028000000001
server
cloudflare
location
/react-dom@16.14.0/umd/react-dom.production.min.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
651ecb1f7273f57117c86986fc8560de
cache-control
public, s-maxage=600, max-age=60
cf-ray
6159e8fc3f51062d-FRA
app.6aa9afe493db.js
d3iryrda585xkt.cloudfront.net/static/applewatchs6/ 		2 MB
776 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3iryrda585xkt.cloudfront.net/static/applewatchs6/app.6aa9afe493db.js
Requested by
Host: www.applewatchs6.com
URL: https://www.applewatchs6.com/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9800:14:1a55:4f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
gunicorn/19.9.0 /
Resource Hash
321923751baa12b13ca993f35cfbefee9f5ac782d83549713d5f07af10e385e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 14:19:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 16 Jan 2021 21:23:07 GMT
server
gunicorn/19.9.0
x-amz-cf-pop
FRA6-C1
etag
"60039f8b-273b4a"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=315360000, public, immutable
content-length
793197
via
1.1 vegur, 1.1 a350f357b825293e306b1b0a2cb490c1.cloudfront.net (CloudFront)
x-amz-cf-id
zAc5Sh05Qcy-McT3TyJCU8h_lRvKGCupofIa_nynBd5EAJbwuLaAnA==
truncated
/ 		139 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
132e3121ac2d4ebe50e30a4a41781fb8853e97e8278a799b4b12c40347d820fb

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		48 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f308ddf029c4acc11f4f50d64f7eb270ad911e7423c59063a6f0cd662bd209e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		70 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7393a098df05335773463c4b3e6160366a06925b516ae7e265765be654bb9d5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		56 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c53b1a65c87ef813b5c3c94d5400f2af516142b00ad175adc565e881b07dc292

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
68.jpg
randomuser.me/api/portraits/women/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://randomuser.me/api/portraits/women/68.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:82cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f07b84f12ef125cbb837a7bd64da401992f5f62bd55fee10d01cd3dcc8abae80

Request headers

Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 14:19:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1665967
content-length
6948
cf-request-id
07cc0ff7ae00003250c9179000000001
last-modified
Fri, 08 Apr 2016 02:26:17 GMT
server
cloudflare
etag
"570716c9-1b24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bR%2BYaYK0BRxX0SDSZkRbDL4KngfXE7rB2C9mp2IUMrZhx8FU7dyWMr%2FgfLqR42fplb4tV6gN%2FlcOsfaUoAtq814W41DFzTQwh5X1D2VfXZnv87Wwrc0xn72t"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6159e905ebfa3250-FRA
expires
Wed, 06 Jan 2021 08:34:18 GMT
48.jpg
randomuser.me/api/portraits/men/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://randomuser.me/api/portraits/men/48.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:82cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e43539bebcca5237503c5ee4472c71e6b5afd4960f0942896d49d4f4e75501e

Request headers

Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 14:19:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1582787
content-length
2843
cf-request-id
07cc0ff7af00003250078ee000000001
last-modified
Fri, 08 Apr 2016 02:26:17 GMT
server
cloudflare
etag
"570716c9-b1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gWxfIMqh9WCOXwvNb%2BNt3tVZLv7z47ISZWTfIgFP5e4oARcKOkY1ga81f0hd9YU%2Bnr%2BgSaHGr3NJYr%2BD5Bi8dGi0Y9Yn5I6cEofC4S2y%2BayjO7OCYz0HPidb"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6159e905ebff3250-FRA
expires
Mon, 04 Jan 2021 07:24:29 GMT
26.jpg
randomuser.me/api/portraits/women/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://randomuser.me/api/portraits/women/26.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:82cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90a38d15ecefa1704387dfba523d1c3e78b6344bcee586e0378e6af5e5f7cd0

Request headers

Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 14:19:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1581275
content-length
4680
cf-request-id
07cc0ff7ae00003250db8ac000000001
last-modified
Fri, 08 Apr 2016 02:26:17 GMT
server
cloudflare
etag
"570716c9-1248"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FMYTMjo48oFHjbXr4qx4L7sL8wZc3o1xbu9lt55zaJYPScLJeU%2BGybtAazcxWgx31xW4yHV8QW3lT7GlgCD4%2Bs7HZQ85kIdGEPZRIVQaIRBuHRjgA2haWEIv"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6159e905ebfd3250-FRA
expires
Wed, 06 Jan 2021 07:45:19 GMT
json
espire.api.hasoffers.com/Apiv3/ 		830 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://espire.api.hasoffers.com/Apiv3/json?NetworkToken=NETBp1OQHKM1OwVED641ic6hWLe5Jz&Target=Report&Method=getStats&fields[]=Stat.offer_id&fields[]=Offer.name&filters[Stat.date][conditional]=EQUAL_TO&filters[Stat.date][values][]=2021-01-22&filters[Stat.date][values][]=2021-01-22&sort[Stat.revenue]=desc&limit=4&totals=1
Requested by
Host: d3iryrda585xkt.cloudfront.net
URL: https://d3iryrda585xkt.cloudfront.net/static/applewatchs6/app.6aa9afe493db.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.152.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-152-191.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2f22822ce3c0543c4f4bd455dfeecfac1be034ee2f15c41e6ea8ce29b6541587

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 14:19:29 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
460
x-request-id
8467d03b-156f-4238-80bf-8babd1a4309b
json
espire.api.hasoffers.com/Apiv3/ 		898 B
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://espire.api.hasoffers.com/Apiv3/json?NetworkToken=NETBp1OQHKM1OwVED641ic6hWLe5Jz&Target=Offer&Method=getThumbnail&id=2130
Requested by
Host: d3iryrda585xkt.cloudfront.net
URL: https://d3iryrda585xkt.cloudfront.net/static/applewatchs6/app.6aa9afe493db.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.152.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-152-191.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7be114130c0ddb403d165cddb4b73a55cfcb3384fc1b0ff5b4f19f77fc3a9d4f

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 14:19:30 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
467
x-request-id
c645082c-94ff-4e42-9235-876e1ac9ae2d
json
espire.api.hasoffers.com/Apiv3/ 		904 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://espire.api.hasoffers.com/Apiv3/json?NetworkToken=NETBp1OQHKM1OwVED641ic6hWLe5Jz&Target=Offer&Method=getThumbnail&id=2179
Requested by
Host: d3iryrda585xkt.cloudfront.net
URL: https://d3iryrda585xkt.cloudfront.net/static/applewatchs6/app.6aa9afe493db.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.152.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-152-191.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e08b7ccc511764af1bf25a98605a85b91c912b8299d4c4fc12d4e36100c9e4da

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 14:19:30 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
472
x-request-id
8d961924-1f37-4cb0-acec-48e443e0fa7c
json
espire.api.hasoffers.com/Apiv3/ 		919 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://espire.api.hasoffers.com/Apiv3/json?NetworkToken=NETBp1OQHKM1OwVED641ic6hWLe5Jz&Target=Offer&Method=getThumbnail&id=2167
Requested by
Host: d3iryrda585xkt.cloudfront.net
URL: https://d3iryrda585xkt.cloudfront.net/static/applewatchs6/app.6aa9afe493db.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.152.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-152-191.compute-1.amazonaws.com
Software
Apache /
Resource Hash
47ab567290ca54e868186fe8d5083850321346e82fbabf3ce463eab36988e374

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 14:19:30 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
471
x-request-id
8c31d8b9-ea79-4f7b-8ede-1f653c1ad1f7
json
espire.api.hasoffers.com/Apiv3/ 		898 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://espire.api.hasoffers.com/Apiv3/json?NetworkToken=NETBp1OQHKM1OwVED641ic6hWLe5Jz&Target=Offer&Method=getThumbnail&id=2135
Requested by
Host: d3iryrda585xkt.cloudfront.net
URL: https://d3iryrda585xkt.cloudfront.net/static/applewatchs6/app.6aa9afe493db.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.152.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-152-191.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7cefc8d7e1580b6ddd2c43ce88fcd8b690583e7123325956273c74920ac28bcf

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 14:19:30 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With
content-length
468
x-request-id
08e3ce36-026c-4a8f-87da-b039206a98b4
iphone12promax.png
media.go2speed.org/brand/files/espire/2167/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.go2speed.org/brand/files/espire/2167/iphone12promax.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.50 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01b24b62551384f9b0ba9292bf2a777a2689f8d4678a230b5d07ac338c6e385c

Request headers

Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 22 Jan 2021 14:19:31 GMT
via
1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
last-modified
Tue, 20 Oct 2020 22:09:52 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
"3c66b9ee2511c0693bf0fece0978bebf"
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
22858
x-amz-cf-id
g-Fgg5WFYPhN2ddlfWJzuRkemiofbYo3DH7_SHgGFrMGjWPyJGqmRg==
cashapp750.png
media.go2speed.org/brand/files/espire/2135/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.go2speed.org/brand/files/espire/2135/cashapp750.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.50 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9aa69834456ec999b5305c0756728d5c6250d1214164e4b2b7d385d6c9cc7eb1

Request headers

Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 22 Jan 2021 14:19:30 GMT
via
1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
last-modified
Sun, 02 Aug 2020 23:08:48 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
"81274931e31482d79640db360539050c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
9594
x-amz-cf-id
iagjse0m5tHv94Sf5WiaEg9svlPd8hOGDJdlB12j60s8UcZMzCPUfg==
web_partial.jpg
media.go2speed.org/brand/files/espire/2179/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.go2speed.org/brand/files/espire/2179/web_partial.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.50 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e0a4dca848557991fd07cffe2d18f046052e927b933abf4c2bae6b0c8b239b1

Request headers

Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 22 Jan 2021 14:19:31 GMT
via
1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jan 2021 18:07:35 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
"01ff8bc0a3a726eb378a793d8b62514e"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
76841
x-amz-cf-id
uhpDnD8hh92or1lKzaP37FdAkpjaR5To6aJC2PvyXXulzAmmEa6lfQ==
cashapp750.png
media.go2speed.org/brand/files/espire/2130/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.go2speed.org/brand/files/espire/2130/cashapp750.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.50 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9aa69834456ec999b5305c0756728d5c6250d1214164e4b2b7d385d6c9cc7eb1

Request headers

Referer
https://www.applewatchs6.com/2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 22 Jan 2021 14:19:31 GMT
via
1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
last-modified
Mon, 20 Jul 2020 18:59:09 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
etag
"81274931e31482d79640db360539050c"
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
9594
x-amz-cf-id
haHBI2WvHMVeMi5otpmmY76aKRjKGxayH1mWj3g2fDw-P89FIf7GXg==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| React object| ReactDOM object| __core-js_shared__ object| regeneratorRuntime object| ReactApp function| generateOfferLink

0 Cookies

3 Console Messages

Source Level URL
Text
console-api log URL: https://d3iryrda585xkt.cloudfront.net/static/applewatchs6/app.6aa9afe493db.js(Line 577)
Message:
App props [object Object]
console-api log URL: https://d3iryrda585xkt.cloudfront.net/static/applewatchs6/app.6aa9afe493db.js(Line 577)
Message:
App props [object Object]
console-api log URL: https://d3iryrda585xkt.cloudfront.net/static/applewatchs6/app.6aa9afe493db.js(Line 577)
Message:
App props [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d3iryrda585xkt.cloudfront.net
espire.api.hasoffers.com
media.go2speed.org
randomuser.me
unpkg.com
www.applewatchs6.com
2600:9000:2057:9800:14:1a55:4f40:21
2606:4700:3037::ac43:82cb
2606:4700::6810:7caf
3.229.59.32
50.16.152.191
65.9.73.50
01b24b62551384f9b0ba9292bf2a777a2689f8d4678a230b5d07ac338c6e385c
132e3121ac2d4ebe50e30a4a41781fb8853e97e8278a799b4b12c40347d820fb
2f22822ce3c0543c4f4bd455dfeecfac1be034ee2f15c41e6ea8ce29b6541587
321923751baa12b13ca993f35cfbefee9f5ac782d83549713d5f07af10e385e0
3e43539bebcca5237503c5ee4472c71e6b5afd4960f0942896d49d4f4e75501e
47ab567290ca54e868186fe8d5083850321346e82fbabf3ce463eab36988e374
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5e0a4dca848557991fd07cffe2d18f046052e927b933abf4c2bae6b0c8b239b1
7393a098df05335773463c4b3e6160366a06925b516ae7e265765be654bb9d5f
7be114130c0ddb403d165cddb4b73a55cfcb3384fc1b0ff5b4f19f77fc3a9d4f
7cefc8d7e1580b6ddd2c43ce88fcd8b690583e7123325956273c74920ac28bcf
7f308ddf029c4acc11f4f50d64f7eb270ad911e7423c59063a6f0cd662bd209e
9aa69834456ec999b5305c0756728d5c6250d1214164e4b2b7d385d6c9cc7eb1
c53b1a65c87ef813b5c3c94d5400f2af516142b00ad175adc565e881b07dc292
de5dd426b9de985016e4c9e674acbd6183542172045ea1f48b1afff572b810c6
e08b7ccc511764af1bf25a98605a85b91c912b8299d4c4fc12d4e36100c9e4da
f07b84f12ef125cbb837a7bd64da401992f5f62bd55fee10d01cd3dcc8abae80
f90a38d15ecefa1704387dfba523d1c3e78b6344bcee586e0378e6af5e5f7cd0