www.applewatchs6.com
Open in
urlscan Pro
3.229.59.32
Malicious Activity!
Public Scan
Submission Tags: @phishunt_io
Submission: On January 22 via api from ES
Summary
TLS certificate: Issued by R3 on January 21st 2021. Valid for: 3 months.
This is the only time www.applewatchs6.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 3.229.59.32 3.229.59.32 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 4 | 2606:4700::68... 2606:4700::6810:7caf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:205... 2600:9000:2057:9800:14:1a55:4f40:21 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2606:4700:303... 2606:4700:3037::ac43:82cb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 50.16.152.191 50.16.152.191 | 14618 (AMAZON-AES) (AMAZON-AES) | |
4 | 65.9.73.50 65.9.73.50 | 16509 (AMAZON-02) (AMAZON-02) | |
16 | 7 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-59-32.compute-1.amazonaws.com
www.applewatchs6.com |
ASN16509 (AMAZON-02, US)
d3iryrda585xkt.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-152-191.compute-1.amazonaws.com
espire.api.hasoffers.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
hasoffers.com
espire.api.hasoffers.com |
3 KB |
4 |
go2speed.org
media.go2speed.org |
118 KB |
4 |
unpkg.com
2 redirects
unpkg.com |
41 KB |
3 |
randomuser.me
randomuser.me |
15 KB |
1 |
cloudfront.net
d3iryrda585xkt.cloudfront.net |
776 KB |
1 |
applewatchs6.com
www.applewatchs6.com |
1 KB |
16 | 6 |
Domain | Requested by | |
---|---|---|
5 | espire.api.hasoffers.com |
d3iryrda585xkt.cloudfront.net
|
4 | media.go2speed.org | |
4 | unpkg.com |
2 redirects
www.applewatchs6.com
|
3 | randomuser.me | |
1 | d3iryrda585xkt.cloudfront.net |
www.applewatchs6.com
|
1 | www.applewatchs6.com | |
16 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.getthatapp.co |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.applewatchs6.com R3 |
2021-01-21 - 2021-04-21 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-02 - 2021-08-02 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
*.api.hasoffers.com Amazon |
2020-09-13 - 2021-10-15 |
a year | crt.sh |
media.go2speed.org Amazon |
2020-11-03 - 2021-12-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.applewatchs6.com/2
Frame ID: 648C84DC74A2F55C1CAE4CF0FE804F1B
Requests: 20 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Title: GET STARTED
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://unpkg.com/react@16/umd/react.production.min.js HTTP 302
- https://unpkg.com/react@16.14.0/umd/react.production.min.js
- https://unpkg.com/react-dom@16/umd/react-dom.production.min.js HTTP 302
- https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
2
www.applewatchs6.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react.production.min.js
unpkg.com/react@16.14.0/umd/ Redirect Chain
|
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
react-dom.production.min.js
unpkg.com/react-dom@16.14.0/umd/ Redirect Chain
|
116 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.6aa9afe493db.js
d3iryrda585xkt.cloudfront.net/static/applewatchs6/ |
2 MB 776 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
139 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
48 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
70 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
56 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
68.jpg
randomuser.me/api/portraits/women/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
48.jpg
randomuser.me/api/portraits/men/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26.jpg
randomuser.me/api/portraits/women/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
espire.api.hasoffers.com/Apiv3/ |
830 B 675 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
espire.api.hasoffers.com/Apiv3/ |
898 B 681 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
espire.api.hasoffers.com/Apiv3/ |
904 B 686 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
espire.api.hasoffers.com/Apiv3/ |
919 B 685 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
espire.api.hasoffers.com/Apiv3/ |
898 B 682 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iphone12promax.png
media.go2speed.org/brand/files/espire/2167/ |
22 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cashapp750.png
media.go2speed.org/brand/files/espire/2135/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web_partial.jpg
media.go2speed.org/brand/files/espire/2179/ |
75 KB 75 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cashapp750.png
media.go2speed.org/brand/files/espire/2130/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| React object| ReactDOM object| __core-js_shared__ object| regeneratorRuntime object| ReactApp function| generateOfferLink0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
d3iryrda585xkt.cloudfront.net
espire.api.hasoffers.com
media.go2speed.org
randomuser.me
unpkg.com
www.applewatchs6.com
2600:9000:2057:9800:14:1a55:4f40:21
2606:4700:3037::ac43:82cb
2606:4700::6810:7caf
3.229.59.32
50.16.152.191
65.9.73.50
01b24b62551384f9b0ba9292bf2a777a2689f8d4678a230b5d07ac338c6e385c
132e3121ac2d4ebe50e30a4a41781fb8853e97e8278a799b4b12c40347d820fb
2f22822ce3c0543c4f4bd455dfeecfac1be034ee2f15c41e6ea8ce29b6541587
321923751baa12b13ca993f35cfbefee9f5ac782d83549713d5f07af10e385e0
3e43539bebcca5237503c5ee4472c71e6b5afd4960f0942896d49d4f4e75501e
47ab567290ca54e868186fe8d5083850321346e82fbabf3ce463eab36988e374
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5e0a4dca848557991fd07cffe2d18f046052e927b933abf4c2bae6b0c8b239b1
7393a098df05335773463c4b3e6160366a06925b516ae7e265765be654bb9d5f
7be114130c0ddb403d165cddb4b73a55cfcb3384fc1b0ff5b4f19f77fc3a9d4f
7cefc8d7e1580b6ddd2c43ce88fcd8b690583e7123325956273c74920ac28bcf
7f308ddf029c4acc11f4f50d64f7eb270ad911e7423c59063a6f0cd662bd209e
9aa69834456ec999b5305c0756728d5c6250d1214164e4b2b7d385d6c9cc7eb1
c53b1a65c87ef813b5c3c94d5400f2af516142b00ad175adc565e881b07dc292
de5dd426b9de985016e4c9e674acbd6183542172045ea1f48b1afff572b810c6
e08b7ccc511764af1bf25a98605a85b91c912b8299d4c4fc12d4e36100c9e4da
f07b84f12ef125cbb837a7bd64da401992f5f62bd55fee10d01cd3dcc8abae80
f90a38d15ecefa1704387dfba523d1c3e78b6344bcee586e0378e6af5e5f7cd0