Submitted URL: https://apple-shop-sale.ru/
Effective URL: https://www.c-store.ru/apple/1558/apple/airpods
Submission Tags: @phishunt_io
Submission: On November 04 via api from DE — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 185.165.123.35, located in Russian Federation and belongs to VARITI-AS, RU. The main domain is www.c-store.ru.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on January 8th 2021. Valid for: a year.
This is the only time www.c-store.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a03:6f00:6:1... 9123 (TIMEWEB-AS)
2 185.165.123.35 64432 (VARITI-AS)
3 2
Apex Domain
Subdomains
Transfer
2 c-store.ru
www.c-store.ru
214 KB
1 apple-shop-sale.ru
apple-shop-sale.ru
40 KB
3 2
Domain Requested by
2 www.c-store.ru apple-shop-sale.ru
www.c-store.ru
1 apple-shop-sale.ru
3 2

This site contains no links.

Subject Issuer Validity Valid
apple-shop-sale.ru
R3
2021-11-03 -
2022-02-01
3 months crt.sh
*.c-store.ru
Sectigo RSA Organization Validation Secure Server CA
2021-01-08 -
2022-01-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.c-store.ru/apple/1558/apple/airpods
Frame ID: 9F662F731B68133CF069965297E28B1E
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://apple-shop-sale.ru/ Page URL
  2. https://www.c-store.ru/apple/1558/apple/airpods Page URL
  3. https://www.c-store.ru/apple/1558/apple/airpods Page URL

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

254 kB
Transfer

320 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apple-shop-sale.ru/ Page URL
  2. https://www.c-store.ru/apple/1558/apple/airpods Page URL
  3. https://www.c-store.ru/apple/1558/apple/airpods Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
apple-shop-sale.ru/
107 KB
40 KB
Document
General
Full URL
https://apple-shop-sale.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:6f00:6:1::517:3276 , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
66b06181461cf5b374167b2c0902268d2a9ca5b63e4daead54769301e7f1508c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.14.1
date
Thu, 04 Nov 2021 01:00:41 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
content-encoding
gzip
airpods
www.c-store.ru/apple/1558/apple/
107 KB
107 KB
Document
General
Full URL
https://www.c-store.ru/apple/1558/apple/airpods?
Requested by
Host: apple-shop-sale.ru
URL: https://apple-shop-sale.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.165.123.35 , Russian Federation, ASN64432 (VARITI-AS, RU),
Reverse DNS
Software
Variti/0.9.3a /
Resource Hash
93b90cf43c6dc1861c029d14a9fdd8564fa3770add2983eb262082bce3736cf1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://apple-shop-sale.ru/

Response headers

Server
Variti/0.9.3a
Date
Thu, 4 Nov 2021 01:0055 GMT
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Length
109195
Connection
keep-alive
Keep-Alive
timeout=60
Primary Request airpods
www.c-store.ru/apple/1558/apple/
107 KB
107 KB
Document
General
Full URL
https://www.c-store.ru/apple/1558/apple/airpods?
Requested by
Host: www.c-store.ru
URL: https://www.c-store.ru/apple/1558/apple/airpods?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.165.123.35 , Russian Federation, ASN64432 (VARITI-AS, RU),
Reverse DNS
Software
Variti/0.9.3a /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.c-store.ru/apple/1558/apple/airpods?

Response headers

Server
Variti/0.9.3a
Date
Thu, 4 Nov 2021 01:0109 GMT
Content-Type
text/html
Access-Control-Allow-Origin
*
Content-Length
109195
Connection
keep-alive
Keep-Alive
timeout=60

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Domain/Path Name / Value
apple-shop-sale.ru/ Name: ipp_sign
Value: e77c68c07dee76f8d67104542ff799d8_585416626_8de189e387b69c87bc8508505c946e18
apple-shop-sale.ru/ Name: ipp_key
Value: v1635987641853/v33947245b95adc7a72e273/XDFy+Br/6gpIhirRU6UblA==
apple-shop-sale.ru/ Name: ipp_uid
Value: 1635987641853/FGfVZV1mbXhE5mwa/OeWZvw1glcQmyxK6ALvQ/Q==
apple-shop-sale.ru/ Name: ipp_uid1
Value: 1635987641853
apple-shop-sale.ru/ Name: ipp_uid2
Value: FGfVZV1mbXhE5mwa/OeWZvw1glcQmyxK6ALvQ/Q==
www.c-store.ru/ Name: ipp_key
Value: v1635987655627/v33947245b95adc7a72e273/T+BEmIbwGd1H1+GUcmICiw==
www.c-store.ru/ Name: ipp_uid
Value: 1635987655627/LlEtjY5IPT4PVVbC/ei4qP6fUHi+QGB/kejObfA==
www.c-store.ru/ Name: ipp_uid1
Value: 1635987655627
www.c-store.ru/ Name: ipp_uid2
Value: LlEtjY5IPT4PVVbC/ei4qP6fUHi+QGB/kejObfA==
www.c-store.ru/ Name: ipp_sign
Value: e77c68c07dee76f8d67104542ff799d8_2141652577_b4f56ab650936659ec4479c1fb79d6eb

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apple-shop-sale.ru
www.c-store.ru
185.165.123.35
2a03:6f00:6:1::517:3276
66b06181461cf5b374167b2c0902268d2a9ca5b63e4daead54769301e7f1508c
93b90cf43c6dc1861c029d14a9fdd8564fa3770add2983eb262082bce3736cf1