urlscan.io logo urlscan.io
SecurityTrails logo

applepay.elasticsoft.xyz Open in urlscan Pro
82.209.218.244  Public Scan

Go To Rescan Add Verdict Report
URL: https://applepay.elasticsoft.xyz/
Submission Tags: @phishunt_io
Submission: On July 27 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 82.209.218.244, located in Minsk, Belarus and belongs to BELPAK-AS BELPAK, BY. The main domain is applepay.elasticsoft.xyz.
TLS certificate: Issued by R3 on July 27th 2022. Valid for: 3 months.
This is the only time applepay.elasticsoft.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 82.209.218.244 6697 (BELPAK-AS...)
1 2a01:b740:a04... 6185 (APPLE-AUSTIN)
2 2
Apex Domain
Subdomains		 Transfer
1 cdn-apple.com
applepay.cdn-apple.com — Cisco Umbrella Rank: 33962
29 KB
1 elasticsoft.xyz
applepay.elasticsoft.xyz
1 KB
2 2
Domain Requested by
1 applepay.cdn-apple.com applepay.elasticsoft.xyz
1 applepay.elasticsoft.xyz
2 2

This site contains no links.

Subject Issuer Validity Valid
applepay.elasticsoft.xyz
R3		 2022-07-27 -
2022-10-25		 3 months crt.sh
applepay.cdn-apple.com
Apple Public Server ECC CA 12 - G1		 2022-05-14 -
2023-06-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://applepay.elasticsoft.xyz/
Frame ID: 3A77F85CB0F2CF3ED0CB507A88E3788F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Title

Page Statistics

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

31 kB
Transfer

86 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
applepay.elasticsoft.xyz/ 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://applepay.elasticsoft.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.209.218.244 Minsk, Belarus, ASN6697 (BELPAK-AS BELPAK, BY),
Reverse DNS
mm-244-218-209-82.static.mgts.by
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
620f40e4979b0cc0896bb2731f346cf8662fd53e69b762c0ecab22425c628f9b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 27 Jul 2022 15:54:19 GMT
ETag
W/"62e12b7e-e15"
Last-Modified
Wed, 27 Jul 2022 12:11:42 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
apple-pay-sdk.js
applepay.cdn-apple.com/jsapi/v1/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js
Requested by
Host: applepay.elasticsoft.xyz
URL: https://applepay.elasticsoft.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:b740:a04:f000::7 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),
Reverse DNS
Software
Apple /
Resource Hash
8aeca11893e11ccf08d253c8ed0691a754b304be998a8ad91e3e87933d852064
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://applepay.elasticsoft.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-apple-jingle-correlation-key
6PBSKL4TX7UN7AK4W2DJPITCJA
Date
Wed, 27 Jul 2022 15:26:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-b3-traceid
f3c3252f93bfe8df815cb68697a26248
Age
1668
X-Cache
miss, hit-fresh
Cache-Control
public, max-age=86400, stale-while-revalidate=86400
b3
f3c3252f93bfe8df815cb68697a26248-0f0f5d5aba99d356
Connection
keep-alive
Content-Length
29029
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
*
apple-tk
false
Last-Modified
Tue, 12 Jul 2022 00:45:19 GMT
Server
Apple
apple-seq
0
X-Frame-Options
SAMEORIGIN
ETag
"b26a307ec7e9ca88338107430ba23cf8--gzip"
apple-originating-system
payment-client-service-PROD
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubdomains
Content-Type
application/javascript
Via
https/1.1 defra1-edge-lx-009.ts.apple.com (acdn/157.13273), http/1.1 defra1-edge-bx-025.ts.apple.com (acdn/157.13273)
x-apple-request-uuid
f3c3252f-93bf-e8df-815c-b68697a26248
x-b3-spanid
0f0f5d5aba99d356
Access-Control-Allow-Credentials
false
CDNUUID
ee93ff85-76cf-4d0a-840b-35fb710082ae-164130714

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackJsonp function| onApplePayButtonClicked

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applepay.cdn-apple.com
applepay.elasticsoft.xyz
2a01:b740:a04:f000::7
82.209.218.244
620f40e4979b0cc0896bb2731f346cf8662fd53e69b762c0ecab22425c628f9b
8aeca11893e11ccf08d253c8ed0691a754b304be998a8ad91e3e87933d852064