ftp.icloudlock.co.za Open in urlscan Pro
156.0.96.72 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://ftp.icloudlock.co.za/
Submission: On March 26 via automatic, source openphish (March 26th 2022, 1:01:03 pm UTC) — Scanned from DE

Summary HTTP 21 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 21 HTTP transactions. The main IP is 156.0.96.72, located in South Africa and belongs to CLOUD-TELECOMS, ZA. The main domain is ftp.icloudlock.co.za.

This is the only time ftp.icloudlock.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address		AS Autonomous System
21	156.0.96.72 156.0.96.72		328227 (CLOUD-TEL...) (CLOUD-TELECOMS)
21	2

21 156.0.96.72 (South Africa)

ASN328227 (CLOUD-TELECOMS, ZA)
PTR: host2.cloudtools.co.za

ftp.icloudlock.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	icloudlock.co.za ftp.icloudlock.co.za	319 KB
21	1

	Domain	Requested by
21	ftp.icloudlock.co.za	ftp.icloudlock.co.za
21	1

This site contains links to these domains. Also see Links.

Domain
www.apple.com
store.apple.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://ftp.icloudlock.co.za/
Frame ID: C15BF6056D8F10374D2B2B00D4CA29A9
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Verify Apple ID - Login

Page Statistics

21
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

319 kB
Transfer

316 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.apple.com/
Title: Apple

Search URL Search Domain Scan URL

URL: http://store.apple.com/
Title: Store

Search URL Search Domain Scan URL

URL: http://www.apple.com/mac
Title: Mac

Search URL Search Domain Scan URL

URL: http://www.apple.com/iphone
Title: iPhone

Search URL Search Domain Scan URL

URL: http://www.apple.com/watch
Title: Watch

Search URL Search Domain Scan URL

URL: http://www.apple.com/ipad
Title: iPad

Search URL Search Domain Scan URL

URL: http://www.apple.com/ipod
Title: iPod

Search URL Search Domain Scan URL

URL: http://www.apple.com/itunes
Title: iTunes

Search URL Search Domain Scan URL

URL: http://www.apple.com/support
Title: Support

Search URL Search Domain Scan URL

URL: http://www.apple.com/search/
Title: Search apple.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ftp.icloudlock.co.za/	10 KB 11 KB	1547ms 180ms	Document text/html	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Full URL http://ftp.icloudlock.co.za/ Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / PHP/7.3.33 Resource Hash `65b443dd11b0db9269b53e64807aa2137c50aef4b7749e16e5d6bc351390b6ae` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sat, 26 Mar 2022 13:00:51 GMT Server Apache/2.4.52 (CentOS) X-Powered-By PHP/7.3.33 Upgrade h2 Connection Upgrade, close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	navigation.css ftp.icloudlock.co.za/images/	44 KB 44 KB	180ms 180ms	Stylesheet text/css	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Full URL http://ftp.icloudlock.co.za/images/navigation.css Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/ Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `599dd5f8d4929d1e718bb93fd0531a0427b8a23b04d6591dd8cc8728ca52dbaf` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:51 GMT Last-Modified Fri, 25 Mar 2022 21:34:57 GMT Server Apache/2.4.52 (CentOS) ETag "af81-5db11bbf0bc28" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type text/css Content-Length 44929
GET H/1.1	200 OK	base.css ftp.icloudlock.co.za/images/	35 KB 36 KB	359ms 180ms	Stylesheet text/css	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Full URL http://ftp.icloudlock.co.za/images/base.css Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/ Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `5b9e9378b07cf3fb9e5411b2ed6608e0a906e030171e6d5cc7e221c7a5f31711` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:51 GMT Last-Modified Fri, 25 Mar 2022 21:04:23 GMT Server Apache/2.4.52 (CentOS) ETag "8d07-5db114e9863de" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type text/css Content-Length 36103
GET H/1.1	200 OK	id.css ftp.icloudlock.co.za/images/	111 KB 111 KB	359ms 180ms	Stylesheet text/css	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Full URL http://ftp.icloudlock.co.za/images/id.css Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/ Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `1ee2b37d3e1c6287b10ea8368c3720725c22647cefda382f6327c390d1e8ece9` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:51 GMT Last-Modified Fri, 25 Mar 2022 21:17:45 GMT Server Apache/2.4.52 (CentOS) ETag "1bccc-5db117e6c8632" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type text/css Content-Length 113868
GET H/1.1	200 OK	hsa.css ftp.icloudlock.co.za/images/	61 KB 61 KB	538ms 360ms	Stylesheet text/css	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Full URL http://ftp.icloudlock.co.za/images/hsa.css Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/ Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `beb4dd1a5409a584f9f979fe4fb810f121fcd62eee8a7ef237f80a6a93ed41b2` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:51 GMT Last-Modified Fri, 25 Mar 2022 21:14:41 GMT Server Apache/2.4.52 (CentOS) ETag "f3d2-5db11736ecb16" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type text/css Content-Length 62418
GET H/1.1	404 Not Found	logo.png ftp.icloudlock.co.za/images/	282 B 282 B	360ms 180ms	Image text/html	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/logo.png Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/ Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `9243c15d8075a1443b723719010a085d10365b79745605f800dcb3ea67b8162b` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:53 GMT Server Apache/2.4.52 (CentOS) Connection close Content-Length 282 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	usa.png ftp.icloudlock.co.za/images/	5 KB 5 KB	359ms 179ms	Image image/png	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/usa.png Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/ Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `45cc3a70de8db3fde81b3228c0a9a5f81764225bb58668ce29ad4862854e5df5` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:54 GMT Last-Modified Fri, 25 Mar 2022 21:48:43 GMT Server Apache/2.4.52 (CentOS) ETag "1421-5db11ed2a7c93" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type image/png Content-Length 5153
GET H/1.1	200 OK	blackout.css ftp.icloudlock.co.za/images/	12 KB 12 KB	360ms 179ms	Stylesheet text/css	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Full URL http://ftp.icloudlock.co.za/images/blackout.css Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/id.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `7d0cc2c7f2ed1da7ad9e282668a297be97953dc7252c910e87364dc1ef90d45f` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/id.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:54 GMT Last-Modified Fri, 25 Mar 2022 21:04:23 GMT Server Apache/2.4.52 (CentOS) ETag "301f-5db114e988aee" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type text/css Content-Length 12319
GET H/1.1	200 OK	ac_quicktime.css ftp.icloudlock.co.za/images/	2 KB 2 KB	360ms 181ms	Stylesheet text/css	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Full URL http://ftp.icloudlock.co.za/images/ac_quicktime.css Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/blackout.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `58f31a97a7f6d0f606e3afbde9d10cd054d4853c47ee90f6895c55cd32d6e6f3` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/blackout.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:54 GMT Last-Modified Fri, 25 Mar 2022 21:03:44 GMT Server Apache/2.4.52 (CentOS) ETag "677-5db114c498138" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type text/css Content-Length 1655
GET H/1.1	200 OK	overlay.css ftp.icloudlock.co.za/images/	10 KB 10 KB	361ms 181ms	Stylesheet text/css	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Full URL http://ftp.icloudlock.co.za/images/overlay.css Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/blackout.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `7c45c3f75ee877ce450a5a6b31bf2416a29a00f9f88e57b0c9d74a48f8e6df22` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/blackout.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:54 GMT Last-Modified Fri, 25 Mar 2022 21:37:39 GMT Server Apache/2.4.52 (CentOS) ETag "2850-5db11c59bcd1b" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type text/css Content-Length 10320
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d13e8e2d457c3fb3e57d9f119f46b500f0d32dac257c3bcf5a654cd161cfa18f` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	200 OK	tab_store.svg ftp.icloudlock.co.za/images/	3 KB 3 KB	364ms 181ms	Image image/svg+xml	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/tab_store.svg Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/navigation.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `87fb7381b1d34f9d28717658a39845c92f37fc84878ba6eee3c8d83be04508ae` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/navigation.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:55 GMT Last-Modified Fri, 25 Mar 2022 21:48:00 GMT Server Apache/2.4.52 (CentOS) ETag "adc-5db11ea99c6a9" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type image/svg+xml Content-Length 2780
GET H/1.1	200 OK	tab_mac.svg ftp.icloudlock.co.za/images/	2 KB 2 KB	719ms 179ms	Image image/svg+xml	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/tab_mac.svg Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/navigation.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `14480fe629c946d57b3de979d2fa0209832e34225489318fcefb01b2de4df764` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/navigation.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:55 GMT Last-Modified Fri, 25 Mar 2022 21:46:52 GMT Server Apache/2.4.52 (CentOS) ETag "6d4-5db11e68f016c" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type image/svg+xml Content-Length 1748
GET H/1.1	200 OK	tab_iphone.svg ftp.icloudlock.co.za/images/	3 KB 3 KB	722ms 179ms	Image image/svg+xml	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/tab_iphone.svg Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/navigation.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `bc9313cda2ca4406017fc5b0cf62fdc3da623204311730f26fd94eeefcedb096` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/navigation.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:55 GMT Last-Modified Fri, 25 Mar 2022 21:45:42 GMT Server Apache/2.4.52 (CentOS) ETag "b99-5db11e2647f56" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type image/svg+xml Content-Length 2969
GET H/1.1	200 OK	tab_watch.svg ftp.icloudlock.co.za/images/	2 KB 3 KB	721ms 179ms	Image image/svg+xml	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/tab_watch.svg Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/navigation.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `65970e046590bb293d3570eeef8b93bedde61784859d125adae2a12450e446b1` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/navigation.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:55 GMT Last-Modified Fri, 25 Mar 2022 21:48:43 GMT Server Apache/2.4.52 (CentOS) ETag "961-5db11ed29f7c3" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type image/svg+xml Content-Length 2401
GET H/1.1	200 OK	tab_ipad.svg ftp.icloudlock.co.za/images/	2 KB 3 KB	721ms 179ms	Image image/svg+xml	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/tab_ipad.svg Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/navigation.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `7e0fd90b55e6a807beb3230d4d5470ca9bbd1b3cd6d314cf1d1d67ef36b369a6` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/navigation.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:55 GMT Last-Modified Fri, 25 Mar 2022 21:45:42 GMT Server Apache/2.4.52 (CentOS) ETag "926-5db11e2643136" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type image/svg+xml Content-Length 2342
GET H/1.1	200 OK	tab_ipod.svg ftp.icloudlock.co.za/images/	2 KB 3 KB	721ms 179ms	Image image/svg+xml	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/tab_ipod.svg Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/navigation.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `759d5b5ca56b03ff93d08c66b65759cb31f2791e181f3395e9305024e4c0c848` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/navigation.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:55 GMT Last-Modified Fri, 25 Mar 2022 21:46:52 GMT Server Apache/2.4.52 (CentOS) ETag "906-5db11e68e6914" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type image/svg+xml Content-Length 2310
GET H/1.1	200 OK	tab_itunes.svg ftp.icloudlock.co.za/images/	3 KB 3 KB	313ms 180ms	Image image/svg+xml	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/tab_itunes.svg Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/navigation.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `3621259411f3c0bdde63f646a346d2ba62265ba8c6ecbf5febd6769b97c50599` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/navigation.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:55 GMT Last-Modified Fri, 25 Mar 2022 21:46:52 GMT Server Apache/2.4.52 (CentOS) ETag "a46-5db11e68eb734" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type image/svg+xml Content-Length 2630
GET H/1.1	200 OK	tab_support.svg ftp.icloudlock.co.za/images/	4 KB 4 KB	312ms 180ms	Image image/svg+xml	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/tab_support.svg Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/navigation.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `6de54b9292e0aa55c35af5092d745123f51c7d34dc87ef105a4173c08d9dcdd5` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/navigation.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:55 GMT Last-Modified Fri, 25 Mar 2022 21:48:00 GMT Server Apache/2.4.52 (CentOS) ETag "f42-5db11ea9a18b0" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type image/svg+xml Content-Length 3906
GET DATA	200 OK	truncated /	671 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `bba5708b5f78afd251d0700f717ae47228cc2b0fc391656f5fd04dd72db58135` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	404 Not Found	bg_main_repeat.jpg ftp.icloudlock.co.za/images/	282 B 282 B	311ms 180ms	Image text/html	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/bg_main_repeat.jpg Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/id.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `9243c15d8075a1443b723719010a085d10365b79745605f800dcb3ea67b8162b` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/id.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:55 GMT Server Apache/2.4.52 (CentOS) Connection close Content-Length 282 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	breadcrumb_home.svg ftp.icloudlock.co.za/images/	2 KB 2 KB	290ms 180ms	Image image/svg+xml	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/breadcrumb_home.svg Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/base.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `a096ce5560d3f2ee0897988d05a3944c3c04602be9a477dfe31a9a519ad20e7a` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:55 GMT Last-Modified Fri, 25 Mar 2022 21:05:16 GMT Server Apache/2.4.52 (CentOS) ETag "677-5db1151cb391f" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type image/svg+xml Content-Length 1655
GET H/1.1	200 OK	breadcrumb_separator.svg ftp.icloudlock.co.za/images/	566 B 840 B	291ms 181ms	Image image/svg+xml	156.0.96.72 CLOUD-TELECOMS
General Check archive.org Show headers Download Go to Show image Full URL http://ftp.icloudlock.co.za/images/breadcrumb_separator.svg Requested by Host: ftp.icloudlock.co.za URL: http://ftp.icloudlock.co.za/images/base.css Protocol HTTP/1.1 Server 156.0.96.72 , South Africa, ASN328227 (CLOUD-TELECOMS, ZA), Reverse DNS host2.cloudtools.co.za Software Apache/2.4.52 (CentOS) / Resource Hash `fe7c888ebe0b1e1ecf07f1705b59f077f2314f3148ee788f84095f46447789cf` Request headers Accept-Language de-DE,de;q=0.9 Referer http://ftp.icloudlock.co.za/images/base.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 26 Mar 2022 13:00:55 GMT Last-Modified Fri, 25 Mar 2022 21:06:07 GMT Server Apache/2.4.52 (CentOS) ETag "236-5db1154cdcf08" Upgrade h2 Connection Upgrade, close Accept-Ranges bytes Content-Type image/svg+xml Content-Length 566

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://ftp.icloudlock.co.za/images/logo.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://ftp.icloudlock.co.za/images/bg_main_repeat.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ftp.icloudlock.co.za
156.0.96.72
14480fe629c946d57b3de979d2fa0209832e34225489318fcefb01b2de4df764
1ee2b37d3e1c6287b10ea8368c3720725c22647cefda382f6327c390d1e8ece9
3621259411f3c0bdde63f646a346d2ba62265ba8c6ecbf5febd6769b97c50599
45cc3a70de8db3fde81b3228c0a9a5f81764225bb58668ce29ad4862854e5df5
58f31a97a7f6d0f606e3afbde9d10cd054d4853c47ee90f6895c55cd32d6e6f3
599dd5f8d4929d1e718bb93fd0531a0427b8a23b04d6591dd8cc8728ca52dbaf
5b9e9378b07cf3fb9e5411b2ed6608e0a906e030171e6d5cc7e221c7a5f31711
65970e046590bb293d3570eeef8b93bedde61784859d125adae2a12450e446b1
65b443dd11b0db9269b53e64807aa2137c50aef4b7749e16e5d6bc351390b6ae
6de54b9292e0aa55c35af5092d745123f51c7d34dc87ef105a4173c08d9dcdd5
759d5b5ca56b03ff93d08c66b65759cb31f2791e181f3395e9305024e4c0c848
7c45c3f75ee877ce450a5a6b31bf2416a29a00f9f88e57b0c9d74a48f8e6df22
7d0cc2c7f2ed1da7ad9e282668a297be97953dc7252c910e87364dc1ef90d45f
7e0fd90b55e6a807beb3230d4d5470ca9bbd1b3cd6d314cf1d1d67ef36b369a6
87fb7381b1d34f9d28717658a39845c92f37fc84878ba6eee3c8d83be04508ae
9243c15d8075a1443b723719010a085d10365b79745605f800dcb3ea67b8162b
a096ce5560d3f2ee0897988d05a3944c3c04602be9a477dfe31a9a519ad20e7a
bba5708b5f78afd251d0700f717ae47228cc2b0fc391656f5fd04dd72db58135
bc9313cda2ca4406017fc5b0cf62fdc3da623204311730f26fd94eeefcedb096
beb4dd1a5409a584f9f979fe4fb810f121fcd62eee8a7ef237f80a6a93ed41b2
d13e8e2d457c3fb3e57d9f119f46b500f0d32dac257c3bcf5a654cd161cfa18f
fe7c888ebe0b1e1ecf07f1705b59f077f2314f3148ee788f84095f46447789cf

ftp.icloudlock.co.za Open in urlscan Pro 156.0.96.72 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

21 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

319 kBTransfer

316 kBSize

0 Cookies

10 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

ftp.icloudlock.co.za Open in urlscan Pro
156.0.96.72 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

319 kB
Transfer

316 kB
Size

0
Cookies

21 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!