ftp.icloudlock.co.za
Open in
urlscan Pro
156.0.96.72
Malicious Activity!
Public Scan
Submission: On March 26 via automatic, source openphish — Scanned from DE
Summary
This is the only time ftp.icloudlock.co.za was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 156.0.96.72 156.0.96.72 | 328227 (CLOUD-TEL...) (CLOUD-TELECOMS) | |
21 | 2 |
ASN328227 (CLOUD-TELECOMS, ZA)
PTR: host2.cloudtools.co.za
ftp.icloudlock.co.za |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
icloudlock.co.za
ftp.icloudlock.co.za |
319 KB |
21 | 1 |
Domain | Requested by | |
---|---|---|
21 | ftp.icloudlock.co.za |
ftp.icloudlock.co.za
|
21 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.apple.com |
store.apple.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://ftp.icloudlock.co.za/
Frame ID: C15BF6056D8F10374D2B2B00D4CA29A9
Requests: 23 HTTP requests in this frame
10 Outgoing links
These are links going to different origins than the main page.
Title: Apple
Search URL Search Domain Scan URL
Title: Store
Search URL Search Domain Scan URL
Title: Mac
Search URL Search Domain Scan URL
Title: iPhone
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: iPad
Search URL Search Domain Scan URL
Title: iPod
Search URL Search Domain Scan URL
Title: iTunes
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Search apple.com
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ftp.icloudlock.co.za/ |
10 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navigation.css
ftp.icloudlock.co.za/images/ |
44 KB 44 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.css
ftp.icloudlock.co.za/images/ |
35 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id.css
ftp.icloudlock.co.za/images/ |
111 KB 111 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hsa.css
ftp.icloudlock.co.za/images/ |
61 KB 61 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
ftp.icloudlock.co.za/images/ |
282 B 282 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
usa.png
ftp.icloudlock.co.za/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blackout.css
ftp.icloudlock.co.za/images/ |
12 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ac_quicktime.css
ftp.icloudlock.co.za/images/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
overlay.css
ftp.icloudlock.co.za/images/ |
10 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_store.svg
ftp.icloudlock.co.za/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_mac.svg
ftp.icloudlock.co.za/images/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_iphone.svg
ftp.icloudlock.co.za/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_watch.svg
ftp.icloudlock.co.za/images/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_ipad.svg
ftp.icloudlock.co.za/images/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_ipod.svg
ftp.icloudlock.co.za/images/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_itunes.svg
ftp.icloudlock.co.za/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_support.svg
ftp.icloudlock.co.za/images/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
671 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_main_repeat.jpg
ftp.icloudlock.co.za/images/ |
282 B 282 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
breadcrumb_home.svg
ftp.icloudlock.co.za/images/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
breadcrumb_separator.svg
ftp.icloudlock.co.za/images/ |
566 B 840 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored undefined| testresults function| checkemail function| checkbae0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ftp.icloudlock.co.za
156.0.96.72
14480fe629c946d57b3de979d2fa0209832e34225489318fcefb01b2de4df764
1ee2b37d3e1c6287b10ea8368c3720725c22647cefda382f6327c390d1e8ece9
3621259411f3c0bdde63f646a346d2ba62265ba8c6ecbf5febd6769b97c50599
45cc3a70de8db3fde81b3228c0a9a5f81764225bb58668ce29ad4862854e5df5
58f31a97a7f6d0f606e3afbde9d10cd054d4853c47ee90f6895c55cd32d6e6f3
599dd5f8d4929d1e718bb93fd0531a0427b8a23b04d6591dd8cc8728ca52dbaf
5b9e9378b07cf3fb9e5411b2ed6608e0a906e030171e6d5cc7e221c7a5f31711
65970e046590bb293d3570eeef8b93bedde61784859d125adae2a12450e446b1
65b443dd11b0db9269b53e64807aa2137c50aef4b7749e16e5d6bc351390b6ae
6de54b9292e0aa55c35af5092d745123f51c7d34dc87ef105a4173c08d9dcdd5
759d5b5ca56b03ff93d08c66b65759cb31f2791e181f3395e9305024e4c0c848
7c45c3f75ee877ce450a5a6b31bf2416a29a00f9f88e57b0c9d74a48f8e6df22
7d0cc2c7f2ed1da7ad9e282668a297be97953dc7252c910e87364dc1ef90d45f
7e0fd90b55e6a807beb3230d4d5470ca9bbd1b3cd6d314cf1d1d67ef36b369a6
87fb7381b1d34f9d28717658a39845c92f37fc84878ba6eee3c8d83be04508ae
9243c15d8075a1443b723719010a085d10365b79745605f800dcb3ea67b8162b
a096ce5560d3f2ee0897988d05a3944c3c04602be9a477dfe31a9a519ad20e7a
bba5708b5f78afd251d0700f717ae47228cc2b0fc391656f5fd04dd72db58135
bc9313cda2ca4406017fc5b0cf62fdc3da623204311730f26fd94eeefcedb096
beb4dd1a5409a584f9f979fe4fb810f121fcd62eee8a7ef237f80a6a93ed41b2
d13e8e2d457c3fb3e57d9f119f46b500f0d32dac257c3bcf5a654cd161cfa18f
fe7c888ebe0b1e1ecf07f1705b59f077f2314f3148ee788f84095f46447789cf