icloud.com.ibr.support Open in urlscan Pro
68.65.123.97 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://icloud.com.ibr.support/id/
Submission: On October 30 via automatic, source openphish (October 30th 2019, 12:21:32 am UTC)

Summary HTTP 32 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 32 HTTP transactions. The main IP is 68.65.123.97, located in Los Angeles, United States and belongs to NAMECHEAP-NET - Namecheap, Inc., US. The main domain is icloud.com.ibr.support.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 10th 2019. Valid for: a year.

This is the only time icloud.com.ibr.support was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 12	68.65.123.97 68.65.123.97	22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
2	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	64.58.121.60 64.58.121.60	7979 (SERVERS) (SERVERS - Servers.com)
1	104.109.79.28 104.109.79.28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	17.253.144.10 17.253.144.10	714 (APPLE-ENG...) (APPLE-ENGINEERING - Apple Inc.)
5	172.227.114.210 172.227.114.210	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.111.228.220 23.111.228.220	7979 (SERVERS) (SERVERS - Servers.com)
32	7

12 68.65.123.97 (Los Angeles, United States) 1 redirects

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server266-4.web-hosting.com

icloud.com.ibr.support	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.121.60 (Dallas, United States)

ASN7979 (SERVERS - Servers.com, Inc., US)

untsorce.cool	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.79.28 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-79-28.deploy.static.akamaitechnologies.com

cdn.apple-cloudkit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 17.253.144.10 (United States) 1 redirects

ASN714 (APPLE-ENGINEERING - Apple Inc., US)
PTR: world-any.aaplimg.com

icloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.227.114.210 (United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-114-210.deploy.static.akamaitechnologies.com

www.icloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.228.220 (Netherlands)

ASN7979 (SERVERS - Servers.com, Inc., US)

untsorce.cool	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	ibr.support 1 redirects icloud.com.ibr.support	519 KB
6	icloud.com 1 redirects icloud.com www.icloud.com	843 KB
3	untsorce.cool untsorce.cool	687 B
2	cloudflare.com cdnjs.cloudflare.com	25 KB
1	apple-cloudkit.com cdn.apple-cloudkit.com	46 KB
0	apple.com Failed www.apple.com Failed
32	6

	Domain	Requested by
12	icloud.com.ibr.support	1 redirects icloud.com.ibr.support
5	www.icloud.com	icloud.com.ibr.support
3	untsorce.cool	icloud.com.ibr.support
2	cdnjs.cloudflare.com	icloud.com.ibr.support
1	icloud.com	1 redirects
1	cdn.apple-cloudkit.com	icloud.com.ibr.support
0	www.apple.com Failed	icloud.com.ibr.support
32	7

This site contains links to these domains. Also see Links.

Domain
iforgot.apple.com
www.apple.com

Subject Issuer	Validity	Valid
icloud.com.ibr.support Sectigo RSA Domain Validation Secure Server CA	`2019-10-10` - `2020-09-21`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
untsorce.cool Let's Encrypt Authority X3	`2019-09-13` - `2019-12-12`	3 months	crt.sh
cdn.apple-cloudkit.com DigiCert SHA2 Extended Validation Server CA	`2019-03-21` - `2020-04-01`	a year	crt.sh
www.icloud.com DigiCert SHA2 Extended Validation Server CA	`2019-07-17` - `2020-08-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://icloud.com.ibr.support/id/
Frame ID: 508029B3CF465E8194F8E028D4C97D0F
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://icloud.com.ibr.support/id HTTP 301
https://icloud.com.ibr.support/id/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

32
Requests

69 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1433 kB
Transfer

2648 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://iforgot.apple.com/password/verify/appleid
Title: Esqueceu a senha?

Search URL Search Domain Scan URL

URL: https://www.apple.com/br/support/systemstatus/
Title: Status do sistema

Search URL Search Domain Scan URL

URL: https://www.apple.com/br/privacy/
Title: Política de Privacidade

Search URL Search Domain Scan URL

URL: https://www.apple.com/legal/icloud/ww/
Title: Termos e condições

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://icloud.com.ibr.support/id HTTP 301
https://icloud.com.ibr.support/id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css HTTP 301
https://www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css

32 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
icloud.com.ibr.support/id/
Redirect Chain

https://icloud.com.ibr.support/id
https://icloud.com.ibr.support/id/

32 KB
8 KB

1659ms
1658ms

Document
text/html

68.65.123.97
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://icloud.com.ibr.support/id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.65.123.97 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server266-4.web-hosting.com
Software: Apache / PHP/5.6.40
Resource Hash: 5eaf39114729b778185c23f2e3ac67b73f29d13dd455e45d87c80c6baffb5b35

Request headers

:method: GET
:authority: icloud.com.ibr.support
:scheme: https
:path: /id/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Wed, 30 Oct 2019 00:21:10 GMT
server: Apache
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-encoding: gzip
content-length: 8396
content-type: text/html; charset=UTF-8

Redirect headers

status: 301
date: Wed, 30 Oct 2019 00:21:10 GMT
server: Apache
location: https://icloud.com.ibr.support/id/
content-length: 242
content-type: text/html; charset=iso-8859-1

GET fonts
www.apple.com/wss/ 0
0

GET strap.css
icloud.com.ibr.support/id/assets/layout/ 0
0

GET
H2 200 apple.css
icloud.com.ibr.support/id/assets/layout/ 14 KB
3 KB 163ms
158ms Stylesheet
text/css 68.65.123.97
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://icloud.com.ibr.support/id/assets/layout/apple.css
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.65.123.97 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server266-4.web-hosting.com
Software: Apache /
Resource Hash: 369a0e0c4b72678534fb6a6c18cca436df1e5917fd79d56277150319be1d6f3b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 00:21:12 GMT
content-encoding: gzip
last-modified: Fri, 04 Oct 2019 14:43:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 3164

GET
H2 200 kit.css
icloud.com.ibr.support/id/assets/layout/ 0
100 B 162ms
157ms Stylesheet
text/css 68.65.123.97
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://icloud.com.ibr.support/id/assets/layout/kit.css
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.65.123.97 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server266-4.web-hosting.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Wed, 30 Oct 2019 00:21:12 GMT
last-modified: Fri, 04 Oct 2019 14:43:54 GMT
server: Apache
accept-ranges: bytes
content-length: 0
content-type: text/css

GET
H2 200 animate.css
icloud.com.ibr.support/id/assets/layout/ 73 KB
4 KB 163ms
158ms Stylesheet
text/css 68.65.123.97
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://icloud.com.ibr.support/id/assets/layout/animate.css
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.65.123.97 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server266-4.web-hosting.com
Software: Apache /
Resource Hash: 49db1b956271ae3809a0cc80ecba86fd37898c41fa44b8fec26c82b25dce994b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 00:21:12 GMT
content-encoding: gzip
last-modified: Fri, 04 Oct 2019 14:43:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 4346

GET
H2 200 alert.css
icloud.com.ibr.support/id/assets/layout/ 2 KB
723 B 163ms
159ms Stylesheet
text/css 68.65.123.97
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://icloud.com.ibr.support/id/assets/layout/alert.css
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.65.123.97 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server266-4.web-hosting.com
Software: Apache /
Resource Hash: 8e18a1714f52e5ccabbf8f414ca260a8deda0d0d5608bdafaaafadac72640826

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 00:21:12 GMT
content-encoding: gzip
last-modified: Fri, 04 Oct 2019 14:43:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 567

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
7 KB 21ms
17ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 00:21:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 17028813
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:19:12 GMT
server: cloudflare
etag: W/"5afd4910-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 52d93a522825cbc4-VIE
expires: Mon, 19 Oct 2020 00:21:12 GMT

GET jquery-latest.min.js
icloud.com.ibr.support/id/assets/js/ 0
0

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ 118 KB
18 KB 23ms
20ms Stylesheet
text/css 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 00:21:12 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 17028809
status: 200
alt-svc: h3-23=":443"; ma=86400
served-in-seconds: 0.003
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:27:13 GMT
server: cloudflare
etag: W/"5afd4af1-1d970"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 52d93a522826cbc4-VIE
expires: Mon, 19 Oct 2020 00:21:12 GMT

GET
H2 200 bootstrap.min.js Show response
icloud.com.ibr.support/id/assets/js/ 35 KB
9 KB 315ms
312ms Script
application/javascript 68.65.123.97
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://icloud.com.ibr.support/id/assets/js/bootstrap.min.js
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.65.123.97 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server266-4.web-hosting.com
Software: Apache /
Resource Hash: 646918918be708913cfd480e8950d329f8309feafb946ad180a124333ec464e3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 00:21:12 GMT
content-encoding: gzip
last-modified: Fri, 04 Oct 2019 14:43:54 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 9545

GET
H/1.1 200
OK /
untsorce.cool/metric/ 43 B
229 B 411ms
126ms Image
image/gif 64.58.121.60
Servers.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://untsorce.cool/metric/?mid=&wid=51763&sid=&tid=8080&rid=LAUNCHED&t=1569427540041
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 64.58.121.60 Dallas, United States, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 00:21:13 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK cloudkit.js Show response
cdn.apple-cloudkit.com/ck/2/ 169 KB
46 KB 50ms
6ms Script
application/javascript 104.109.79.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.apple-cloudkit.com/ck/2/cloudkit.js

Requested by

Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.109.79.28 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a104-109-79-28.deploy.static.akamaitechnologies.com

Software

AppleHttpServer/e70a1a237a4f /

Resource Hash

0e7c4211a80951fc0c90e3010183b1d5faa5fb889a5164b974ca254e9fcb2aae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: AppleHttpServer/e70a1a237a4f
Cache-Control: public, max-age=300
ETag: "16dba0ca188b4ab"
Vary: accept-encoding
Content-Language: en-us
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Apple-Request-UUID, Via
X-Apple-Request-UUID: 1fbdcc24-24a1-4d2e-9f13-997a4e1cc601
Date: Wed, 30 Oct 2019 00:21:12 GMT
Connection: keep-alive
Content-Location: /ck/2/cloudkit.js.gzip
Content-Length: 46251

GET
H/1.1

200
OK

main.css
www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/
Redirect Chain

https://icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css
https://www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css

280 KB
29 KB

38ms
21ms

Stylesheet
text/css

172.227.114.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css

Requested by

Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.227.114.210 , United States, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a172-227-114-210.deploy.static.akamaitechnologies.com

Software

AppleHttpServer/e70a1a237a4f /

Resource Hash

b0b88d452741f2128d76f08fe7bfcbfb8dc27b81c3c3e28d9ae5b75f29854779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Server: AppleHttpServer/e70a1a237a4f
Cache-Control: public, max-age=31536000
ETag: "16d6566156073a9"
Vary: accept-encoding
Content-Language: en-us
Content-Type: text/css
Access-Control-Expose-Headers: X-Apple-Request-UUID, Via
X-Apple-Request-UUID: 638a97ad-cedb-40e4-9ae2-4f8e611a82aa
Date: Wed, 30 Oct 2019 00:21:12 GMT
Connection: keep-alive
Content-Location: /system/cloudos2/1918Hotfix2/pt-br/main.css.gzip
Content-Length: 29609

Redirect headers

date: Wed, 30 Oct 2019 00:21:12 GMT
via: 49ed01272a7e88a19263fc26c7d05c4e:16743f65befcb2b995545ccfe3bc85de:Frankfurt, https/1.1 defra3-edge-bx-008.ts.apple.com (ApacheTrafficServer/8.0.5)
server: ATS/8.0.5
cache-control: max-age=3600
age: 0
status: 301
cdnuuid: 6d0a52c8-1d94-41de-987b-f11b51ee5a85-381216116
location: https://www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css
access-control-expose-headers: X-Apple-Request-UUID, Via
x-apple-request-uuid: cf60788c-d4ac-46e7-a7c8-f12d2bbe61a7
x-cache: miss
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 17

GET /
untsorce.cool/metric/ 0
0

GET
H/1.1 200
OK /
untsorce.cool/metric/ 43 B
229 B 39ms
13ms Image
image/gif 23.111.228.220
Servers.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://untsorce.cool/metric/?mid=&wid=51763&sid=&tid=8080&rid=BEFORE_OPTOUT_REQ&t=1569427540077
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.111.228.220 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 00:21:13 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
untsorce.cool/metric/ 43 B
229 B 40ms
13ms Image
image/gif 23.111.228.220
Servers.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://untsorce.cool/metric/?mid=&wid=51763&sid=&tid=8080&rid=FINISHED&custom1=www.icloud.com&t=1569427540105
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.111.228.220 , Netherlands, ASN7979 (SERVERS - Servers.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Wed, 30 Oct 2019 00:21:13 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 logonew.png
icloud.com.ibr.support/id/assets/img/ 24 KB
24 KB 1127ms
804ms Image
image/png 68.65.123.97
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icloud.com.ibr.support/id/assets/img/logonew.png
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.65.123.97 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server266-4.web-hosting.com
Software: Apache /
Resource Hash: c382f99f49158456a7b367b9a1a96fe0702e996b2cb5daec67cad7e1b8f5b02c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Wed, 30 Oct 2019 00:21:13 GMT
last-modified: Fri, 04 Oct 2019 14:43:54 GMT
server: Apache
accept-ranges: bytes
content-length: 24202
content-type: image/png

GET
H2 200 find.png
icloud.com.ibr.support/id/assets/img/ 2 KB
2 KB 1127ms
803ms Image
image/png 68.65.123.97
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icloud.com.ibr.support/id/assets/img/find.png
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.65.123.97 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server266-4.web-hosting.com
Software: Apache /
Resource Hash: df41e4e77b47b2268303abca3beacd3c26bfb5e16eac90cb0c47e42403c5e32b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Wed, 30 Oct 2019 00:21:13 GMT
last-modified: Fri, 04 Oct 2019 14:43:54 GMT
server: Apache
accept-ranges: bytes
content-length: 1931
content-type: image/png

GET pay.png
icloud.com.ibr.support/id/assets/img/ 0
0

GET smart.png
icloud.com.ibr.support/id/assets/img/ 0
0

GET jquery-1.11.3.min.js
icloud.com.ibr.support/id/assets/js/ 0
0

GET strap.min.js
icloud.com.ibr.support/id/assets/js/ 0
0

GET findmyphone.min.js
icloud.com.ibr.support/id/assets/js/ 0
0

GET
DATA 200
OK truncated
/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64ced395b80228cbd84321ac18736034752ad0090adbbc727fe1e25d5055973e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: text/css

GET loader.gif
icloud.com.ibr.support/id/assets/img/ 0
0

GET
H2 200 login.png
icloud.com.ibr.support/id/assets/img/ 1 KB
2 KB 1096ms
804ms Image
image/png 68.65.123.97
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icloud.com.ibr.support/id/assets/img/login.png
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.65.123.97 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server266-4.web-hosting.com
Software: Apache /
Resource Hash: b3d98c4c8aa4055992854cedc838d36b8970d5c1c9030936d206d2dd31f44428

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://icloud.com.ibr.support/id/assets/layout/apple.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Wed, 30 Oct 2019 00:21:13 GMT
last-modified: Fri, 04 Oct 2019 14:43:54 GMT
server: Apache
accept-ranges: bytes
content-length: 1459
content-type: image/png

GET
H/1.1 200
OK SFNSDisplay-Semibold.woff
www.icloud.com/fonts/current/fonts/ 215 KB
216 KB 21ms
6ms Font
application/font-woff 172.227.114.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.icloud.com/fonts/current/fonts/SFNSDisplay-Semibold.woff

Requested by

Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.227.114.210 , United States, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a172-227-114-210.deploy.static.akamaitechnologies.com

Software

AppleHttpServer/e70a1a237a4f /

Resource Hash

1e903559463abcbcd75f7b61f88e60a6a267415ef1fc14efeac88261b4d78318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css
Origin: https://icloud.com.ibr.support
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: AppleHttpServer/e70a1a237a4f
Cache-Control: public, max-age=300
ETag: "16db4aaa3e835c9c"
Content-Language: en-us
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Apple-Request-UUID, Via
X-Apple-Request-UUID: a64747dc-b3e5-42f0-8b02-e7ba12a34565
Date: Wed, 30 Oct 2019 00:21:13 GMT
Connection: keep-alive
Content-Type: application/font-woff
Content-Length: 220316

GET
H/1.1 200
OK SFNSText-Medium.woff
www.icloud.com/fonts/current/fonts/ 210 KB
210 KB 20ms
6ms Font
application/font-woff 172.227.114.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.icloud.com/fonts/current/fonts/SFNSText-Medium.woff

Requested by

Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.227.114.210 , United States, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a172-227-114-210.deploy.static.akamaitechnologies.com

Software

AppleHttpServer/e70a1a237a4f /

Resource Hash

6a2583a6d3fd8564dda4ac2a5ae4a8798d3af6df68718743397ff39111485123

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css
Origin: https://icloud.com.ibr.support
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: AppleHttpServer/e70a1a237a4f
Cache-Control: public, max-age=300
ETag: "16db4aaa3e8347a8"
Content-Language: en-us
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Apple-Request-UUID, Via
X-Apple-Request-UUID: cb8b1c6a-1398-445c-99e9-f1ad1e295377
Date: Wed, 30 Oct 2019 00:21:13 GMT
Connection: keep-alive
Content-Type: application/font-woff
Content-Length: 214952

GET
H/1.1 200
OK SFNSText-Regular.woff
www.icloud.com/fonts/current/fonts/ 176 KB
176 KB 20ms
7ms Font
application/font-woff 172.227.114.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.icloud.com/fonts/current/fonts/SFNSText-Regular.woff

Requested by

Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.227.114.210 , United States, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a172-227-114-210.deploy.static.akamaitechnologies.com

Software

AppleHttpServer/e70a1a237a4f /

Resource Hash

1e31de8591163047c24af00b651123b5417cb4cb5a94068ca8e091d58fad432f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css
Origin: https://icloud.com.ibr.support
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: AppleHttpServer/e70a1a237a4f
Cache-Control: public, max-age=300
ETag: "16db4aaa3e82bf9c"
Content-Language: en-us
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Apple-Request-UUID, Via
X-Apple-Request-UUID: 82ffe4d5-85b2-46fa-8ad2-5f2b77159393
Date: Wed, 30 Oct 2019 00:21:13 GMT
Connection: keep-alive
Content-Type: application/font-woff
Content-Length: 180124

GET
H/1.1 200
OK SFNSText-Light.woff
www.icloud.com/fonts/current/fonts/ 210 KB
211 KB 19ms
6ms Font
application/font-woff 172.227.114.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.icloud.com/fonts/current/fonts/SFNSText-Light.woff

Requested by

Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.227.114.210 , United States, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a172-227-114-210.deploy.static.akamaitechnologies.com

Software

AppleHttpServer/e70a1a237a4f /

Resource Hash

635cebe91454ae2d5a03a25d6ae73692273a942e4fcb89badcba1fb606d0f6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css
Origin: https://icloud.com.ibr.support
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: AppleHttpServer/e70a1a237a4f
Cache-Control: public, max-age=300
ETag: "16db4aaa3e834920"
Content-Language: en-us
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Apple-Request-UUID, Via
X-Apple-Request-UUID: 7878e453-4425-4a29-a133-49d4faeb1298
Date: Wed, 30 Oct 2019 00:21:13 GMT
Connection: keep-alive
Content-Type: application/font-woff
Content-Length: 215328

GET
H2 200 Lato-Light.woff
icloud.com.ibr.support/id/assets/font/ 132 KB
0 601ms
323ms Font
font/woff 68.65.123.97
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://icloud.com.ibr.support/id/assets/font/Lato-Light.woff
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.65.123.97 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server266-4.web-hosting.com
Software: Apache /
Resource Hash

Request headers

Sec-Fetch-Mode: cors
Referer: https://icloud.com.ibr.support/id/assets/layout/apple.css
Origin: https://icloud.com.ibr.support
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Wed, 30 Oct 2019 00:21:13 GMT
last-modified: Fri, 04 Oct 2019 14:43:54 GMT
server: Apache
accept-ranges: bytes
content-length: 472524
content-type: font/woff

GET
H2 200 Lato-Light.ttf
icloud.com.ibr.support/id/assets/font/ 920 KB
466 KB 490ms
168ms Font
font/ttf 68.65.123.97
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://icloud.com.ibr.support/id/assets/font/Lato-Light.ttf
Requested by: Host: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.65.123.97 Los Angeles, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS: server266-4.web-hosting.com
Software: Apache /
Resource Hash: e92162b0ffde230207ffa3ed8f9babb936d18b5c90470035aa275f51259d0639

Request headers

Sec-Fetch-Mode: cors
Referer: https://icloud.com.ibr.support/id/assets/layout/apple.css
Origin: https://icloud.com.ibr.support
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Wed, 30 Oct 2019 00:21:14 GMT
content-encoding: gzip
last-modified: Fri, 04 Oct 2019 14:43:54 GMT
server: Apache
vary: Accept-Encoding
content-type: font/ttf
status: 200
accept-ranges: bytes

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.apple.com
URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

Domain: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/assets/layout/strap.css

Domain: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/assets/js/jquery-latest.min.js

Domain: untsorce.cool
URL: https://untsorce.cool/metric/?mid=&wid=51763&sid=&tid=8080&rid=LOADED&custom1=www.icloud.com&custom2=%2F&custom3=untsorce.cool&t=1569427540075

Domain: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/assets/img/pay.png

Domain: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/assets/img/smart.png

Domain: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/assets/js/jquery-1.11.3.min.js

Domain: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/assets/js/strap.min.js

Domain: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/assets/js/findmyphone.min.js

Domain: icloud.com.ibr.support
URL: https://icloud.com.ibr.support/id/assets/img/loader.gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.apple-cloudkit.com
cdnjs.cloudflare.com
icloud.com
icloud.com.ibr.support
untsorce.cool
www.apple.com
www.icloud.com
icloud.com.ibr.support
untsorce.cool
www.apple.com
104.109.79.28
17.253.144.10
172.227.114.210
23.111.228.220
2606:4700::6813:c497
64.58.121.60
68.65.123.97
0e7c4211a80951fc0c90e3010183b1d5faa5fb889a5164b974ca254e9fcb2aae
1e31de8591163047c24af00b651123b5417cb4cb5a94068ca8e091d58fad432f
1e903559463abcbcd75f7b61f88e60a6a267415ef1fc14efeac88261b4d78318
369a0e0c4b72678534fb6a6c18cca436df1e5917fd79d56277150319be1d6f3b
49db1b956271ae3809a0cc80ecba86fd37898c41fa44b8fec26c82b25dce994b
5eaf39114729b778185c23f2e3ac67b73f29d13dd455e45d87c80c6baffb5b35
635cebe91454ae2d5a03a25d6ae73692273a942e4fcb89badcba1fb606d0f6ad
646918918be708913cfd480e8950d329f8309feafb946ad180a124333ec464e3
64ced395b80228cbd84321ac18736034752ad0090adbbc727fe1e25d5055973e
6a2583a6d3fd8564dda4ac2a5ae4a8798d3af6df68718743397ff39111485123
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8e18a1714f52e5ccabbf8f414ca260a8deda0d0d5608bdafaaafadac72640826
b0b88d452741f2128d76f08fe7bfcbfb8dc27b81c3c3e28d9ae5b75f29854779
b3d98c4c8aa4055992854cedc838d36b8970d5c1c9030936d206d2dd31f44428
c382f99f49158456a7b367b9a1a96fe0702e996b2cb5daec67cad7e1b8f5b02c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
df41e4e77b47b2268303abca3beacd3c26bfb5e16eac90cb0c47e42403c5e32b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92162b0ffde230207ffa3ed8f9babb936d18b5c90470035aa275f51259d0639
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

icloud.com.ibr.support Open in urlscan Pro 68.65.123.97 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

32 Requests

69 %HTTPS

14 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

1433 kBTransfer

2648 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

Indicators

icloud.com.ibr.support Open in urlscan Pro
68.65.123.97 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

69 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1433 kB
Transfer

2648 kB
Size

0
Cookies

32 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!