icloud.com.ibr.support
Open in
urlscan Pro
68.65.123.97
Malicious Activity!
Public Scan
Submission: On October 30 via automatic, source openphish
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 10th 2019. Valid for: a year.
This is the only time icloud.com.ibr.support was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 12 | 68.65.123.97 68.65.123.97 | 22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap) | |
2 | 2606:4700::68... 2606:4700::6813:c497 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 64.58.121.60 64.58.121.60 | 7979 (SERVERS) (SERVERS - Servers.com) | |
1 | 104.109.79.28 104.109.79.28 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 17.253.144.10 17.253.144.10 | 714 (APPLE-ENG...) (APPLE-ENGINEERING - Apple Inc.) | |
5 | 172.227.114.210 172.227.114.210 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 23.111.228.220 23.111.228.220 | 7979 (SERVERS) (SERVERS - Servers.com) | |
32 | 7 |
ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server266-4.web-hosting.com
icloud.com.ibr.support |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-79-28.deploy.static.akamaitechnologies.com
cdn.apple-cloudkit.com |
ASN714 (APPLE-ENGINEERING - Apple Inc., US)
PTR: world-any.aaplimg.com
icloud.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-114-210.deploy.static.akamaitechnologies.com
www.icloud.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
ibr.support
1 redirects
icloud.com.ibr.support |
519 KB |
6 |
icloud.com
1 redirects
icloud.com www.icloud.com |
843 KB |
3 |
untsorce.cool
untsorce.cool |
687 B |
2 |
cloudflare.com
cdnjs.cloudflare.com |
25 KB |
1 |
apple-cloudkit.com
cdn.apple-cloudkit.com |
46 KB |
0 |
apple.com
Failed
www.apple.com Failed |
|
32 | 6 |
Domain | Requested by | |
---|---|---|
12 | icloud.com.ibr.support |
1 redirects
icloud.com.ibr.support
|
5 | www.icloud.com |
icloud.com.ibr.support
|
3 | untsorce.cool |
icloud.com.ibr.support
|
2 | cdnjs.cloudflare.com |
icloud.com.ibr.support
|
1 | icloud.com | 1 redirects |
1 | cdn.apple-cloudkit.com |
icloud.com.ibr.support
|
0 | www.apple.com Failed |
icloud.com.ibr.support
|
32 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
iforgot.apple.com |
www.apple.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
icloud.com.ibr.support Sectigo RSA Domain Validation Secure Server CA |
2019-10-10 - 2020-09-21 |
a year | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-08-10 - 2020-02-16 |
6 months | crt.sh |
untsorce.cool Let's Encrypt Authority X3 |
2019-09-13 - 2019-12-12 |
3 months | crt.sh |
cdn.apple-cloudkit.com DigiCert SHA2 Extended Validation Server CA |
2019-03-21 - 2020-04-01 |
a year | crt.sh |
www.icloud.com DigiCert SHA2 Extended Validation Server CA |
2019-07-17 - 2020-08-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://icloud.com.ibr.support/id/
Frame ID: 508029B3CF465E8194F8E028D4C97D0F
Requests: 33 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://icloud.com.ibr.support/id
HTTP 301
https://icloud.com.ibr.support/id/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
animate.css (Web Frameworks) Expand
Detected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Esqueceu a senha?
Search URL Search Domain Scan URL
Title: Status do sistema
Search URL Search Domain Scan URL
Title: PolÃtica de Privacidade
Search URL Search Domain Scan URL
Title: Termos e condições
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://icloud.com.ibr.support/id
HTTP 301
https://icloud.com.ibr.support/id/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 12- https://icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css HTTP 301
- https://www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
icloud.com.ibr.support/id/ Redirect Chain
|
32 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fonts
www.apple.com/wss/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
strap.css
icloud.com.ibr.support/id/assets/layout/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apple.css
icloud.com.ibr.support/id/assets/layout/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kit.css
icloud.com.ibr.support/id/assets/layout/ |
0 100 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
icloud.com.ibr.support/id/assets/layout/ |
73 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert.css
icloud.com.ibr.support/id/assets/layout/ |
2 KB 723 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-latest.min.js
icloud.com.ibr.support/id/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ |
118 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
icloud.com.ibr.support/id/assets/js/ |
35 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
untsorce.cool/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cloudkit.js
cdn.apple-cloudkit.com/ck/2/ |
169 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/ Redirect Chain
|
280 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
untsorce.cool/metric/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
untsorce.cool/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
untsorce.cool/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logonew.png
icloud.com.ibr.support/id/assets/img/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
find.png
icloud.com.ibr.support/id/assets/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pay.png
icloud.com.ibr.support/id/assets/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
smart.png
icloud.com.ibr.support/id/assets/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-1.11.3.min.js
icloud.com.ibr.support/id/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
strap.min.js
icloud.com.ibr.support/id/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
findmyphone.min.js
icloud.com.ibr.support/id/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
loader.gif
icloud.com.ibr.support/id/assets/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.png
icloud.com.ibr.support/id/assets/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SFNSDisplay-Semibold.woff
www.icloud.com/fonts/current/fonts/ |
215 KB 216 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SFNSText-Medium.woff
www.icloud.com/fonts/current/fonts/ |
210 KB 210 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SFNSText-Regular.woff
www.icloud.com/fonts/current/fonts/ |
176 KB 176 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SFNSText-Light.woff
www.icloud.com/fonts/current/fonts/ |
210 KB 211 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-Light.woff
icloud.com.ibr.support/id/assets/font/ |
132 KB 0 |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Lato-Light.ttf
icloud.com.ibr.support/id/assets/font/ |
920 KB 466 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.apple.com
- URL
- https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
- Domain
- icloud.com.ibr.support
- URL
- https://icloud.com.ibr.support/id/assets/layout/strap.css
- Domain
- icloud.com.ibr.support
- URL
- https://icloud.com.ibr.support/id/assets/js/jquery-latest.min.js
- Domain
- untsorce.cool
- URL
- https://untsorce.cool/metric/?mid=&wid=51763&sid=&tid=8080&rid=LOADED&custom1=www.icloud.com&custom2=%2F&custom3=untsorce.cool&t=1569427540075
- Domain
- icloud.com.ibr.support
- URL
- https://icloud.com.ibr.support/id/assets/img/pay.png
- Domain
- icloud.com.ibr.support
- URL
- https://icloud.com.ibr.support/id/assets/img/smart.png
- Domain
- icloud.com.ibr.support
- URL
- https://icloud.com.ibr.support/id/assets/js/jquery-1.11.3.min.js
- Domain
- icloud.com.ibr.support
- URL
- https://icloud.com.ibr.support/id/assets/js/strap.min.js
- Domain
- icloud.com.ibr.support
- URL
- https://icloud.com.ibr.support/id/assets/js/findmyphone.min.js
- Domain
- icloud.com.ibr.support
- URL
- https://icloud.com.ibr.support/id/assets/img/loader.gif
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| goPass function| goPin object| __CW_PATH_PREFIX object| __CW_BUILD_INFO object| __core-js_shared__ object| CloudKit0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.apple-cloudkit.com
cdnjs.cloudflare.com
icloud.com
icloud.com.ibr.support
untsorce.cool
www.apple.com
www.icloud.com
icloud.com.ibr.support
untsorce.cool
www.apple.com
104.109.79.28
17.253.144.10
172.227.114.210
23.111.228.220
2606:4700::6813:c497
64.58.121.60
68.65.123.97
0e7c4211a80951fc0c90e3010183b1d5faa5fb889a5164b974ca254e9fcb2aae
1e31de8591163047c24af00b651123b5417cb4cb5a94068ca8e091d58fad432f
1e903559463abcbcd75f7b61f88e60a6a267415ef1fc14efeac88261b4d78318
369a0e0c4b72678534fb6a6c18cca436df1e5917fd79d56277150319be1d6f3b
49db1b956271ae3809a0cc80ecba86fd37898c41fa44b8fec26c82b25dce994b
5eaf39114729b778185c23f2e3ac67b73f29d13dd455e45d87c80c6baffb5b35
635cebe91454ae2d5a03a25d6ae73692273a942e4fcb89badcba1fb606d0f6ad
646918918be708913cfd480e8950d329f8309feafb946ad180a124333ec464e3
64ced395b80228cbd84321ac18736034752ad0090adbbc727fe1e25d5055973e
6a2583a6d3fd8564dda4ac2a5ae4a8798d3af6df68718743397ff39111485123
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8e18a1714f52e5ccabbf8f414ca260a8deda0d0d5608bdafaaafadac72640826
b0b88d452741f2128d76f08fe7bfcbfb8dc27b81c3c3e28d9ae5b75f29854779
b3d98c4c8aa4055992854cedc838d36b8970d5c1c9030936d206d2dd31f44428
c382f99f49158456a7b367b9a1a96fe0702e996b2cb5daec67cad7e1b8f5b02c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
df41e4e77b47b2268303abca3beacd3c26bfb5e16eac90cb0c47e42403c5e32b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92162b0ffde230207ffa3ed8f9babb936d18b5c90470035aa275f51259d0639
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c