apple.com-icloud.top
Open in
urlscan Pro
23.224.135.236
Malicious Activity!
Public Scan
Submission Tags: @phishunt_io
Submission: On October 25 via api from ES
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on October 25th 2020. Valid for: 3 months.
This is the only time apple.com-icloud.top was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 23.224.135.236 23.224.135.236 | 40065 (CNSERVERS) (CNSERVERS) | |
5 | 23.203.93.174 23.203.93.174 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
18 | 3 |
ASN16625 (AKAMAI-AS, US)
PTR: a23-203-93-174.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
com-icloud.top
apple.com-icloud.top |
1 MB |
5 |
cdn-apple.com
appleid.cdn-apple.com |
335 KB |
18 | 2 |
Domain | Requested by | |
---|---|---|
13 | apple.com-icloud.top |
apple.com-icloud.top
appleid.cdn-apple.com |
5 | appleid.cdn-apple.com |
apple.com-icloud.top
appleid.cdn-apple.com |
18 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.apple.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
apple.com-icloud.top ZeroSSL RSA Domain Secure Site CA |
2020-10-25 - 2021-01-23 |
3 months | crt.sh |
appleid.cdn-apple.com DigiCert SHA2 Extended Validation Server CA-3 |
2020-02-10 - 2021-02-09 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://apple.com-icloud.top/
Frame ID: 7A9CE7D6AFD6C8FA5930E26B39B05299
Requests: 7 HTTP requests in this frame
Frame:
https://apple.com-icloud.top/signin.htm
Frame ID: 6055BE19BF785C3FCDF78CD4996D07B7
Requests: 12 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: 시스템 상태
Search URL Search Domain Scan URL
Title: 개인정보 보호정책
Search URL Search Domain Scan URL
Title: 이용약관
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
apple.com-icloud.top/ |
56 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFUIText-Light.woff
apple.com-icloud.top/fonts/ |
210 KB 204 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFUIText-Medium.woff
apple.com-icloud.top/fonts/ |
210 KB 203 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFUIText-Regular.woff
apple.com-icloud.top/fonts/ |
176 KB 172 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFUIDisplay-Regular.woff
apple.com-icloud.top/fonts/ |
175 KB 171 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFUIDisplay-Semibold.woff
apple.com-icloud.top/fonts/ |
215 KB 206 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
apple.com-icloud.top/system/cloudos2/2014Hotfix39/ko-kr/ |
303 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin.htm
apple.com-icloud.top/ Frame 6055 |
29 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
apple.com-icloud.top/wss/ Frame 6055 |
18 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.css
appleid.cdn-apple.com/appleauth/static/cssj/N1485770655/widget/auth/ Frame 6055 |
434 KB 40 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common-header.js
appleid.cdn-apple.com/appleauth/static/jsj/N248382592/ Frame 6055 |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
appleid.cdn-apple.com/appleauth/static/jsj/N143482311/widget/auth/ Frame 6055 |
961 KB 277 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 6055 |
7 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
jslog
apple.com-icloud.top/appleauth/ Frame 6055 |
1 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HR_gradient_dark.png
appleid.cdn-apple.com/appleauth/static/bin/cb1633718600/dist/assets/ Frame 6055 |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SFProIcons_regular.woff
apple.com-icloud.top/wss/fonts/SF-Pro-Icons/v1/ Frame 6055 |
10 KB 10 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sf-pro-display_regular.woff2
apple.com-icloud.top/wss/fonts/SF-Pro-Display/v1/ Frame 6055 |
138 KB 138 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shared-icons.woff
appleid.cdn-apple.com/appleauth/static/bin/cb3432457731/dist/assets/ Frame 6055 |
9 KB 10 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sf-pro-text_regular.woff2
apple.com-icloud.top/wss/fonts/SF-Pro-Text/v1/ Frame 6055 |
97 KB 97 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| event function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes undefined| PolyFillCustomEvent function| __startFilteringErrors function| __startFilteringUnhandledRejections undefined| move undefined| keyFunc object| __CW_PATH_PREFIX object| __CW_BUILD_INFO boolean| hasEnteredLimitedExperienceMode0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apple.com-icloud.top
appleid.cdn-apple.com
23.203.93.174
23.224.135.236
0a19abcb54660a079457a68e02b6091fd3d546c8e59e7c23e2c97afb2b7358b0
1cd2500f652e5f7611dc8735b1455d572a7aa1ccede57d8e375ff88023cf9ccd
1dd142cb948458f8258fa4f7ba5e61bb3060e1b41dbc55eaefce115c3518759f
2c506ef11296ef02ae329b467553ef48594167bfea44b5ac68272be2ee371d92
3b7d2b4c5417a697678081ed3b344955f0b25e694171178b0c01e029b4a18e8b
46454d1c38dd009615229fb3d7b82b4ef91a359294e4deb414d108d61587f42a
53970f5dc9e7c91f1cc7b7b94477390f5614f58fb3acb52711cb019b6db68b36
54153028bc82e90c008de86a1641c2b6e258200031055089d34c2aa8135a162a
56a44c2f2d0d6c688a238fe936eedad0eff964c5628740ab2159fc4b90dbe4a3
64ff0570e91055ef514596d780cd0d07533c5b49236b8a4f8cc05ed1fafcf828
6de3580fdeace0ff74927b2449e34587dd0b2a03c7711cf0087925e25429efe3
7a0fa430cb1c4fe61f63dd7a66a063fbfb2f9db849c2bba90a7bb705ffb08737
7b825f390d19667f0d066a1666f393e3434772458eaba6b0a6dd418a7d4c4de0
8ffa1971754fa1e8886b15ab7662b764b3ace5f4cf9506acba9c395fbf9067a5
9a36269566c2435913d55e89550ed2719fd076177dfc3508b3b7cdcefcabd679
ae98c3b1ed18478144791bfa0c71056b422287cd41f9b7d35c99063b04be58eb
d64f3d267ac57fcd577311bc4aceb4f1b9dbda4157146116b8026daebe9257de
e39f78e3fd9428c8ad22060046d9cc07d65cf9fa784a16a3925b9acb52f35c3d
f1e8168b92fb206734a6b46669c8e72401d16f98c1c05802211e1dcdf9f41018