www.apple.authorize-giveaway.com
Open in
urlscan Pro
198.54.120.43
Malicious Activity!
Public Scan
Submission: On December 02 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by apple.authorize-giveaway.com on December 2nd 2019. Valid for: a year.
This is the only time www.apple.authorize-giveaway.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 198.54.120.43 198.54.120.43 | 22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap) | |
1 | 2606:4700::68... 2606:4700::6811:4004 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 95.100.76.63 95.100.76.63 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
5 | 23.5.108.49 23.5.108.49 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 2a01:b740:a41... 2a01:b740:a41:206::12 | 714 (APPLE-ENG...) (APPLE-ENGINEERING - Apple Inc.) | |
13 | 6 |
ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: premium50-3.web-hosting.com
www.apple.authorize-giveaway.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-76-63.deploy.static.akamaitechnologies.com
cdn.apple-cloudkit.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-5-108-49.deploy.static.akamaitechnologies.com
www.icloud.com |
ASN714 (APPLE-ENGINEERING - Apple Inc., US)
feedbackws.icloud.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
icloud.com
www.icloud.com feedbackws.icloud.com |
1 MB |
4 |
authorize-giveaway.com
www.apple.authorize-giveaway.com |
443 KB |
1 |
apple-cloudkit.com
cdn.apple-cloudkit.com |
46 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
12 KB |
13 | 4 |
Domain | Requested by | |
---|---|---|
5 | www.icloud.com |
www.apple.authorize-giveaway.com
www.icloud.com |
4 | www.apple.authorize-giveaway.com |
www.apple.authorize-giveaway.com
www.icloud.com |
1 | feedbackws.icloud.com |
www.icloud.com
|
1 | cdn.apple-cloudkit.com |
www.apple.authorize-giveaway.com
|
1 | cdnjs.cloudflare.com |
www.apple.authorize-giveaway.com
|
13 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
iforgot.apple.com |
www.icloud.com |
www.apple.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
apple.authorize-giveaway.com apple.authorize-giveaway.com |
2019-12-02 - 2020-12-01 |
a year | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-11-20 - 2020-05-28 |
6 months | crt.sh |
cdn.apple-cloudkit.com DigiCert SHA2 Extended Validation Server CA |
2019-03-21 - 2020-04-01 |
a year | crt.sh |
www.icloud.com DigiCert SHA2 Extended Validation Server CA |
2019-07-17 - 2020-08-05 |
a year | crt.sh |
feedbackws.icloud.com Apple IST CA 2 - G1 |
2019-10-07 - 2020-11-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.apple.authorize-giveaway.com/
Frame ID: BF1429440E042E31AEEE71D4AEE64A20
Requests: 13 HTTP requests in this frame
5 Outgoing links
These are links going to different origins than the main page.
Title: Forgot Apple ID or password?
Search URL Search Domain Scan URL
Title: Create Apple ID
Search URL Search Domain Scan URL
Title: System Status
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.apple.authorize-giveaway.com/ |
45 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ |
54 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin.png
www.apple.authorize-giveaway.com/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cloudkit.js
cdn.apple-cloudkit.com/ck/2/ |
169 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
www.icloud.com/system/cloudos2/1921Hotfix1/en-us/ |
285 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.js
www.icloud.com/system/cloudos2/1921Hotfix1/en-us/ |
2 MB 502 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
backgroundv1.png
www.apple.authorize-giveaway.com/ |
404 KB 404 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SFNSText-Light.woff
www.icloud.com/fonts/current/fonts/ |
210 KB 211 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
images@1x.bin
www.apple.authorize-giveaway.com/system/cloudos2/1921Hotfix1/en-us// |
315 B 413 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SFNSText-Medium.woff
www.icloud.com/fonts/current/fonts/ |
210 KB 210 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SFNSDisplay-Semibold.woff
www.icloud.com/fonts/current/fonts/ |
215 KB 216 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
reportStats
feedbackws.icloud.com/ |
2 B 658 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
a307ab8d-854d-4d89-830c-15ba1b6dc71f
https://www.apple.authorize-giveaway.com/ |
308 B 308 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| event object| onformdata object| onpointerrawupdate undefined| PolyFillCustomEvent function| __startFilteringErrors function| __startFilteringUnhandledRejections string| __CW_PATH_PREFIX object| __CW_BUILD_INFO boolean| hasEnteredLimitedExperienceMode object| bootstrapMockSpringboardViewElement function| delayCloudOSLoadingScreenDismissal function| removeCloudOSLoadingScreenFromDOM function| calculateSpringboardViewLayout object| __cloudOSSupportedLocales object| __childApplicationSupportedLocales object| __core-js_shared__ object| CloudKit object| __CW_IMG_URLS object| __CW_BLOB_URLS boolean| __CW_BLOBS_READY function| setImmediate function| clearImmediate object| regeneratorRuntime object| IntlPolyfill0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.apple-cloudkit.com
cdnjs.cloudflare.com
feedbackws.icloud.com
www.apple.authorize-giveaway.com
www.icloud.com
198.54.120.43
23.5.108.49
2606:4700::6811:4004
2a01:b740:a41:206::12
95.100.76.63
1e903559463abcbcd75f7b61f88e60a6a267415ef1fc14efeac88261b4d78318
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5046c194898bc100c49ead8694222f32cc2e1766598d58393ab87cf6dfdab9e6
635cebe91454ae2d5a03a25d6ae73692273a942e4fcb89badcba1fb606d0f6ad
6a2583a6d3fd8564dda4ac2a5ae4a8798d3af6df68718743397ff39111485123
7c30fa705b915f3f0704a5fab2fadff77b7bd7896d008385563e3e0faccf9ea9
9c0394a9934201e8632f92ab944a511404c3c577cb2fe84bf0c232a892d17804
be73d4176352c6091e68e5cbc1920f6461749c3023f51490e9dba85704b5909c
c1e01b9c3e66ce80069f23ca3792e444e61b8dd7dd56db795b19506cd140e2d6
c382f99f49158456a7b367b9a1a96fe0702e996b2cb5daec67cad7e1b8f5b02c
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fec7717a72b5343a3048dba9860c23bfcc12a2c48d641d2de64a17a9ded7a8e2