signinconfirmation.accounts-appleid-update.sapotoforminc.com

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 2 HTTP transactions. The main IP is 142.4.3.40, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is signinconfirmation.accounts-appleid-update.sapotoforminc.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 15th 2019. Valid for: 3 months.

This is the only time signinconfirmation.accounts-appleid-update.sapotoforminc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
2 2	45.40.140.1 45.40.140.1	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1	142.4.3.40 142.4.3.40	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer)
2	2

1 104.244.42.133 (United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.40.140.1 (Scottsdale, United States) 2 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-140-1.ip.secureserver.net

x.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.4.3.40 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 142-4-3-40.unifiedlayer.com

signinconfirmation.accounts-appleid-update.sapotoforminc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	x.co 2 redirects x.co	320 B
2	t.co 1 redirects t.co	852 B
1	sapotoforminc.com signinconfirmation.accounts-appleid-update.sapotoforminc.com	748 B
2	3

	Domain	Requested by
2	x.co	2 redirects
2	t.co	1 redirects
1	signinconfirmation.accounts-appleid-update.sapotoforminc.com	t.co
2	3

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
sapotoforminc.com Let's Encrypt Authority X3	`2019-05-15` - `2019-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://signinconfirmation.accounts-appleid-update.sapotoforminc.com/?inheIp0inc
Frame ID: C504E532E29DBEA367F70CABD4A9DDC4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL HTTP 301
https://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL Page URL
http://x.co/6noku HTTP 301
https://x.co/6noku HTTP 302
https://signinconfirmation.accounts-appleid-update.sapotoforminc.com/?inheIp0inc Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL HTTP 301
https://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL Page URL
http://x.co/6noku HTTP 301
https://x.co/6noku HTTP 302
https://signinconfirmation.accounts-appleid-update.sapotoforminc.com/?inheIp0inc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL HTTP 301
https://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL

2 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

ToLPfG3dDA Show response
t.co/
Redirect Chain

http://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL
https://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL

245 B
571 B

218ms
149ms

Document
text/html

104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

8a8f1906289e2efdba333ec858a02ab79fefb335c8a56c38b5f54ce42d582a9e

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
cache-control: private,max-age=300
content-encoding: gzip
content-length: 188
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Tue, 21 May 2019 03:31:44 GMT
expires: Tue, 21 May 2019 03:36:44 GMT
referrer-policy: unsafe-url
server: tsa_f
set-cookie: muc=a6fa2238-5f4a-4671-aa69-8e4b8e2ceaf1; Max-Age=63072000; Expires=Thu, 20 May 2021 03:31:44 GMT; Domain=t.co
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 43db99a9c26ed2128aec2cb374641244
x-response-time: 122
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length: 0
date: Tue, 21 May 2019 03:31:44 GMT
location: https://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL
server: tsa_f
x-connection-hash: 03622a3e8b58d1b93bbc8d783ad9a7f5
x-response-time: 113

GET
H/1.1

404
Not Found

Primary Request

Cookie set / Show response
signinconfirmation.accounts-appleid-update.sapotoforminc.com/
Redirect Chain

http://x.co/6noku
https://x.co/6noku
https://signinconfirmation.accounts-appleid-update.sapotoforminc.com/?inheIp0inc

354 B
748 B

5365ms
4950ms

Document
text/html

142.4.3.40
Unified Layer

General

Check archive.org

Show headers Download Go to

Full URL: https://signinconfirmation.accounts-appleid-update.sapotoforminc.com/?inheIp0inc
Requested by: Host: t.co
URL: https://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.4.3.40 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS: 142-4-3-40.unifiedlayer.com
Software: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash: 9e9103b0d2460e34bc25504ab221a9910fc8c2eaf268818cf6c17c41c60b4d91

Request headers

Host: signinconfirmation.accounts-appleid-update.sapotoforminc.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://t.co/ToLPfG3dDA?csi=PeNSt7pCU4DhxBRAMLtS8CoL1PwwAyFz23rMb7zVbcdzDUZ0GssoV7awxwIXL

Response headers

Date: Tue, 21 May 2019 03:31:46 GMT
Server: Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=n1opjnlhp8jes68nbaavqrau83; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

status: 302
server: nginx/1.12.2
date: Tue, 21 May 2019 03:31:45 GMT
content-type: text/html; charset=utf-8
location: https://signinconfirmation.accounts-appleid-update.sapotoforminc.com/?inheIp0inc

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			signinconfirmation.accounts-appleid-update.sapotoforminc.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: n1opjnlhp8jes68nbaavqrau83

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

signinconfirmation.accounts-appleid-update.sapotoforminc.com
t.co
x.co
104.244.42.133
104.244.42.69
142.4.3.40
45.40.140.1
8a8f1906289e2efdba333ec858a02ab79fefb335c8a56c38b5f54ce42d582a9e
9e9103b0d2460e34bc25504ab221a9910fc8c2eaf268818cf6c17c41c60b4d91

signinconfirmation.accounts-appleid-update.sapotoforminc.com Open in urlscan Pro 142.4.3.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

1 kBTransfer

1 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

signinconfirmation.accounts-appleid-update.sapotoforminc.com Open in urlscan Pro
142.4.3.40 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

1 kB
Transfer

1 kB
Size

1
Cookies

2 HTTP transactions
0 data transactions