apple.com.id-pt.com
Open in
urlscan Pro
198.54.125.87
Malicious Activity!
Public Scan
URL:
http://apple.com.id-pt.com/icloud/
Submission: On November 02 via automatic, source openphish
Submission: On November 02 via automatic, source openphish
Summary
This website contacted 7 IPs
in 3 countries
across 6 domains to perform 28 HTTP transactions.
The main IP is 198.54.125.87, located in
Los Angeles, United States and
belongs to NAMECHEAP-NET - Namecheap, Inc., US.
The main domain is apple.com.id-pt.com.
This is the only time apple.com.id-pt.com was scanned on urlscan.io!
This is the only time apple.com.id-pt.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 19 | 198.54.125.87 198.54.125.87 | 22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap) | |
| 1 2 | 2a02:26f0:eb:... 2a02:26f0:eb:19f::1aca | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 | 2606:4700:300... 2606:4700:300a::6813:c397 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 4 | 23.111.228.4 23.111.228.4 | 7979 (SERVERS) (SERVERS - Servers.com) | |
| 1 | 104.109.79.28 104.109.79.28 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 2 | 17.253.144.10 17.253.144.10 | 714 (APPLE-ENG...) (APPLE-ENGINEERING - Apple Inc.) | |
| 2 | 104.109.70.123 104.109.70.123 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 28 | 7 |
19
198.54.125.87
(Los Angeles, United States)
ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server259-2.web-hosting.com
ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server259-2.web-hosting.com
| apple.com.id-pt.com |
2
2606:4700:300a::6813:c397
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| cdnjs.cloudflare.com |
1
104.109.79.28
(Netherlands)
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-79-28.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-79-28.deploy.static.akamaitechnologies.com
| cdn.apple-cloudkit.com |
2
17.253.144.10
(United States)
ASN714 (APPLE-ENGINEERING - Apple Inc., US)
PTR: world-any.aaplimg.com
ASN714 (APPLE-ENGINEERING - Apple Inc., US)
PTR: world-any.aaplimg.com
| icloud.com |
2
104.109.70.123
(Netherlands)
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-70-123.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-70-123.deploy.static.akamaitechnologies.com
| www.icloud.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 19 |
id-pt.com
1 redirects
apple.com.id-pt.com |
637 KB |
| 4 |
icloud.com
2 redirects
icloud.com www.icloud.com |
562 B |
| 4 |
untsorce.cool
untsorce.cool |
916 B |
| 2 |
cloudflare.com
cdnjs.cloudflare.com |
25 KB |
| 2 |
apple.com
1 redirects
www.apple.com |
440 B |
| 1 |
apple-cloudkit.com
cdn.apple-cloudkit.com |
46 KB |
| 28 | 6 |
| Domain | Requested by | |
|---|---|---|
| 19 | apple.com.id-pt.com |
1 redirects
apple.com.id-pt.com
|
| 4 | untsorce.cool |
apple.com.id-pt.com
|
| 2 | www.icloud.com |
apple.com.id-pt.com
|
| 2 | icloud.com | 2 redirects |
| 2 | cdnjs.cloudflare.com |
apple.com.id-pt.com
|
| 2 | www.apple.com |
1 redirects
apple.com.id-pt.com
|
| 1 | cdn.apple-cloudkit.com |
apple.com.id-pt.com
|
| 28 | 7 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| iforgot.apple.com |
| www.apple.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.apple.com DigiCert SHA2 Extended Validation Server CA |
2019-10-24 - 2020-10-23 |
a year | crt.sh |
| ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-08-10 - 2020-02-16 |
6 months | crt.sh |
| untsorce.cool Let's Encrypt Authority X3 |
2019-09-13 - 2019-12-12 |
3 months | crt.sh |
| cdn.apple-cloudkit.com DigiCert SHA2 Extended Validation Server CA |
2019-03-21 - 2020-04-01 |
a year | crt.sh |
| www.icloud.com DigiCert SHA2 Extended Validation Server CA |
2019-07-17 - 2020-08-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://apple.com.id-pt.com/icloud/
Frame ID: F5193E044AD196ACDBA4AEE84BF55B33
Requests: 29 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://apple.com.id-pt.com/icloud
HTTP 301
http://apple.com.id-pt.com/icloud/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
animate.css (Web Frameworks) Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://iforgot.apple.com/password/verify/appleid
Title: Esqueceu a senha?
Title: Esqueceu a senha?
Search URL Search Domain Scan URL
URL: https://www.apple.com/br/support/systemstatus/
Title: Status do sistema
Title: Status do sistema
Search URL Search Domain Scan URL
URL: https://www.apple.com/br/privacy/
Title: PolÃtica de Privacidade
Title: PolÃtica de Privacidade
Search URL Search Domain Scan URL
URL: https://www.apple.com/legal/icloud/ww/
Title: Termos e condições
Title: Termos e condições
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://apple.com.id-pt.com/icloud
HTTP 301
http://apple.com.id-pt.com/icloud/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1 HTTP 301
- https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
- http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
- http://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css HTTP 307
- https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css
- https://icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css HTTP 301
- https://www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css
- https://icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css HTTP 301
- https://www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/main.css
28 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
apple.com.id-pt.com/icloud/ Redirect Chain
|
32 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fonts
www.apple.com/wss/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
strap.css
apple.com.id-pt.com/icloud/assets/layout/ |
129 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
apple.css
apple.com.id-pt.com/icloud/assets/layout/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
kit.css
apple.com.id-pt.com/icloud/assets/layout/ |
0 183 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
animate.css
apple.com.id-pt.com/icloud/assets/layout/ |
73 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
alert.css
apple.com.id-pt.com/icloud/assets/layout/ |
2 KB 799 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Redirect Chain
|
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-latest.min.js
apple.com.id-pt.com/icloud/assets/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/ Redirect Chain
|
118 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
apple.com.id-pt.com/icloud/assets/js/ |
35 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
untsorce.cool/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cloudkit.js
cdn.apple-cloudkit.com/ck/2/ |
169 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
untsorce.cool/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
untsorce.cool/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
untsorce.cool/metric/ |
43 B 229 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logonew.png
apple.com.id-pt.com/icloud/assets/img/ |
24 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
find.png
apple.com.id-pt.com/icloud/assets/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pay.png
apple.com.id-pt.com/icloud/assets/img/ |
817 B 1003 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
smart.png
apple.com.id-pt.com/icloud/assets/img/ |
921 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.11.3.min.js
apple.com.id-pt.com/icloud/assets/js/ |
94 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
strap.min.js
apple.com.id-pt.com/icloud/assets/js/ |
35 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
findmyphone.min.js
apple.com.id-pt.com/icloud/assets/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
5 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
www.icloud.com/system/cloudos2/1918Hotfix2/pt-br/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loader.gif
apple.com.id-pt.com/icloud/assets/img/ |
24 KB 24 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
login.png
apple.com.id-pt.com/icloud/assets/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Lato-Light.woff
apple.com.id-pt.com/icloud/assets/font/ |
461 KB 462 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| jQuery111102518144379392875 function| goPass function| goPin object| __CW_PATH_PREFIX object| __CW_BUILD_INFO object| __core-js_shared__ object| CloudKit object| jQuery1113086908355008909790 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apple.com.id-pt.com
cdn.apple-cloudkit.com
cdnjs.cloudflare.com
icloud.com
untsorce.cool
www.apple.com
www.icloud.com
104.109.70.123
104.109.79.28
17.253.144.10
198.54.125.87
23.111.228.4
2606:4700:300a::6813:c397
2a02:26f0:eb:19f::1aca
2c00c7a78a87263a9a40536bd9bc3069971b0793e928fbd363d31dd31b38651c
2ea4bb54ddb799eba0f29f082971369c1a7c59a72dffef0cb72e2824a9dcea2a
369a0e0c4b72678534fb6a6c18cca436df1e5917fd79d56277150319be1d6f3b
49db1b956271ae3809a0cc80ecba86fd37898c41fa44b8fec26c82b25dce994b
5eaf39114729b778185c23f2e3ac67b73f29d13dd455e45d87c80c6baffb5b35
646918918be708913cfd480e8950d329f8309feafb946ad180a124333ec464e3
64ced395b80228cbd84321ac18736034752ad0090adbbc727fe1e25d5055973e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8e18a1714f52e5ccabbf8f414ca260a8deda0d0d5608bdafaaafadac72640826
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
9a61a325508cd509f23cd31043b878957281f0a3603d8e7d40758c4a7c489d5a
a563e2d99961663a935d69b9b9b28fcb46922daf8cf309633d0d627947344f0c
b3d98c4c8aa4055992854cedc838d36b8970d5c1c9030936d206d2dd31f44428
b603577fc677f321a19dcd893327700423cd0071dfdf1cebca8fc91df85f4c00
c382f99f49158456a7b367b9a1a96fe0702e996b2cb5daec67cad7e1b8f5b02c
c47f68f1f27d0d1822b2c9687d6e19462df71bb795264d7439b7d07a52d8390e
ce32707c0d679b8ed56b5dc8c498e1b1667e5b1905b8aeff42151e3f6667d73d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
df41e4e77b47b2268303abca3beacd3c26bfb5e16eac90cb0c47e42403c5e32b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f46ea43e44678e54e4a71db193fad56ad5a38f43e2c53afce46007a2e9558424
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ffa25896ca3b89f47f8616ef32789f474eab5abd3cd5bd73b4848cdeaa8f8a1f