appleid-appleld.me
Open in
urlscan Pro
172.67.128.212
Malicious Activity!
Public Scan
Submission: On February 19 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by GTS CA 1P5 on December 28th 2023. Valid for: 3 months.
This is the only time appleid-appleld.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
9 | 172.67.128.212 172.67.128.212 | () () | |
1 | 142.250.204.10 142.250.204.10 | 15169 (GOOGLE) (GOOGLE) | |
11 | 3 |
ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f10.1e100.net
ajax.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
appleid-appleld.me
appleid-appleld.me |
837 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 434 |
31 KB |
0 |
google.com
Failed
maps.google.com Failed |
|
11 | 3 |
Domain | Requested by | |
---|---|---|
9 | appleid-appleld.me |
appleid-appleld.me
|
1 | ajax.googleapis.com |
appleid-appleld.me
|
0 | maps.google.com Failed | |
11 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.apple.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
appleid-appleld.me GTS CA 1P5 |
2023-12-28 - 2024-03-27 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://appleid-appleld.me/jc67
Frame ID: 3834F94DA1B002DA5713D7B8EAD62EEE
Requests: 5 HTTP requests in this frame
Frame:
https://appleid-appleld.me/xvdfoc/icl4/code.php
Frame ID: 4E1B72C3D900B9E3C199D6C3B7B9075C
Requests: 6 HTTP requests in this frame
3 Outgoing links
These are links going to different origins than the main page.
Title: System Status
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://appleid-appleld.me/ HTTP 301
- https://appleid-appleld.me/error HTTP 301
- https://appleid-appleld.me/error/ HTTP 301
- https://maps.google.com/
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
jc67
appleid-appleld.me/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authService.latest.min.js
appleid-appleld.me/app/icl/step2/ |
44 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
appleid-appleld.me/app/icl/step2/ |
3 MB 687 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
appleid-appleld.me/app/icl/step2/ |
701 KB 74 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
code.php
appleid-appleld.me/xvdfoc/icl4/ Frame 4E1B |
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
appleid-appleld.me/app/icl/files/ Frame 4E1B |
493 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-loader.gif
appleid-appleld.me/app/icl/files/ Frame 4E1B |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4f72d89d71e9abcc4e37c71fb77fe65b.svg
appleid-appleld.me/app/icl/files/ Frame 4E1B |
8 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 4E1B |
86 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
maps.google.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax-loader.gif
appleid-appleld.me/app/icl/files/ Frame 4E1B |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- maps.google.com
- URL
- https://maps.google.com/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| AppleID object| idmsapis function| __CW_loadBinaries object| __CW_IMG_URLS object| __CW_BLOB_URLS boolean| __CW_BLOBS_READY function| setImmediate function| clearImmediate object| regeneratorRuntime function| applyFocusVisiblePolyfill1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
appleid-appleld.me/ | Name: PHPSESSID Value: 366c9480e6c183db2b730118317ea67d |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
appleid-appleld.me
maps.google.com
maps.google.com
142.250.204.10
172.67.128.212
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1bdc1be137fee4e4827b9f0dd1424ec81ebf0d5ea5ede9874a7eafcbab127b9e
276618038f0474681826eed2cd12fae281387deaba057cee6dea869ecb8d292f
4ee449b83a59cdd3f6f77f76992a653f96a29f6a1876a4d64a27915a1e2ecd6e
637887c20d64107d15a953804d693d5587262aa3a3148bcd2e65eb870b6ec329
951c8e24ff45ebdcc5986b9972076636bd18ad49ca75d1b99ff3dd833317a284
df0187cb2a2556e3791055f783658250d6381cc48fca8d210b1e75bf15a7f232
f47cebf77b4fda75b428b66ffa824767f3c9e18518d2be13713d57567aa34bba
fd458f36d73b7d6434326d18c9229da92384d37303dbdd72fa346597fde23068