appleid-appleld.me Open in urlscan Pro
172.67.128.212  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

• https://appleid-appleld.me/ HTTP 301
• https://appleid-appleld.me/error HTTP 301
• https://appleid-appleld.me/error/ HTTP 301
• https://maps.google.com/

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request jc67 Show response appleid-appleld.me/	13 KB 4 KB	3709ms 3326ms	Document text/html	172.67.128.212
General Check archive.org Show headers Download Go to Full URL https://appleid-appleld.me/jc67 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.128.212 , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash f47cebf77b4fda75b428b66ffa824767f3c9e18518d2be13713d57567aa34bba Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 857cefdafdd2aafc-SYD content-encoding br content-type text/html; charset=utf-8 date Mon, 19 Feb 2024 07:53:38 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P0dglhDDSNn9B%2BuZ7btjn7Wyi%2B%2BtUeC3L7KNhJpYMsWDpHLgXHvrRGYnsIdgUp5I740TDCc2S4td1wJ4bisSrRyfTcJjoUbO01nv%2BoAaZpu66xJvQyUR9xNQ3yR4NNa1zAEZ1I%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	authService.latest.min.js Show response appleid-appleld.me/app/icl/step2/	44 KB 14 KB	862ms 861ms	Script text/javascript	172.67.128.212
General Check archive.org Show headers Download Go to Full URL https://appleid-appleld.me/app/icl/step2/authService.latest.min.js Requested by Host: appleid-appleld.me URL: https://appleid-appleld.me/jc67 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.128.212 , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash 637887c20d64107d15a953804d693d5587262aa3a3148bcd2e65eb870b6ec329 Request headers accept-language en-AU,en;q=0.9 Referer https://appleid-appleld.me/jc67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 07:53:39 GMT content-encoding br cf-cache-status MISS last-modified Wed, 16 Nov 2022 02:56:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A324jOEETfahWOosryHyI87ZM%2F9yD27uR5u755DrN7DD2HI9hwQUkwIz5u%2FJtQao5NigPhHM87MUDcpwbBN091jywQLEtbLQSVvmpjv9wIN9YsKTHOl3DK%2B4SnwfEWaDR67UqmU%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 x-turbo-charged-by LiteSpeed cf-ray 857cefefc8e8aafc-SYD alt-svc h3=":443"; ma=86400
GET H2	200	main.js Show response appleid-appleld.me/app/icl/step2/	3 MB 687 KB	1464ms 1463ms	Script text/javascript	172.67.128.212
General Check archive.org Show headers Download Go to Full URL https://appleid-appleld.me/app/icl/step2/main.js Requested by Host: appleid-appleld.me URL: https://appleid-appleld.me/jc67 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.128.212 , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash 1bdc1be137fee4e4827b9f0dd1424ec81ebf0d5ea5ede9874a7eafcbab127b9e Request headers accept-language en-AU,en;q=0.9 Referer https://appleid-appleld.me/jc67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 07:53:39 GMT content-encoding br cf-cache-status MISS last-modified Fri, 15 Dec 2023 00:00:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wN4YIoCBHFL3ha6QN1KhoV4FusmznqmipP4DnPn8YCFovnN3A%2BIFkiV5QNr9SVEnAcY7qEMTNOXpz8UZ4mMCXJBhPUWFxNQy2c0duii%2B05RClYbx3ObvJRfK3pv8%2BAmU4MdeFHE%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 x-turbo-charged-by LiteSpeed cf-ray 857cefefc8e9aafc-SYD alt-svc h3=":443"; ma=86400
GET H2	200	main.css appleid-appleld.me/app/icl/step2/	701 KB 74 KB	1149ms 1149ms	Stylesheet text/css	172.67.128.212
General Check archive.org Show headers Download Go to Full URL https://appleid-appleld.me/app/icl/step2/main.css Requested by Host: appleid-appleld.me URL: https://appleid-appleld.me/jc67 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.128.212 , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash 4ee449b83a59cdd3f6f77f76992a653f96a29f6a1876a4d64a27915a1e2ecd6e Request headers accept-language en-AU,en;q=0.9 Referer https://appleid-appleld.me/jc67 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 07:53:39 GMT content-encoding br cf-cache-status MISS last-modified Thu, 14 Dec 2023 11:40:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbul%2B%2BlzoSAz%2F7zeXChLA28%2F5zT3fej83pMuei0Qfy2eUp8WNvjku9Uk81LAdF76ou0I9IFfJmJ9GdfIl%2FCp0N%2BcsJBLFa1KKmaUI%2FIEOunbgAkHkVO3uuWw%2FlR2lYprNDDvA5E%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 857cefefc8e6aafc-SYD alt-svc h3=":443"; ma=86400 expires Mon, 26 Feb 2024 07:53:38 GMT
GET H2	200	code.php Show response appleid-appleld.me/xvdfoc/icl4/ Frame 4E1B	11 KB 3 KB	308ms 308ms	Document text/html	172.67.128.212
General Check archive.org Show headers Download Go to Full URL https://appleid-appleld.me/xvdfoc/icl4/code.php Requested by Host: appleid-appleld.me URL: https://appleid-appleld.me/jc67 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.128.212 , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash 951c8e24ff45ebdcc5986b9972076636bd18ad49ca75d1b99ff3dd833317a284 Request headers Referer https://appleid-appleld.me/jc67 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 857ceff728d4aafc-SYD content-encoding br content-type text/html; charset=UTF-8 date Mon, 19 Feb 2024 07:53:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uc09ZplFeXyyKzrFwBZnvdkfi1eantGaqZV3V9%2FLQ6BbxsFZ4PYurtj55wNFbF0IhAcm2bG1qcnFY5BKQsB3C1jBijPvbwu9mUM3kJO0JbH3d%2FbNIOcdwyfbKktndKMr0%2B%2FQIs0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	app.css appleid-appleld.me/app/icl/files/ Frame 4E1B	493 KB 46 KB	1277ms 1276ms	Stylesheet text/css	172.67.128.212
General Check archive.org Show headers Download Go to Full URL https://appleid-appleld.me/app/icl/files/app.css Requested by Host: appleid-appleld.me URL: https://appleid-appleld.me/xvdfoc/icl4/code.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.128.212 , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash df0187cb2a2556e3791055f783658250d6381cc48fca8d210b1e75bf15a7f232 Request headers accept-language en-AU,en;q=0.9 Referer https://appleid-appleld.me/xvdfoc/icl4/code.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 07:53:41 GMT content-encoding br cf-cache-status MISS last-modified Sun, 10 Dec 2023 23:06:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9LyztnmsPVnmguU4v3tN9hfgGYtv%2BqwtbXOHKRw50qlXUZCwEhDnQMkXRA0387OxtlItWWENDQ4bgjHr4Bcceg%2BV0XFojRgm4R3Wbo75uVNVw6yJVcCcF7ZUGjCd9TfkR0HKik%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 857ceff92ac7aafc-SYD alt-svc h3=":443"; ma=86400 expires Mon, 26 Feb 2024 07:53:40 GMT
GET H2	200	ajax-loader.gif appleid-appleld.me/app/icl/files/ Frame 4E1B	4 KB 4 KB	642ms 641ms	Image image/gif	172.67.128.212
General Check archive.org Show headers Download Go to Show image Full URL https://appleid-appleld.me/app/icl/files/ajax-loader.gif Requested by Host: appleid-appleld.me URL: https://appleid-appleld.me/xvdfoc/icl4/code.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.128.212 , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash fd458f36d73b7d6434326d18c9229da92384d37303dbdd72fa346597fde23068 Request headers accept-language en-AU,en;q=0.9 Referer https://appleid-appleld.me/xvdfoc/icl4/code.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 07:53:40 GMT cf-cache-status MISS last-modified Wed, 02 Aug 2023 19:54:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fc9LVvZYlpp%2FCCkNjX61GO1zRiCtrbidUTmeJ8ArQ%2B1c8Hv1MX9NsJNu2MJt0AUyxTBVtKWdSztpgfhaCbmROx0tgz8fiJNF08GPngiDAR9GchBuCp7zJal4jWGRlnwvBjnUak0%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 857ceff92ac9aafc-SYD alt-svc h3=":443"; ma=86400 content-length 3783 expires Mon, 26 Feb 2024 07:53:40 GMT
GET H2	200	4f72d89d71e9abcc4e37c71fb77fe65b.svg appleid-appleld.me/app/icl/files/ Frame 4E1B	8 KB 2 KB	635ms 634ms	Image image/svg+xml	172.67.128.212
General Check archive.org Show headers Download Go to Show image Full URL https://appleid-appleld.me/app/icl/files/4f72d89d71e9abcc4e37c71fb77fe65b.svg Requested by Host: appleid-appleld.me URL: https://appleid-appleld.me/xvdfoc/icl4/code.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.128.212 , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash 276618038f0474681826eed2cd12fae281387deaba057cee6dea869ecb8d292f Request headers accept-language en-AU,en;q=0.9 Referer https://appleid-appleld.me/xvdfoc/icl4/code.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 07:53:40 GMT content-encoding br cf-cache-status MISS last-modified Thu, 30 Nov 2023 01:04:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnSHq%2FK0whm%2BtYAceirAquhgt9jDWCJ1BCOi7DoPxuqYeT3XTPIv8QsN02%2F952UigZUGh7qhrU348r3xipfsqdW%2Fre%2BLItcOpgjyrTvAoCzZYq0kiv8IFf8476zvdYN9LdQYPYw%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 857ceff92acbaafc-SYD alt-svc h3=":443"; ma=86400 expires Mon, 26 Feb 2024 07:53:40 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame 4E1B	86 KB 31 KB	796ms 2ms	Script text/javascript	142.250.204.10 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: appleid-appleld.me URL: https://appleid-appleld.me/xvdfoc/icl4/code.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.10 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f10.1e100.net Software sffe / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://appleid-appleld.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Fri, 16 Feb 2024 07:52:46 GMT content-encoding gzip x-content-type-options nosniff age 259255 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30774 x-xss-protection 0 last-modified Mon, 13 May 2019 14:37:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 15 Feb 2025 07:52:46 GMT
GET		/ maps.google.com/ Redirect Chain https://appleid-appleld.me/ https://appleid-appleld.me/error https://appleid-appleld.me/error/ https://maps.google.com/	0 0
GET H2	200	ajax-loader.gif appleid-appleld.me/app/icl/files/ Frame 4E1B	4 KB 4 KB	9ms 9ms	Image image/gif	172.67.128.212
General Check archive.org Show headers Download Go to Show image Full URL https://appleid-appleld.me/app/icl/files/ajax-loader.gif Requested by Host: appleid-appleld.me URL: https://appleid-appleld.me/xvdfoc/icl4/code.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.128.212 , United States, ASN (), Reverse DNS Software cloudflare / Resource Hash fd458f36d73b7d6434326d18c9229da92384d37303dbdd72fa346597fde23068 Request headers accept-language en-AU,en;q=0.9 Referer https://appleid-appleld.me/xvdfoc/icl4/code.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Mon, 19 Feb 2024 07:53:41 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1 alt-svc h3=":443"; ma=86400 content-length 3783 last-modified Wed, 02 Aug 2023 19:54:56 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v977KTEm%2BFdadNtHiZWqjNhRnRNJxy93PrriXCbQHan3fRsiRe6pAsmpgmm61ylPg49iw6uqscfMSGoErNurtQilqruDnK0741K2FEJgC886rgG0u0yZbdfwQIcwo2vuZKuak0%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 857cf001398daafc-SYD expires Mon, 26 Feb 2024 07:53:40 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

maps.google.com

URL

https://maps.google.com/

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| AppleID object| idmsapis function| __CW_loadBinaries object| __CW_IMG_URLS object| __CW_BLOB_URLS boolean| __CW_BLOBS_READY function| setImmediate function| clearImmediate object| regeneratorRuntime function| applyFocusVisiblePolyfill

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			appleid-appleld.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 366c9480e6c183db2b730118317ea67d

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://appleid-appleld.me/jc67 Message: Access to XMLHttpRequest at 'https://maps.google.com/' (redirected from 'https://appleid-appleld.me/') from origin 'https://appleid-appleld.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://maps.google.com/ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
appleid-appleld.me
maps.google.com
maps.google.com
142.250.204.10
172.67.128.212
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1bdc1be137fee4e4827b9f0dd1424ec81ebf0d5ea5ede9874a7eafcbab127b9e
276618038f0474681826eed2cd12fae281387deaba057cee6dea869ecb8d292f
4ee449b83a59cdd3f6f77f76992a653f96a29f6a1876a4d64a27915a1e2ecd6e
637887c20d64107d15a953804d693d5587262aa3a3148bcd2e65eb870b6ec329
951c8e24ff45ebdcc5986b9972076636bd18ad49ca75d1b99ff3dd833317a284
df0187cb2a2556e3791055f783658250d6381cc48fca8d210b1e75bf15a7f232
f47cebf77b4fda75b428b66ffa824767f3c9e18518d2be13713d57567aa34bba
fd458f36d73b7d6434326d18c9229da92384d37303dbdd72fa346597fde23068