www.apple.com.zorfid.cn
Open in
urlscan Pro
116.89.240.48
Malicious Activity!
Public Scan
Effective URL: https://www.apple.com.zorfid.cn/vazf8klmskngiun96gee.asp?vazf8klmskngiun96gee
Submission: On April 02 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by TrustAsia TLS RSA CA on April 2nd 2020. Valid for: a year.
This is the only time www.apple.com.zorfid.cn was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 16 | 116.89.240.48 116.89.240.48 | 137443 (ANCHGLOBA...) (ANCHGLOBAL-AS-AP Anchnet Asia Limited) | |
1 | 23.36.232.119 23.36.232.119 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
16 | 3 |
ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK)
www.apple.com.zorfid.cn |
ASN16625 (AKAMAI-AS, US)
PTR: a23-36-232-119.deploy.static.akamaitechnologies.com
www.icloud.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
zorfid.cn
2 redirects
www.apple.com.zorfid.cn |
366 KB |
1 |
icloud.com
www.icloud.com |
|
16 | 2 |
Domain | Requested by | |
---|---|---|
16 | www.apple.com.zorfid.cn |
2 redirects
www.apple.com.zorfid.cn
|
1 | www.icloud.com |
www.apple.com.zorfid.cn
|
16 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
iforgot.apple.com |
www.apple.com |
www.apple.com.cn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.apple.com.zorfid.cn TrustAsia TLS RSA CA |
2020-04-02 - 2021-04-03 |
a year | crt.sh |
www.icloud.com DigiCert SHA2 Extended Validation Server CA |
2019-07-17 - 2020-08-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.apple.com.zorfid.cn/vazf8klmskngiun96gee.asp?vazf8klmskngiun96gee
Frame ID: EA24DE03D5B9BFAFF1935E0548B1AAA9
Requests: 16 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.apple.com.zorfid.cn/ Page URL
-
https://www.apple.com.zorfid.cn/zh
HTTP 301
https://www.apple.com.zorfid.cn/zh/ Page URL
-
https://www.apple.com.zorfid.cn/index_dnacn.asp
HTTP 302
https://www.apple.com.zorfid.cn/vazf8klmskngiun96gee.asp?vazf8klmskngiun96gee Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: 忘记了 Apple ID 或密码?
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: 系统状态
Search URL Search Domain Scan URL
Title: 隐私政策
Search URL Search Domain Scan URL
Title: 条款与条件
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.apple.com.zorfid.cn/ Page URL
-
https://www.apple.com.zorfid.cn/zh
HTTP 301
https://www.apple.com.zorfid.cn/zh/ Page URL
-
https://www.apple.com.zorfid.cn/index_dnacn.asp
HTTP 302
https://www.apple.com.zorfid.cn/vazf8klmskngiun96gee.asp?vazf8klmskngiun96gee Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://www.apple.com.zorfid.cn/zh HTTP 301
- https://www.apple.com.zorfid.cn/zh/
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
/
www.apple.com.zorfid.cn/ |
1 KB 894 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
www.apple.com.zorfid.cn/zh/ Redirect Chain
|
1 KB 904 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
vazf8klmskngiun96gee.asp
www.apple.com.zorfid.cn/ Redirect Chain
|
47 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wzwstylel.css
www.apple.com.zorfid.cn/Content/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wzwbbb.css
www.apple.com.zorfid.cn/Content/css/ |
863 B 729 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
www.apple.com.zorfid.cn/Content/css/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.3.min.js
www.apple.com.zorfid.cn/Content/Scripts/ |
94 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wzwbg.png
www.apple.com.zorfid.cn/Content/img/ |
211 KB 211 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.apple.com.zorfid.cn/Content/img/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
packed-1.png
www.apple.com.zorfid.cn/Content/img/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stylesheet-1.png
www.apple.com.zorfid.cn/Content/img/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wzwan.png
www.apple.com.zorfid.cn/Content/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sf-pro-text_regular.woff2
www.apple.com.zorfid.cn/Content/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HR_gradient_light.png
www.apple.com.zorfid.cn/Content/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sf-pro-text_regular.woff
www.icloud.com/wss/fonts/SF-Pro-Text/v1/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sf-pro-text_regular.ttf
www.icloud.com/wss/fonts/SF-Pro-Text/v1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.icloud.com
- URL
- https://www.icloud.com/wss/fonts/SF-Pro-Text/v1/sf-pro-text_regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| XOR object| STR function| performPage string| strHTML function| $ function| jQuery function| myCheckbox function| checkform function| changesignin1 function| changesignin2 function| showpassword function| showloading2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.apple.com.zorfid.cn/ | Name: password Value: default |
|
www.apple.com.zorfid.cn/ | Name: ASPSESSIONIDCWRQTBBT Value: BPFJPNMCNOKPGPEEGMALJKGE |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.apple.com.zorfid.cn
www.icloud.com
www.icloud.com
116.89.240.48
23.36.232.119
104f0f6b1697cb2b43671be9337e78b517550693c8bd4f85b2ba146126e43b3f
3a3214b501fe041d89edfae0ac654c684556aadaf2865f330bb8c3e194379bff
4101dce7d362b99dd6871cbd9bd68b5bcc6307236367f7125791ffeb64d61795
45d2c7a323518ebf73dad8742ef8622b70cdb766a11e5b6fdec0c664ca00b7d5
4b6dd2f5058afb571c10ebfda119e9d6283a77998b2b84785bdbfe38e3f3b18a
5f2e1ff82606b620ba956f23570281305159f08dc1eb098492f7432c5d59959a
6a19361b652e193a0acc2bbcda4a47ec51c23650647355d298637dd40edc3d5a
6db4617f96beeac4b2b37bc7aaa8b9a3de6d5007483936f1729c5c90068741f2
910c60cd70ae62be03bc24940418f8a5f23db875272096e977b75c00ac159c32
b08baceee8b4f4cd11c5c067c15382ec1f98c631985fa2638b11a866456ea374
b3d98c4c8aa4055992854cedc838d36b8970d5c1c9030936d206d2dd31f44428
c386c766bde56cb556e10b5e81d075235220c43de2e6f398adc2ef4e98c83acf
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8