recover.apple-site.com Open in urlscan Pro
5.100.155.93  Malicious Activity! Public Scan

URL: http://recover.apple-site.com/
Submission: On November 22 via api from JP — Scanned from GB

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 5.100.155.93, located in London, United Kingdom and belongs to PUBLIC-DOMAIN-REGISTRY, US. The main domain is recover.apple-site.com.
This is the only time recover.apple-site.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

IP Address AS Autonomous System
4 5.100.155.93 394695 (PUBLIC-DO...)
1 2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 96.16.134.158 16625 (AKAMAI-AS)
1 17.157.64.74 714 (APPLE-ENG...)
16 6
Apex Domain
Subdomains
Transfer
4 apple-site.com
recover.apple-site.com
2 MB
3 apple.com
www.apple.com — Cisco Umbrella Rank: 291
idmsa.apple.com — Cisco Umbrella Rank: 20714
460 B
2 icloud.com
www.icloud.com — Cisco Umbrella Rank: 1968
385 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3183
14 KB
16 4
Domain Requested by
4 recover.apple-site.com recover.apple-site.com
2 www.icloud.com recover.apple-site.com
2 www.apple.com 1 redirects recover.apple-site.com
1 idmsa.apple.com recover.apple-site.com
1 appleid.cdn-apple.com recover.apple-site.com
16 5

This site contains links to these domains. Also see Links.

Domain
www.apple.com
Subject Issuer Validity Valid
www.icloud.com
Apple Public EV Server RSA CA 2 - G1
2022-04-19 -
2023-05-19
a year crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1
2022-04-19 -
2023-05-19
a year crt.sh
idmsa.apple.com
Apple IST CA 2 - G1
2022-02-15 -
2023-03-17
a year crt.sh

This page contains 2 frames:

Primary Page: http://recover.apple-site.com/
Frame ID: 0D2A59C0C9293C8328332C5B6FA97B75
Requests: 16 HTTP requests in this frame

Frame: https://idmsa.apple.com/appleauth/auth/authorize/signin?frame_id=auth-6na5d3cu-sak2-1ek6-0gl5-09s0auxn&language=en_US&iframeId=auth-6na5d3cu-sak2-1ek6-0gl5-09s0auxn&client_id=d39ba9916b7251055b22c7f910e2ea796ee65e98b2ddecea8f5dde8d9d1a815d&redirect_uri=https://www.icloud.com&response_type=code&response_mode=web_message&state=auth-6na5d3cu-sak2-1ek6-0gl5-09s0auxn&authVersion=latest
Frame ID: 23314DB2A353D5AEA218EE12665D87B5
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

iCloud

Page Statistics

16
Requests

25 %
HTTPS

40 %
IPv6

4
Domains

5
Subdomains

6
IPs

3
Countries

1936 kB
Transfer

6352 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.apple.com/wss/fonts/?families=SF+Pro,v3 HTTP 301
  • https://www.apple.com/wss/fonts/?families=SF+Pro,v3

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
recover.apple-site.com/
22 KB
9 KB
Document
General
Full URL
http://recover.apple-site.com/
Protocol
HTTP/1.1
Server
5.100.155.93 London, United Kingdom, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
5.100.155-93.publicdomainregistry.com
Software
Apache /
Resource Hash
57bde88ad8928297600abbefba9909e2bd53365b50ac135df4e55dee15524694

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
9164
Content-Type
text/html
Date
Tue, 22 Nov 2022 16:08:36 GMT
Keep-Alive
timeout=5, max=75
Last-Modified
Thu, 17 Nov 2022 14:25:19 GMT
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding
/
www.apple.com/wss/fonts/
Redirect Chain
  • http://www.apple.com/wss/fonts/?families=SF+Pro,v3
  • https://www.apple.com/wss/fonts/?families=SF+Pro,v3
0
0
Stylesheet
General
Full URL
https://www.apple.com/wss/fonts/?families=SF+Pro,v3
Requested by
Host: recover.apple-site.com
URL: http://recover.apple-site.com/
Protocol
H2
Server
2a02:26f0:3500:584::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://recover.apple-site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

Date
Tue, 22 Nov 2022 16:08:37 GMT
strict-transport-security
max-age=31536000
Server
AkamaiGHost
X-Cache
TCP_MISS from a23-36-160-136.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
Location
https://www.apple.com/wss/fonts/?families=SF+Pro,v3
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
0
Expires
Tue, 22 Nov 2022 16:08:37 GMT
sf-pro-display_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v3/
0
0

sf-pro-text_regular.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v3/
0
0

sf-pro-display_semibold.woff2
www.apple.com/wss/fonts/SF-Pro-Display/v3/
0
0

sf-pro-text_semibold.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v3/
0
0

sf-pro-text_light.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v3/
0
0

sf-pro-text_bold.woff2
www.apple.com/wss/fonts/SF-Pro-Text/v3/
0
0

wallpaper.webp
www.icloud.com/system/icloud.com/current/static/
381 KB
382 KB
Image
General
Full URL
https://www.icloud.com/system/icloud.com/current/static/wallpaper.webp
Requested by
Host: recover.apple-site.com
URL: http://recover.apple-site.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::117e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AppleHttpServer/3faf4ee9434b /
Resource Hash
c04cb1875b74e018a2192d6ebe9c0cb78c6ecdf43b39824b34b87ece5095ab30
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://recover.apple-site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
date
Tue, 22 Nov 2022 16:08:37 GMT
server
AppleHttpServer/3faf4ee9434b
etag
"184815712305f434"
content-language
en-us
content-type
image/webp
access-control-expose-headers
X-Apple-Request-UUID,Via
cache-control
public, max-age=300
x-apple-request-uuid
373fcafc-782e-4753-87a7-cfe2f62e36a0
content-version
V1
content-length
390196
authService.latest.min.js
appleid.cdn-apple.com/appleauth/static/jsapi/
44 KB
14 KB
Script
General
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/authService.latest.min.js
Requested by
Host: recover.apple-site.com
URL: http://recover.apple-site.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
637887c20d64107d15a953804d693d5587262aa3a3148bcd2e65eb870b6ec329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://recover.apple-site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 22 Nov 2022 16:08:37 GMT
Last-Modified
Fri, 18 Nov 2022 15:47:42 GMT
Server
Apple
ETag
W/"45564-1668786462584"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800,stale-while-revalidate=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13502
truncated
/
798 B
0
Stylesheet
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d27d70c16ad5e98c5f4b619b5e2be79f27e9b5f4781e87152d3c360881cbb457

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://recover.apple-site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
text/css
main.js
recover.apple-site.com/indexfiles/
5 MB
1 MB
Script
General
Full URL
http://recover.apple-site.com/indexfiles/main.js
Requested by
Host: recover.apple-site.com
URL: http://recover.apple-site.com/
Protocol
HTTP/1.1
Server
5.100.155.93 London, United Kingdom, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
5.100.155-93.publicdomainregistry.com
Software
Apache /
Resource Hash
2c289775288c0b79bd304821c63bf786fd0cc012be7515948ee26e501bb4dc14

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://recover.apple-site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 16:08:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Nov 2022 14:24:29 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
main.css
recover.apple-site.com/indexfiles/
701 KB
137 KB
Stylesheet
General
Full URL
http://recover.apple-site.com/indexfiles/main.css
Requested by
Host: recover.apple-site.com
URL: http://recover.apple-site.com/
Protocol
HTTP/1.1
Server
5.100.155.93 London, United Kingdom, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
5.100.155-93.publicdomainregistry.com
Software
Apache /
Resource Hash
d699768966a5a30fb78f5fc57c77559d28b7d2b231c2cdda150b595abe8a7427

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://recover.apple-site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 16:08:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 16 Nov 2022 22:42:25 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
signin
idmsa.apple.com/appleauth/auth/authorize/ Frame 2331
0
0
Document
General
Full URL
https://idmsa.apple.com/appleauth/auth/authorize/signin?frame_id=auth-6na5d3cu-sak2-1ek6-0gl5-09s0auxn&language=en_US&iframeId=auth-6na5d3cu-sak2-1ek6-0gl5-09s0auxn&client_id=d39ba9916b7251055b22c7f910e2ea796ee65e98b2ddecea8f5dde8d9d1a815d&redirect_uri=https://www.icloud.com&response_type=code&response_mode=web_message&state=auth-6na5d3cu-sak2-1ek6-0gl5-09s0auxn&authVersion=latest
Requested by
Host: recover.apple-site.com
URL: http://recover.apple-site.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
17.157.64.74 , United States, ASN714 (APPLE-ENGINEERING, US),
Reverse DNS
Software
Apple /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' ; child-src blob: ; connect-src 'self' https://webcourier.sandbox.push.apple.com https://xp-qa.apple.com ; font-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; frame-src 'self' https://appleid.apple.com https://gsa.apple.com ; img-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://*.mzstatic.com data: https://*.apple.com ; media-src data: ; object-src 'none' ; script-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; style-src 'unsafe-inline' 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; frame-ancestors 'self' https://www.icloud.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.icloud.com
X-Xss-Protection 1; mode=block

Request headers

Referer
http://recover.apple-site.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Language
en-US-x-lvariant-USA
Content-Security-Policy
default-src 'self' ; child-src blob: ; connect-src 'self' https://webcourier.sandbox.push.apple.com https://xp-qa.apple.com ; font-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; frame-src 'self' https://appleid.apple.com https://gsa.apple.com ; img-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://*.mzstatic.com data: https://*.apple.com ; media-src data: ; object-src 'none' ; script-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; style-src 'unsafe-inline' 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; frame-ancestors 'self' https://www.icloud.com;
Content-Type
text/html;charset=UTF-8
Date
Tue, 22 Nov 2022 16:08:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Referrer-Policy
origin
Server
Apple
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Apple-Auth-Attributes
y1Wufw3KtfOlqRylZWc8pShdsx7NeTzqQ31/+p/DHxHJW15QY5pymlBCU3vXHsIfbReMmjk3la3SystRv5qHRT8mCN16oVnbLKHeXXbfDf/zXNHvmxiUC03GhY24Q4IKrtHl0OrJQ6Fi9Hbu/v1jM2clGcCzgbiS2Wx26OaeT1SFYlkMCKMhkDheOrJ/UrFGYL3tq3xKoDqllRx0FsfLkSh0KjKMWoc80YinSQKZaIWQ+JEVTAzL9M937mXKpzIQrbQACvZs/+MJ4Q==
X-Apple-I-Request-ID
ec7ed86a-6a7f-11ed-b2f5-d9fe9688fe2a
X-BuildVersion
R2_2
X-Content-Type-Options
nosniff
X-FRAME-OPTIONS
ALLOW-FROM https://www.icloud.com
X-XSS-Protection
1; mode=block
scnt
AAAA-kVGMzcwM0JGRURERDNBRkJGNDkyRTY2OTYzQ0Y1MEEwOERCMTZGNjE2MDBDRDE3QzM0QjIzRTQ4OEIwQzNERjc0Njg4MzM3MUVEQjU1RDVDNUU1NzgzMkVDNUJGMUU5OUM4RjdDMTBEODJBQTA0NDQ2MEZERjNDMDMyMTM4NUM0NjIwRUMxNkJDMjE3NDE1RjgxRjVCOEMzNkEwN0ZFRUJCRUI3RUM4RjhDOThEQkE1MzU5RjRCNDk3Rjg5NDc1MTI5OENCOTg4OUZGM0EyREZFNDEzQTIwQ0YxODE4RUM4QTY5NzRBOTg2RTBERDlBRXwxAAABhKAm8t1G9tUJMWSPfRz7QkAVHiysgsOcaMif6isZh_eY6NK_Vb4v9KasexjXAAr2bPkhuVn90DKDubltTTDkuh3Coo2kCWIQ_lqh9O1wiTd1hKn2rQ
vary
accept-encoding
4f72d89d71e9abcc4e37c71fb77fe65b.svg
www.icloud.com/system/icloud.com/2302Hotfix226/es-es/
8 KB
2 KB
Image
General
Full URL
https://www.icloud.com/system/icloud.com/2302Hotfix226/es-es/4f72d89d71e9abcc4e37c71fb77fe65b.svg
Requested by
Host: recover.apple-site.com
URL: http://recover.apple-site.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:892::117e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AppleHttpServer/3faf4ee9434b /
Resource Hash
276618038f0474681826eed2cd12fae281387deaba057cee6dea869ecb8d292f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://recover.apple-site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
content-security-policy
base-uri 'none'; default-src 'none'; form-action 'none'; frame-ancestors 'none'
date
Tue, 22 Nov 2022 16:08:37 GMT
content-version
V1
content-length
1756
server
AppleHttpServer/3faf4ee9434b
etag
"184815c07b86dc"
vary
accept-encoding
content-language
en-us
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
X-Apple-Request-UUID,Via
cache-control
public, max-age=1209600
x-apple-request-uuid
93686911-5f91-47aa-9768-e0427bfd3fef
content-location
/system/icloud.com/2302Hotfix226/es-es/4f72d89d71e9abcc4e37c71fb77fe65b.svg.brotli
images@1x.bin
recover.apple-site.com/system/icloud.com/2302Hotfix226/ca-es/
583 B
653 B
XHR
General
Full URL
http://recover.apple-site.com/system/icloud.com/2302Hotfix226/ca-es/images@1x.bin
Requested by
Host: recover.apple-site.com
URL: http://recover.apple-site.com/indexfiles/main.js
Protocol
HTTP/1.1
Server
5.100.155.93 London, United Kingdom, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
5.100.155-93.publicdomainregistry.com
Software
Apache /
Resource Hash
0b41f69e6564b9c89b1b344744c5b06eb4adc0e584028909286d2b936e1afed5

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://recover.apple-site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 22 Nov 2022 16:08:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 25 Feb 2021 16:16:47 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
Content-Length
358
8b639ee5-9ba6-45b5-9198-4cf4c252effb
http://recover.apple-site.com/
576 B
576 B
Image
General
Full URL
blob:http://recover.apple-site.com/8b639ee5-9ba6-45b5-9198-4cf4c252effb
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://recover.apple-site.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
576

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.apple.com
URL
http://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_regular.woff2
Domain
www.apple.com
URL
http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_regular.woff2
Domain
www.apple.com
URL
http://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_semibold.woff2
Domain
www.apple.com
URL
http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_semibold.woff2
Domain
www.apple.com
URL
http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_light.woff2
Domain
www.apple.com
URL
http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_bold.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __CW_PATH_PREFIX object| __CW_BUILD_INFO object| AppleID object| idmsapis string| __earlyClientId object| __earlyValidationPromise function| __CW_loadBinaries object| __CW_IMG_URLS object| __CW_BLOB_URLS boolean| __CW_BLOBS_READY function| setImmediate function| clearImmediate object| regeneratorRuntime function| applyFocusVisiblePolyfill

0 Cookies

22 Console Messages

Source Level URL
Text
javascript error URL: http://recover.apple-site.com/
Message:
Access to font at 'http://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_regular.woff2' from origin 'http://recover.apple-site.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://recover.apple-site.com/
Message:
Access to font at 'http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_regular.woff2' from origin 'http://recover.apple-site.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_regular.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://recover.apple-site.com/
Message:
Access to font at 'http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_semibold.woff2' from origin 'http://recover.apple-site.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_semibold.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://recover.apple-site.com/
Message:
Access to font at 'http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_light.woff2' from origin 'http://recover.apple-site.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_light.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://recover.apple-site.com/
Message:
Access to font at 'http://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_semibold.woff2' from origin 'http://recover.apple-site.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_semibold.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://recover.apple-site.com/
Message:
Access to font at 'http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_bold.woff2' from origin 'http://recover.apple-site.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_bold.woff2
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://www.apple.com/wss/fonts/?families=SF+Pro,v3
Message:
Failed to load resource: the server responded with a status of 404 ()
security error
Message:
Refused to frame 'https://idmsa.apple.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' https://www.icloud.com".
network error URL: http://recover.apple-site.com/system/icloud.com/2302Hotfix226/ca-es/images@1x.bin
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: http://recover.apple-site.com/
Message:
The resource http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_semibold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://recover.apple-site.com/
Message:
The resource http://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_semibold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://recover.apple-site.com/
Message:
The resource http://www.apple.com/wss/fonts/SF-Pro-Display/v3/sf-pro-display_regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://recover.apple-site.com/
Message:
The resource http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_bold.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://recover.apple-site.com/
Message:
The resource http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_regular.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://recover.apple-site.com/
Message:
The resource https://www.icloud.com/system/icloud.com/current/static/wallpaper.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: http://recover.apple-site.com/
Message:
The resource http://www.apple.com/wss/fonts/SF-Pro-Text/v3/sf-pro-text_light.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.