icloud.com.login-redirect.info
Open in
urlscan Pro
95.46.8.33
Malicious Activity!
Public Scan
Submission: On May 27 via manual from SG
Summary
This is the only time icloud.com.login-redirect.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 95.46.8.33 95.46.8.33 | 48666 (AS-MAROSN...) (AS-MAROSNET Moscow) | |
4 | 1 |
ASN48666 (AS-MAROSNET Moscow, Russia, RU)
PTR: mol126.com
icloud.com.login-redirect.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
login-redirect.info
icloud.com.login-redirect.info |
121 KB |
4 | 1 |
Domain | Requested by | |
---|---|---|
4 | icloud.com.login-redirect.info |
icloud.com.login-redirect.info
|
4 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://icloud.com.login-redirect.info/
Frame ID: 56059CDD9514F50735D6157B813C5782
Requests: 4 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- headers server /php\/?([\d.]+)?/i
CentOS (Operating Systems) Expand
Detected patterns
- headers server /CentOS/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
icloud.com.login-redirect.info/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apple_logo_web_404.png
icloud.com.login-redirect.info/src/ |
15 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
no_page.png
icloud.com.login-redirect.info/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
HelveticaNeue-Light.woff
icloud.com.login-redirect.info/images/ |
95 KB 95 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
icloud.com.login-redirect.info/ | Name: PHPSESSID Value: a01k00esca2hqc6u3fofo0t673 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
icloud.com.login-redirect.info
95.46.8.33
68f8961abf3e550bda8fd88060303300d68e7ef7a4d5dc5e9ee327218cc3ac69
86eadf037e77ff1b8d5aafa03b7d4a50b9a78716f65995cc54cc73dd39cad3ac
c087bc7670c7a1c89882ffc3734ee11c6eb672447fdbd505e5e2b9aa90a9d0e7
fa5b426f3bb61154bf71f309227fce405475d3aa07fc79c0413e7d73fb7de57b