appleid-apple.appleitunesapplesignin.com Open in urlscan Pro
94.103.91.219 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://appleid-apple.appleitunesapplesignin.com/
Submission: On October 24 via api (October 24th 2022, 6:29:14 pm UTC) from JP — Scanned from JP

Summary HTTP 18 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 94.103.91.219, located in Kremenki, Russian Federation and belongs to VDSINA-AS, RU. The main domain is appleid-apple.appleitunesapplesignin.com.
TLS certificate: Issued by R3 on October 24th 2022. Valid for: 3 months.

This is the only time appleid-apple.appleitunesapplesignin.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
3 18	94.103.91.219 94.103.91.219	48282 (VDSINA-AS) (VDSINA-AS)
3 3	2404:6800:400... 2404:6800:4004:825::200e	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:813::2004	15169 (GOOGLE) (GOOGLE)
18	3

18 94.103.91.219 (Kremenki, Russian Federation) 3 redirects

ASN48282 (VDSINA-AS, RU)
PTR: host-94-103-91-219.hosted-by-vdsina.ru

appleid-apple.appleitunesapplesignin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.appleitunesapplesignin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
appleid-cdn-apple.appleitunesapplesignin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:825::200e (Australia) 3 redirects

ASN15169 (GOOGLE, US)

google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:813::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	appleitunesapplesignin.com 3 redirects appleid-apple.appleitunesapplesignin.com www.appleitunesapplesignin.com appleid-cdn-apple.appleitunesapplesignin.com	3 MB
6	google.com 3 redirects google.com — Cisco Umbrella Rank: 1 www.google.com — Cisco Umbrella Rank: 2	422 B
18	2

	Domain	Requested by
12	appleid-cdn-apple.appleitunesapplesignin.com	appleid-apple.appleitunesapplesignin.com appleid-cdn-apple.appleitunesapplesignin.com
3	www.google.com	appleid-apple.appleitunesapplesignin.com
3	google.com	3 redirects
3	www.appleitunesapplesignin.com	3 redirects
3	appleid-apple.appleitunesapplesignin.com	appleid-cdn-apple.appleitunesapplesignin.com
18	5

This site contains links to these domains. Also see Links.

Domain
www.appleitunesapplesignin.com
support.apple.com
locate.apple.com

Subject Issuer	Validity	Valid
appleitunesapplesignin.com R3	`2022-10-24` - `2023-01-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://appleid-apple.appleitunesapplesignin.com/
Frame ID: 728EA78521BFDE8FF271ED365572CB1C
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Manage your Apple ID

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Bag

Page Statistics

18
Requests

83 %
HTTPS

67 %
IPv6

2
Domains

5
Subdomains

3
IPs

2
Countries

3483 kB
Transfer

3989 kB
Size

5
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.appleitunesapplesignin.com/
Title: Apple

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/us/shop/goto/bag
Title: Shopping Bag

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/us/search
Title: Search apple.com Cancel

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/us/shop/goto/store
Title: Store

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/mac/
Title: Mac

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/ipad/
Title: iPad

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/iphone/
Title: iPhone

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/watch/
Title: Watch

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/airpods/
Title: AirPods

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/tv-home/
Title: TV & Home

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/services/
Title: Only on Apple

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/us/shop/goto/buy_accessories
Title: Accessories

Search URL Search Domain Scan URL

URL: https://support.apple.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/retail/
Title: Find an Apple Store

Search URL Search Domain Scan URL

URL: https://locate.apple.com/
Title: other retailer

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/legal/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/legal/internet-services/terms/site.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/us/shop/goto/help/sales_refunds
Title: Sales and Refunds

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/legal/
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.appleitunesapplesignin.com/sitemap/
Title: Site Map

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.appleitunesapplesignin.com/wss/fonts?families=SF+Pro,v3|SF+Pro+Icons,v3 HTTP 302
https://google.com/ HTTP 301
https://www.google.com/

Request Chain 1

https://www.appleitunesapplesignin.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css HTTP 302
https://google.com/ HTTP 301
https://www.google.com/

Request Chain 2

https://www.appleitunesapplesignin.com/ac/globalfooter/7/en_US/styles/ac-globalfooter.built.css HTTP 302
https://google.com/ HTTP 301
https://www.google.com/

18 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200	Primary Request / Show response appleid-apple.appleitunesapplesignin.com/	124 KB 126 KB	1520ms 970ms	Document text/html	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-apple.appleitunesapplesignin.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `eadfdee59365fcc63c8e8185ae59f29339109efc1adfb9c8b7552783a8e5ced5` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Cache-Control no-cache no-store Connection close Content-Language en-US-x-lvariant-USA Content-Type text/html;charset=UTF-8 Date Mon, 24 Oct 2022 18:29:04 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Host appleid-apple.appleitunesapplesignin.com Pragma no-cache Referrer-Policy origin Scnt AAAA-jYzNDE3QkE5QzJEM0IwODYyRThDQTVBQjUyMjY1MzAzNUE3NjIyNDQ0QzQ1RTc4MTRFQjRGRTczM0Q5QTg2NkM0N0E2Rjk1OEVBNzVGNjMxRDFGRTI4M0QyMzVDQjFGNUY1NzU5Rjc5ODQ1RjYyN0U3NzJFQjA4NzdDN0M4QzExRDNFMENBMTgyRTk3NUMxRDFDOEI1QjE4RjBERUE4NkRDNkI1RDJDOEZERTNBRDkyNDcxOTVBRThDNDE0MDM0Njk4OEFBRjRFRTVDRDM0RUUwRDNFMDQyOUQ0MkYzQUQ1N0U5QUMyMzk1RDNDRDEzOXwxAAABhAtPQB8Q1TECpSLS7DAiYAQhkBf6JpvARbUzynL_d6xBzDQBJYXRDOGiNKFkABdE8ogArnRlRk1To6Zpyazqb7bgRUFhxzTYxmQwK_0zU9TuGDxZag Server Apple Transfer-Encoding chunked Vary accept-encoding X-Apple-I-Request-Id bcd300a3-53c9-11ed-94ec-a79631abcb51 X-Buildversion R1_2
GET H2	200	/ www.google.com/ Redirect Chain https://www.appleitunesapplesignin.com/wss/fonts?families=SF+Pro,v3\|SF+Pro+Icons,v3 https://google.com/ https://www.google.com/	0 0	161ms 111ms	Stylesheet text/html	2404:6800:4004:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: appleid-apple.appleitunesapplesignin.com URL: https://appleid-apple.appleitunesapplesignin.com/ Protocol H2 Server 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Redirect headers bfcache-opt-in unload date Mon, 24 Oct 2022 18:29:05 GMT server gws x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://www.google.com/ cache-control public, max-age=2592000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 220 x-xss-protection 0 expires Wed, 23 Nov 2022 18:29:05 GMT
GET H2	200	/ www.google.com/ Redirect Chain https://www.appleitunesapplesignin.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css https://google.com/ https://www.google.com/	0 0	267ms 267ms	Stylesheet text/html	2404:6800:4004:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: appleid-apple.appleitunesapplesignin.com URL: https://appleid-apple.appleitunesapplesignin.com/ Protocol H2 Server 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Redirect headers bfcache-opt-in unload date Mon, 24 Oct 2022 18:29:05 GMT server gws x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://www.google.com/ cache-control public, max-age=2592000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 220 x-xss-protection 0 expires Wed, 23 Nov 2022 18:29:05 GMT
GET H2	200	/ www.google.com/ Redirect Chain https://www.appleitunesapplesignin.com/ac/globalfooter/7/en_US/styles/ac-globalfooter.built.css https://google.com/ https://www.google.com/	0 0	168ms 165ms	Stylesheet text/html	2404:6800:4004:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/ Requested by Host: appleid-apple.appleitunesapplesignin.com URL: https://appleid-apple.appleitunesapplesignin.com/ Protocol H2 Server 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Redirect headers bfcache-opt-in unload date Mon, 24 Oct 2022 18:29:05 GMT server gws x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://www.google.com/ cache-control public, max-age=2592000 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 220 x-xss-protection 0 expires Wed, 23 Nov 2022 18:29:05 GMT
GET H/1.1	200 OK	common-header.js Show response appleid-cdn-apple.appleitunesapplesignin.com/static/jsj/N1303632466/	44 KB 44 KB	1345ms 672ms	Script application/javascript	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/static/jsj/N1303632466/common-header.js Requested by Host: appleid-apple.appleitunesapplesignin.com URL: https://appleid-apple.appleitunesapplesignin.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `b5a9bf072ade217ab958474521d73134e7c3520e2fb56722a8bf555769dbff72` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:05 GMT Last-Modified Mon, 26 Sep 2022 23:16:08 GMT Server Apple Host appleid-apple.appleitunesapplesignin.com Etag W/"45018-1664234168000" Transfer-Encoding chunked Vary accept-encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid-apple.appleitunesapplesignin.com Cache-Control public, max-age=2592000 Access-Control-Allow-Credentials true Connection close Accept-Ranges bytes
GET H/1.1	200 OK	authService.latest.min.js Show response appleid-cdn-apple.appleitunesapplesignin.com/appleauth/static/jsapi/	45 KB 45 KB	1098ms 305ms	Script application/javascript	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/appleauth/static/jsapi/authService.latest.min.js Requested by Host: appleid-apple.appleitunesapplesignin.com URL: https://appleid-apple.appleitunesapplesignin.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `dba83a169d6dcdcfd6f434548081489fa06a2fb96886665924abc266c59a83a0` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:05 GMT Last-Modified Tue, 18 Oct 2022 20:58:36 GMT Server Apple Etag W/"45564-1666126716853" Transfer-Encoding chunked Vary accept-encoding Content-Type application/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=1800,stale-while-revalidate=1800 Connection close Accept-Ranges bytes
GET H/1.1	200 OK	home-74bfcb65bcb543e98047.css appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/	710 KB 711 KB	770ms 348ms	Stylesheet text/css	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/home-74bfcb65bcb543e98047.css Requested by Host: appleid-apple.appleitunesapplesignin.com URL: https://appleid-apple.appleitunesapplesignin.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `e792160860256ff4ace44d5834e527118f2ca6a72b1bf0f124c05543d8a2c756` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:05 GMT Last-Modified Tue, 18 Oct 2022 05:26:48 GMT Server Apple Host appleid-apple.appleitunesapplesignin.com Etag W/"726907-1666070808000" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin https://appleid-apple.appleitunesapplesignin.com Cache-Control public, max-age=2592000 Access-Control-Allow-Credentials true Connection close Accept-Ranges bytes
GET H/1.1	200 OK	runtime-dcd46a16fbf29006029a.js Show response appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/	4 KB 5 KB	604ms 312ms	Script application/javascript	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/runtime-dcd46a16fbf29006029a.js Requested by Host: appleid-apple.appleitunesapplesignin.com URL: https://appleid-apple.appleitunesapplesignin.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `f05529706cf4b9d72bb812ccd70945813202f8077fdefc14de84b43377dff2ed` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:05 GMT Last-Modified Tue, 18 Oct 2022 05:26:48 GMT Server Apple Host appleid-apple.appleitunesapplesignin.com Etag W/"4447-1666070808000" Transfer-Encoding chunked Vary accept-encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid-apple.appleitunesapplesignin.com Cache-Control public, max-age=2592000 Access-Control-Allow-Credentials true Connection close Accept-Ranges bytes
GET H/1.1	200 OK	react-redux-kit-943919b2afa6eb55130f.js Show response appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/	167 KB 168 KB	935ms 375ms	Script application/javascript	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/react-redux-kit-943919b2afa6eb55130f.js Requested by Host: appleid-apple.appleitunesapplesignin.com URL: https://appleid-apple.appleitunesapplesignin.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `7baeb3a6bffdf472b5affd5bc6e31a598a7c357ea40d119324bbc6ce376b7413` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:05 GMT Last-Modified Mon, 26 Sep 2022 23:11:26 GMT Server Apple Host appleid-apple.appleitunesapplesignin.com Etag W/"171357-1664233886000" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid-apple.appleitunesapplesignin.com Cache-Control public, max-age=2592000 Access-Control-Allow-Credentials true Connection close Accept-Ranges bytes
GET H/1.1	200 OK	home-297e36c6961e49393979.js Show response appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/	834 KB 835 KB	1282ms 718ms	Script application/javascript	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/home-297e36c6961e49393979.js Requested by Host: appleid-apple.appleitunesapplesignin.com URL: https://appleid-apple.appleitunesapplesignin.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `c8314bf75abd1ca43db91d79b86a08259c7e7ec3a0de9a4cdbb73bd70e39b2ba` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:05 GMT Last-Modified Tue, 18 Oct 2022 05:26:48 GMT Server Apple Host appleid-apple.appleitunesapplesignin.com Etag W/"854139-1666070808000" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid-apple.appleitunesapplesignin.com Cache-Control public, max-age=2592000 Access-Control-Allow-Credentials true Connection close Accept-Ranges bytes
GET H/1.1	200 OK	263-4f9a0cf2820870acb890.js Show response appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/	66 KB 66 KB	1139ms 603ms	Script application/javascript	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/263-4f9a0cf2820870acb890.js Requested by Host: appleid-cdn-apple.appleitunesapplesignin.com URL: https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/runtime-dcd46a16fbf29006029a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `4112559c8eca17ef382e333407e2b3c6ee9fb9d73b5fa63c65a1356adbb7c9fa` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:09 GMT Last-Modified Tue, 18 Oct 2022 05:26:48 GMT Server Apple Host appleid-apple.appleitunesapplesignin.com Etag W/"67302-1666070808000" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid-apple.appleitunesapplesignin.com Cache-Control public, max-age=2592000 Access-Control-Allow-Credentials true Connection close Accept-Ranges bytes
GET H/1.1	200 OK	78-b1ce7e924e41ab3814e3.js Show response appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/	323 KB 323 KB	1174ms 636ms	Script application/javascript	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/78-b1ce7e924e41ab3814e3.js Requested by Host: appleid-cdn-apple.appleitunesapplesignin.com URL: https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/runtime-dcd46a16fbf29006029a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `7d86941e9260ae24a1ac06366003f5af22664436bb6612f9551eccf50b236d51` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:09 GMT Last-Modified Thu, 06 Oct 2022 16:12:25 GMT Server Apple Host appleid-apple.appleitunesapplesignin.com Etag W/"330354-1665072745234" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid-apple.appleitunesapplesignin.com Cache-Control public, max-age=2592000 Access-Control-Allow-Credentials true Connection close Accept-Ranges bytes
GET H/1.1	200 OK	757-e34657c34c16d8815536.css appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/	87 KB 88 KB	825ms 297ms	Stylesheet text/css	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/757-e34657c34c16d8815536.css Requested by Host: appleid-cdn-apple.appleitunesapplesignin.com URL: https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/runtime-dcd46a16fbf29006029a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `5084061483f23a3bc4a574da4a9316b7db07bcd37c3a7e8042326ed1e1135d8f` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:09 GMT Last-Modified Tue, 18 Oct 2022 05:26:48 GMT Server Apple Host appleid-apple.appleitunesapplesignin.com Etag W/"89415-1666070808000" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin https://appleid-apple.appleitunesapplesignin.com Cache-Control public, max-age=2592000 Access-Control-Allow-Credentials true Connection close Accept-Ranges bytes
GET H/1.1	200 OK	757-05fbe59f42ca2e41f362.js Show response appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/	115 KB 116 KB	1212ms 649ms	Script application/javascript	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/757-05fbe59f42ca2e41f362.js Requested by Host: appleid-cdn-apple.appleitunesapplesignin.com URL: https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/runtime-dcd46a16fbf29006029a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `08f3ce5f53757fdc9011e7ff02bb5762af43f4d70cdcbd33f5826c8dba360431` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:09 GMT Last-Modified Tue, 18 Oct 2022 05:26:48 GMT Server Apple Host appleid-apple.appleitunesapplesignin.com Etag W/"118033-1666070808000" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid-apple.appleitunesapplesignin.com Cache-Control public, max-age=2592000 Access-Control-Allow-Credentials true Connection close Accept-Ranges bytes
GET H/1.1	200 OK	WebApp-03d2d506104af95e9403.css appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/	218 KB 218 KB	835ms 305ms	Stylesheet text/css	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/WebApp-03d2d506104af95e9403.css Requested by Host: appleid-cdn-apple.appleitunesapplesignin.com URL: https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/runtime-dcd46a16fbf29006029a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `6f7e1e97c89aed7a829354d3ec4d89d4ac710edb4f1e104a33351dde37478657` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:09 GMT Last-Modified Wed, 05 Oct 2022 18:22:21 GMT Server Apple Host appleid-apple.appleitunesapplesignin.com Etag W/"222855-1664994141000" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin https://appleid-apple.appleitunesapplesignin.com Cache-Control public, max-age=2592000 Access-Control-Allow-Credentials true Connection close Accept-Ranges bytes
GET H/1.1	200 OK	WebApp-c6305c1a141e7623288b.js Show response appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/	735 KB 736 KB	1059ms 494ms	Script application/javascript	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/WebApp-c6305c1a141e7623288b.js Requested by Host: appleid-cdn-apple.appleitunesapplesignin.com URL: https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/runtime-dcd46a16fbf29006029a.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `154328d7407a0c175f26742d7f8033cc89b3e901d8c6b2b211f79ef04bed342a` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Mon, 24 Oct 2022 18:29:09 GMT Last-Modified Tue, 18 Oct 2022 05:26:48 GMT Server Apple Host appleid-apple.appleitunesapplesignin.com Etag W/"753081-1666070808000" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid-apple.appleitunesapplesignin.com Cache-Control public, max-age=2592000 Access-Control-Allow-Credentials true Connection close Accept-Ranges bytes
GET H/1.1	200	portal Show response appleid-apple.appleitunesapplesignin.com/bootstrap/	377 B 1 KB	762ms 761ms	XHR application/json	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-apple.appleitunesapplesignin.com/bootstrap/portal Requested by Host: appleid-cdn-apple.appleitunesapplesignin.com URL: https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/home-297e36c6961e49393979.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `d8e8c2fd7a861c5e8abb250057a53243483d8baddf5feb66bfd64351c546de4f` Request headers X-Apple-I-FD-Client-Info {"U":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36","L":"en-US","Z":"GMT+00:00","V":"1.1","F":"Fla44j1e3NlY5BNlY5BSmHACVZXnN9...8.JEK7KMN.S9RdPQSzOy_Aw7UTlWY5ev20NI_0DK1dLvkEpSbwEMrgNNlY5BNp55BNlan0Os5Apw.1K0"} X-Apple-I-Request-Context ca accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Content-Type application/json Accept application/json, text/plain, / Referer https://appleid-apple.appleitunesapplesignin.com/ X-Apple-I-TimeZone Etc/Unknown Response headers Pragma no-cache Date Mon, 24 Oct 2022 18:29:08 GMT X-Apple-I-Request-Id bf8ddb1a-53c9-11ed-a313-b335dbf59861 Referrer-Policy origin Server Apple Host appleid-apple.appleitunesapplesignin.com Transfer-Encoding chunked Vary accept-encoding Content-Type application/json;charset=UTF-8 Cache-Control no-cache, no-store Connection close X-Buildversion R1_2 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	401	token Show response appleid-apple.appleitunesapplesignin.com/account/manage/gs/ws/	0 1 KB	1164ms 631ms	XHR text/plain	94.103.91.219 VDSINA-AS
General Check archive.org Show headers Download Go to Full URL https://appleid-apple.appleitunesapplesignin.com/account/manage/gs/ws/token Requested by Host: appleid-cdn-apple.appleitunesapplesignin.com URL: https://appleid-cdn-apple.appleitunesapplesignin.com/static/module-assets/home-297e36c6961e49393979.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU), Reverse DNS host-94-103-91-219.hosted-by-vdsina.ru Software Apple / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers X-Apple-I-FD-Client-Info {"U":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36","L":"en-US","Z":"GMT+00:00","V":"1.1","F":"Fla44j1e3NlY5BNlY5BSmHACVZXnN9...8.JEOEMfSV0odm_dhrxbuJjkWxv55BOfgB4WDJ3tJ9_Qj.zKqUkxjTlWY5BNlYJNNlY5QB4bVNjMk.C7B"} X-Apple-I-Request-Context ca accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Content-Type application/json Accept application/json, text/plain, / Referer https://appleid-apple.appleitunesapplesignin.com/ X-Apple-I-TimeZone Etc/Unknown Response headers Pragma no-cache Date Mon, 24 Oct 2022 18:29:10 GMT X-Apple-I-Request-Id c07e5582-53c9-11ed-abf9-1754909ab7c4 Referrer-Policy origin Scnt AAAA-jYzNDE3QkE5QzJEM0IwODYyRThDQTVBQjUyMjY1MzAzNUE3NjIyNDQ0QzQ1RTc4MTRFQjRGRTczM0Q5QTg2NkM0N0E2Rjk1OEVBNzVGNjMxRDFGRTI4M0QyMzVDQjFGNUY1NzU5Rjc5ODQ1RjYyN0U3NzJFQjA4NzdDN0M4QzExRDNFMENBMTgyRTk3NUMxRDFDOEI1QjE4RjBERUE4NkRDNkI1RDJDOEZERTNBRDkyNDcxOTVBRThDNDE0MDM0Njk4OEFBRjRFRTVDRDM0RUUwRDNFMDQyOUQ0MkYzQUQ1N0U5QUMyMzk1RDNDRDEzOXwyAAABhAtPWF_BecQz7rgHNC6K3W1AEsRP4GT3dpgyajK1XZRGnJ4XQ3tujLal_AtIABdPY39nw7658Rk4fjvtHeTLt7hFmlq8l1NBQ3IdlC4Dc_hO_aocdw Server Apple Transfer-Encoding chunked Vary accept-encoding Cache-Control no-cache, no-store Connection close X-Buildversion R1_2 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET DATA	200 OK	truncated /	516 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5d2270dd987043f011aa4fd9b5b710f371716ae41f073a7080208a5c7f09632a` Request headers accept-language jp-JP,jp;q=0.9 Referer https://appleid-apple.appleitunesapplesignin.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.appleid-apple.appleitunesapplesignin.com/	1969-12-31 23:59:59	Name: idclient Value: web
.appleitunesapplesignin.com/	1969-12-31 23:59:59	Name: dslang Value: US-EN
.appleitunesapplesignin.com/	1969-12-31 23:59:59	Name: site Value: USA
.appleid-apple.appleitunesapplesignin.com/	1969-12-31 23:59:59	Name: aidsp Value: 63417BA9C2D3B0862E8CA5AB522653035A7622444C45E7814EB4FE733D9A866C47A6F958EA75F631D1FE283D235CB1F5F5759F79845F627E772EB0877C7C8C11D3E0CA182E975C1D1C8B5B18F0DEA86DC6B5D2C8FDE3AD9247195AE8C4140346988AAF4EE5CD34EE0D3E0429D42F3AD57E9AC2395D3CD139
.google.com/	1970-01-20 11:20:47	Name: NID Value: 511=Dz1DXp3bb_O0cOaZfU0r8LWVSa0siJx0345I7y1VsjPZmB0kxWuaBMPiq1beCfl7XYqMIkeG3LY67RAzbjBnevH910bSIei9k0ckmiHQmpu87bwXplfKKM-Qd9AcsvGnpx1GQO2Cx98oJstdUBbiv4ZknugJqkdgj9FQv-vLNeM

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://appleid-apple.appleitunesapplesignin.com/account/manage/gs/ws/token Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appleid-apple.appleitunesapplesignin.com
appleid-cdn-apple.appleitunesapplesignin.com
google.com
www.appleitunesapplesignin.com
www.google.com
2404:6800:4004:813::2004
2404:6800:4004:825::200e
94.103.91.219
08f3ce5f53757fdc9011e7ff02bb5762af43f4d70cdcbd33f5826c8dba360431
154328d7407a0c175f26742d7f8033cc89b3e901d8c6b2b211f79ef04bed342a
4112559c8eca17ef382e333407e2b3c6ee9fb9d73b5fa63c65a1356adbb7c9fa
5084061483f23a3bc4a574da4a9316b7db07bcd37c3a7e8042326ed1e1135d8f
5d2270dd987043f011aa4fd9b5b710f371716ae41f073a7080208a5c7f09632a
6f7e1e97c89aed7a829354d3ec4d89d4ac710edb4f1e104a33351dde37478657
7baeb3a6bffdf472b5affd5bc6e31a598a7c357ea40d119324bbc6ce376b7413
7d86941e9260ae24a1ac06366003f5af22664436bb6612f9551eccf50b236d51
b5a9bf072ade217ab958474521d73134e7c3520e2fb56722a8bf555769dbff72
c8314bf75abd1ca43db91d79b86a08259c7e7ec3a0de9a4cdbb73bd70e39b2ba
d8e8c2fd7a861c5e8abb250057a53243483d8baddf5feb66bfd64351c546de4f
dba83a169d6dcdcfd6f434548081489fa06a2fb96886665924abc266c59a83a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e792160860256ff4ace44d5834e527118f2ca6a72b1bf0f124c05543d8a2c756
eadfdee59365fcc63c8e8185ae59f29339109efc1adfb9c8b7552783a8e5ced5
f05529706cf4b9d72bb812ccd70945813202f8077fdefc14de84b43377dff2ed

appleid-apple.appleitunesapplesignin.com Open in urlscan Pro 94.103.91.219 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

83 %HTTPS

67 %IPv6

2 Domains

5 Subdomains

3 IPs

2 Countries

3483 kBTransfer

3989 kBSize

5 Cookies

20 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

20 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

appleid-apple.appleitunesapplesignin.com Open in urlscan Pro
94.103.91.219 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

83 %
HTTPS

67 %
IPv6

2
Domains

5
Subdomains

3
IPs

2
Countries

3483 kB
Transfer

3989 kB
Size

5
Cookies

18 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!