urlscan.io logo urlscan.io
SecurityTrails logo

appleid.xivxc.com Open in urlscan Pro
45.144.225.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://eid.xivxb.com/
Effective URL: https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104
Submission Tags: phishing malicious Search All
Submission: On April 05 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 45.144.225.153, located in Los Angeles, United States and belongs to SERVERION-AS Serverion B.V., NL. The main domain is appleid.xivxc.com.
TLS certificate: Issued by R3 on April 4th 2021. Valid for: 3 months.
This is the only time appleid.xivxc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 7 45.144.225.153 213035 (SERVERION...)
1 104.111.228.123 16625 (AKAMAI-AS)
5 2
Apex Domain
Subdomains		 Transfer
6 xivxc.com
appleid.xivxc.com
14 KB
1 paypalobjects.com
www.paypalobjects.com
2 KB
1 xivxb.com
eid.xivxb.com
249 B
5 3
Domain Requested by
6 appleid.xivxc.com 2 redirects appleid.xivxc.com
1 www.paypalobjects.com appleid.xivxc.com
1 eid.xivxb.com 1 redirects
5 3

This site contains no links.

Subject Issuer Validity Valid
appleid.xivxc.com
R3		 2021-04-04 -
2021-07-03		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-01-13 -
2022-01-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104
Frame ID: 6D3CB89E674429B2C4554DFFF0DC5F33
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://eid.xivxb.com/ HTTP 302
    https://appleid.xivxc.com/apple HTTP 301
    https://appleid.xivxc.com/apple/ HTTP 302
    https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

16 kB
Transfer

56 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://eid.xivxb.com/ HTTP 302
    https://appleid.xivxc.com/apple HTTP 301
    https://appleid.xivxc.com/apple/ HTTP 302
    https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request do.php
appleid.xivxc.com/apple/
Redirect Chain
  • http://eid.xivxb.com/
  • https://appleid.xivxc.com/apple
  • https://appleid.xivxc.com/apple/
  • https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.144.225.153 Los Angeles, United States, ASN213035 (SERVERION-AS Serverion B.V., NL),
Reverse DNS
abc.abc
Software
Apache/2.4.25 (Debian) /
Resource Hash
fb9dd67bf55f46ba2fdb90c5f55ff31ad2879374c18496da14030e165005521b

Request headers

Host
appleid.xivxc.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Apr 2021 02:44:30 GMT
Server
Apache/2.4.25 (Debian)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1399
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 05 Apr 2021 02:44:30 GMT
Server
Apache/2.4.25 (Debian)
Location
do.php?cmd=access&idx=13552104
Content-Length
4
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
v.js
appleid.xivxc.com/apple/files/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.xivxc.com/apple/files/v.js
Requested by
Host: appleid.xivxc.com
URL: https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.144.225.153 Los Angeles, United States, ASN213035 (SERVERION-AS Serverion B.V., NL),
Reverse DNS
abc.abc
Software
Apache/2.4.25 (Debian) /
Resource Hash
0cca8e3229f9e7d6f463ae4339a87dc393694106fbf1cc65e0bbc0ae9ba5d9a1

Request headers

Referer
https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Apr 2021 02:44:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Apr 2021 11:23:03 GMT
Server
Apache/2.4.25 (Debian)
ETag
"2e85-5bf23cdee914e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2455
app.css
appleid.xivxc.com/apple/files/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://appleid.xivxc.com/apple/files/app.css
Requested by
Host: appleid.xivxc.com
URL: https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.144.225.153 Los Angeles, United States, ASN213035 (SERVERION-AS Serverion B.V., NL),
Reverse DNS
abc.abc
Software
Apache/2.4.25 (Debian) /
Resource Hash
c80a4919eff47e1aa81213e5ef9d1a2946a8c34397ef9776a1d59348fdf1ffdb

Request headers

Referer
https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Apr 2021 02:44:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Apr 2021 13:24:15 GMT
Server
Apache/2.4.25 (Debian)
ETag
"8e9f-5bf257f6749e9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
7196
modernizr-2.js
appleid.xivxc.com/apple/files/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.xivxc.com/apple/files/modernizr-2.js
Requested by
Host: appleid.xivxc.com
URL: https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.144.225.153 Los Angeles, United States, ASN213035 (SERVERION-AS Serverion B.V., NL),
Reverse DNS
abc.abc
Software
Apache/2.4.25 (Debian) /
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Request headers

Referer
https://appleid.xivxc.com/apple/do.php?cmd=access&idx=13552104
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Apr 2021 02:44:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 04 Apr 2021 11:23:03 GMT
Server
Apache/2.4.25 (Debian)
ETag
"edf-5bf23cdee914e-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1788
icon_alert_sprite-2x.png
www.paypalobjects.com/images/shared/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/images/shared/icon_alert_sprite-2x.png
Requested by
Host: appleid.xivxc.com
URL: https://appleid.xivxc.com/apple/files/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0e4951bb03015d48eb23cb3e09251e663f473992156c1a90aa4b38f81d886904
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://appleid.xivxc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 02:44:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 28 Mar 2021 02:32:50 GMT
server
Akamai Image Manager
etag
"TNX5Bf8Yx7Zdm/Z1zC+tfpC8dfxHt5AdLQhtv+daqjc"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
private, no-transform, max-age=43200
content-length
1850
expires
Mon, 05 Apr 2021 14:44:30 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| Validator function| set_addnl_vfunction function| clear_all_validations function| form_submit_handler function| add_validation function| ValidationDesc function| vdesc_validate function| ValidationSet function| add_validationdesc function| vset_validate function| validateEmailv2 function| mod10 function| V2validateData object| html5 object| Modernizr object| frmvalidator

0 Cookies