appleid.secure.login.universitytoronto.net
Open in
urlscan Pro
167.99.225.8
Malicious Activity!
Public Scan
Effective URL: https://appleid.secure.login.universitytoronto.net/
Submission Tags: phishingcatcher certstream Search All
Submission: On October 28 via api from CH
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 28th 2020. Valid for: 3 months.
This is the only time appleid.secure.login.universitytoronto.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 15 | 167.99.225.8 167.99.225.8 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
15 | 2a02:26f0:6c0... 2a02:26f0:6c00:19b::1aca | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 17.32.194.7 17.32.194.7 | 714 (APPLE-ENG...) (APPLE-ENGINEERING) | |
32 | 4 |
ASN14061 (DIGITALOCEAN-ASN, US)
appleid.secure.login.universitytoronto.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
apple.com
www.apple.com idmsa.apple.com |
67 KB |
15 |
universitytoronto.net
1 redirects
appleid.secure.login.universitytoronto.net |
2 MB |
32 | 2 |
Domain | Requested by | |
---|---|---|
15 | www.apple.com |
appleid.secure.login.universitytoronto.net
www.apple.com |
15 | appleid.secure.login.universitytoronto.net |
1 redirects
appleid.secure.login.universitytoronto.net
|
1 | idmsa.apple.com |
appleid.secure.login.universitytoronto.net
|
32 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.apple.com |
support.apple.com |
iforgot.apple.com |
locate.apple.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.secure.login.universitytoronto.net Let's Encrypt Authority X3 |
2020-10-28 - 2021-01-26 |
3 months | crt.sh |
www.apple.com DigiCert SHA2 Extended Validation Server CA-3 |
2020-10-07 - 2021-10-08 |
a year | crt.sh |
idmsa.apple.com Apple IST CA 2 - G1 |
2020-01-31 - 2021-03-01 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://appleid.secure.login.universitytoronto.net/
Frame ID: 63E41B701389ECEAB2A73F734C909741
Requests: 31 HTTP requests in this frame
Frame:
https://idmsa.apple.com/appleauth/auth/authorize/signin?frame_id=aid-a7c0a6e5-773e-48dc-9705-c6b551166cbe&language=en_US&iframeId=aid-a7c0a6e5-773e-48dc-9705-c6b551166cbe&client_id=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&redirect_uri=https://appleid.secure.login.universitytoronto.net&response_type=code&response_mode=web_message&state=7fd04c26-3c98-4c28-80eb-31978eae6586&rv=1
Frame ID: 4288B9F622AE4B4195D71F274CAE0C66
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://appleid.secure.login.universitytoronto.net/
HTTP 302
https://appleid.secure.login.universitytoronto.net/ Page URL
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: Apple
Search URL Search Domain Scan URL
Title: Shopping Bag
Search URL Search Domain Scan URL
Title: Search apple.com Cancel
Search URL Search Domain Scan URL
Title: Mac
Search URL Search Domain Scan URL
Title: iPad
Search URL Search Domain Scan URL
Title: iPhone
Search URL Search Domain Scan URL
Title: Watch
Search URL Search Domain Scan URL
Title: TV
Search URL Search Domain Scan URL
Title: Music
Search URL Search Domain Scan URL
Title: Support
Search URL Search Domain Scan URL
Title: Forgot Apple ID or password? Opens in a new window.
Search URL Search Domain Scan URL
Title: Find an Apple Store
Search URL Search Domain Scan URL
Title: other retailer
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Sales and Refunds
Search URL Search Domain Scan URL
Title: Legal
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://appleid.secure.login.universitytoronto.net/
HTTP 302
https://appleid.secure.login.universitytoronto.net/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
appleid.secure.login.universitytoronto.net/ Redirect Chain
|
241 KB 243 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts
www.apple.com/wss/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-eyebrow.css
appleid.secure.login.universitytoronto.net/static/cssj/N1712104727/landing/web/ |
376 KB 376 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac-globalnav.built.css
www.apple.com/ac/globalnav/5/en_US/styles/ |
100 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac-globalfooter.built.css
www.apple.com/ac/globalfooter/5/en_US/styles/ |
44 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common-header.js
appleid.secure.login.universitytoronto.net/static/jsj/716211053/ |
23 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authService.latest.min.js
appleid.secure.login.universitytoronto.net/appleauth/static/jsapi/ |
43 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
initFormStyle.js
appleid.secure.login.universitytoronto.net/static/jsj/1305823937/boot/ |
314 B 846 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
initBootData.js
appleid.secure.login.universitytoronto.net/static/jsj/1978403235/boot/ |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authInitOptions.js
appleid.secure.login.universitytoronto.net/static/jsj/1920325159/web/boot/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
initLocalizationStrings.js
appleid.secure.login.universitytoronto.net/static/jsj/331042498/boot/ |
578 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
appleid.secure.login.universitytoronto.net/static/jsj/N825549234/landing/web/ |
749 KB 749 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac-globalnav.built.js
www.apple.com/ac/globalnav/5/en_US/scripts/ |
134 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ac-globalfooter.built.js
www.apple.com/ac/globalfooter/6/en_US/scripts/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
green-check.png
appleid.secure.login.universitytoronto.net/static/bin/cb782083621/dist/assets/images/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alert_icon.png
appleid.secure.login.universitytoronto.net/static/bin/cb2442680439/dist/assets/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clock.png
appleid.secure.login.universitytoronto.net/static/bin/cb4028851068/dist/assets/images/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_large.svg
www.apple.com/ac/globalnav/5/en_US/images/globalnav/apple/ |
554 B 880 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_large.svg
www.apple.com/ac/globalnav/5/en_US/images/globalnav/links/mac/ |
802 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_large.svg
www.apple.com/ac/globalnav/5/en_US/images/globalnav/links/ipad/ |
1002 B 892 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_large.svg
www.apple.com/ac/globalnav/5/en_US/images/globalnav/links/iphone/ |
1 KB 934 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_large.svg
www.apple.com/ac/globalnav/5/en_US/images/globalnav/links/watch/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_large.svg
www.apple.com/ac/globalnav/5/en_US/images/globalnav/links/tv/ |
264 B 585 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_large.svg
www.apple.com/ac/globalnav/5/en_US/images/globalnav/links/music/ |
1 KB 939 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_large.svg
www.apple.com/ac/globalnav/5/en_US/images/globalnav/links/support/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_large.svg
www.apple.com/ac/globalnav/5/en_US/images/globalnav/search/ |
707 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
image_large.svg
www.apple.com/ac/globalnav/5/en_US/images/globalnav/bag/ |
718 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apple_id_desktop_2x.jpg
appleid.secure.login.universitytoronto.net/static/bin/cb2381643449/dist/assets/ |
442 KB 443 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app_icons@2x.png
appleid.secure.login.universitytoronto.net/static/bin/cb2444952294/dist/assets/ |
29 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
appleicons_text.woff
www.apple.com/ac/globalfooter/5/en_US/assets/ac-footer/legacy/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
appleicons_text.ttf
www.apple.com/ac/globalfooter/5/en_US/assets/ac-footer/legacy/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
signin
idmsa.apple.com/appleauth/auth/authorize/ Frame 4288 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.apple.com
- URL
- https://www.apple.com/ac/globalfooter/5/en_US/assets/ac-footer/legacy/appleicons_text.woff
- Domain
- www.apple.com
- URL
- https://www.apple.com/ac/globalfooter/5/en_US/assets/ac-footer/legacy/appleicons_text.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)46 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| html5 object| Modernizr object| Detectizr object| AppleID function| nonPmrpcWorker function| nonPmrpcSharedWorker object| idmsapis string| formStyle object| idms object| bootArgs object| bootData function| getBootArgsVal function| setBootDataValue function| useIfExists object| authInit function| formSubmit function| setWidgetConatinerHeight function| setUIForRepair boolean| isFirstPartyOAuth boolean| isEnableOIDCGrantCode object| locMessageStrings object| locManager object| localizationStrings object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ object| regeneratorRuntime function| $ function| jQuery object| can function| Mustache object| AC0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
appleid.secure.login.universitytoronto.net
idmsa.apple.com
www.apple.com
www.apple.com
167.99.225.8
17.32.194.7
2a02:26f0:6c00:19b::1aca
0722eeaa10a70434d2d68f09ccbeeed14e550a36357dee0ccc13de5e927e24df
144da382154b140a4585b1b7121835220406400c4f66def2b7f10863ff7bca62
16e30f5480bc1dd538ad90ab859cda8a78badb4c3e9ddc3dfb5a5b6a358091e4
1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5
21ae9bcc91b85123b67752fc3d443e73e6b0a0af1350d3fbe4144f941b5d0b7c
2aee971442460cb00c8c7412dff4519ccf7206946312f534dfc363f3b1d11a7c
2f1cd57b13f6da9ea0610baa24c660ed5ae99bec708acd0c263b2fbd0cb2e59d
4209a6165a7b44b64f4a2b7bae04d1eac5367dcb03e823d9836bdaddfac5491a
49d691ba4aaf31d45ca5ab51a05399ae2c630df77d639785d6346bc3f84498bc
55d6ac2539697216eee4cb7e49a5b15690acc092f774a6dd372159c7d644dfa5
81849741dc42d40b8338a222866c5009893103efb5bdc4101d0ae5ca4d6e1375
8b25224a4527ed4efee23b222227fe0f00f1ef2ecfc3a64d0d55f9ba8a77d06b
8e743265af12582065cb564bc0fcbf6b391fbc749eea733eef98e188fbb837d5
95d20f4778660c38ec9ca629cfcb38e2c231432a88111562d90c56b3e73ea6c3
9e8dccd49921b1515f80b599ae69b01e95f620fcf92de93c91d1835c6da02aea
a6184c9c55c75d613c2e81f5238d7e436714fab15e116eb29059d22817a90ef2
ac140211743dbd2a6a68294577390bd40299a4d2e5b63d3b1be884730a95d7f8
b01fae05968b515dea45be29c362793e1c1bd0b0c0b7dca64e542b2a568b6d29
b3652edfa17ac1dab0a0e1e25263c4c250c414610323f1ada4990f111b57349b
cb58dd8d610ca310a1651f5245828221dbbe8e5db8657dcd6cd480a395e19867
d577c9d1bad004bdabb9d0995cec0714e98b76e6053f2765ed09c23de6f328b0
db645e8610c56a69be65cf9cf0ceebbb20bc505f1b91661b1617f8f7f26dbfc9
e3e8f864a3893b44258aedeb6260d85723541a9cdb5dc4daf141ccb769214648
e972e0dbab9f565f18639e7336f6640a1cfbac370aa4262421c3dd18b58f9b22
eaa048615231faa8cfc35e0e2677cffdad48b59ff7b58cfd3ac111695af073a1
f1cd98822be46341b217b662db5cf71af58e176b471250d3099b1370dcce57fa
f333583122ed934d40241d4f3ce2561f7b70881434522e7d25308cac2058a1c9
fc1dc5451975ee2e3cca010f0c398ef6a940d5b2d48c9ae57e83022ff9b3e52f