awn-erp.com
Open in
urlscan Pro
2606:4700:3037::ac43:b891
Malicious Activity!
Public Scan
Effective URL: https://awn-erp.com/zablokovan/Apple/icloud/AP/Signin
Submission Tags: falconsandbox
Submission: On August 01 via api from US — Scanned from FR
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 30th 2022. Valid for: a year.
This is the only time awn-erp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Apple (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 15.236.49.214 15.236.49.214 | 16509 (AMAZON-02) (AMAZON-02) | |
3 21 | 2606:4700:303... 2606:4700:3037::ac43:b891 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:401... 2a00:1450:4014:80f::2001 | 15169 (GOOGLE) (GOOGLE) | |
19 | 2 |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-49-214.eu-west-3.compute.amazonaws.com
lc.cx |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
awn-erp.com
3 redirects
awn-erp.com |
171 KB |
1 |
blogspot.com
tafihcss.blogspot.com |
|
1 |
lc.cx
1 redirects
lc.cx |
238 B |
19 | 3 |
Domain | Requested by | |
---|---|---|
21 | awn-erp.com |
3 redirects
awn-erp.com
|
1 | tafihcss.blogspot.com |
awn-erp.com
|
1 | lc.cx | 1 redirects |
19 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-01-30 - 2023-01-29 |
a year | crt.sh |
misc-sni.blogspot.com GTS CA 1C3 |
2022-07-11 - 2022-10-03 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://awn-erp.com/zablokovan/Apple/icloud/AP/Signin
Frame ID: 92C5DCBE0382F1E45B2EB42BEAB76EAE
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Přihlášení - ApplePage URL History Show full URLs
-
https://lc.cx/PKIZt6
HTTP 301
https://awn-erp.com/zablokovan/Apple/icloud/ HTTP 302
https://awn-erp.com/zablokovan/Apple/icloud/AP HTTP 301
https://awn-erp.com/zablokovan/Apple/icloud/AP/ HTTP 302
https://awn-erp.com/zablokovan/Apple/icloud/AP/Signin Page URL
Detected technologies
AngularJS (JavaScript Frameworks) ExpandDetected patterns
- \bangular.{0,32}\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://lc.cx/PKIZt6
HTTP 301
https://awn-erp.com/zablokovan/Apple/icloud/ HTTP 302
https://awn-erp.com/zablokovan/Apple/icloud/AP HTTP 301
https://awn-erp.com/zablokovan/Apple/icloud/AP/ HTTP 302
https://awn-erp.com/zablokovan/Apple/icloud/AP/Signin Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
Signin
awn-erp.com/zablokovan/Apple/icloud/AP/ Redirect Chain
|
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
signin.css
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/ |
285 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
external.css
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/ |
185 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
angular.min.js
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/js/ |
163 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/js/ |
95 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.mask.js
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/js/ |
18 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.validate.min.js
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/js/ |
23 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
tafihcss.blogspot.com/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_large.svg
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/apple/ |
554 B 878 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_large.svg
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/mac/ |
802 B 1019 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_large.svg
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/ipad/ |
1002 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_large.svg
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/iphone/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_large.svg
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/watch/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_large.svg
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/tv/ |
264 B 749 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_large.svg
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/music/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_large.svg
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/support/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_large.svg
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/search/ |
390 B 781 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
image_large.svg
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/bag/ |
416 B 812 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
aosicons_regular.woff
awn-erp.com/zablokovan/Apple/icloud/AP/css-style/ |
5 KB 5 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Apple (Online)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| angular function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
awn-erp.com/ | Name: PHPSESSID Value: fvvu0icp6sbsi97br4p3mpim90 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
awn-erp.com
lc.cx
tafihcss.blogspot.com
15.236.49.214
2606:4700:3037::ac43:b891
2a00:1450:4014:80f::2001
0279b4163ca0d6df05c1f50b63f192da41f82a0c48b6872e8671dec485df6dd7
16e30f5480bc1dd538ad90ab859cda8a78badb4c3e9ddc3dfb5a5b6a358091e4
1a7fdaddbd813f0f3080d54fea097abcf89ce95dbfd05794ef919548a603e92f
1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5
4ad594c17e36f3e9cdd62c3a7465fa502bf056e37c9704a77a8df562cb8a6073
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b91fc5bb8e75d8934f8863cae23c1d81315b00d0936057b9bbe06c7fbee7c42
7e5de7a4d66f85eb27d41d46ccedd8a118c6a4dbb2d06ff30b61a8a7a969be18
81849741dc42d40b8338a222866c5009893103efb5bdc4101d0ae5ca4d6e1375
8b25224a4527ed4efee23b222227fe0f00f1ef2ecfc3a64d0d55f9ba8a77d06b
8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9
a6184c9c55c75d613c2e81f5238d7e436714fab15e116eb29059d22817a90ef2
aab5af31e6e476fbf82eca3e62eb8da21d0e2e2f43dcbad1e412684575ddeca7
ae4671019bd9e7e84501f1bc66df9926cec58d124870e7e531d6ff2d529b54a5
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
d577c9d1bad004bdabb9d0995cec0714e98b76e6053f2765ed09c23de6f328b0
db645e8610c56a69be65cf9cf0ceebbb20bc505f1b91661b1617f8f7f26dbfc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8f864a3893b44258aedeb6260d85723541a9cdb5dc4daf141ccb769214648