flyt.it Open in urlscan Pro
23.99.65.65 Malicious Activity! Public Scan

URL:
http://flyt.it/Twelvefour
Submission: On July 15 via manual (July 15th 2017, 3:33:30 am UTC) from US

Summary HTTP 62 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 62 HTTP transactions. The main IP is 23.99.65.65, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is flyt.it.

This is the only time flyt.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	23.99.65.65 23.99.65.65	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a03:2880:f02... 2a03:2880:f029:16:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	95.100.60.71 95.100.60.71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	2a02:26f0:eb:... 2a02:26f0:eb:18a::1aca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:122... 2a02:26f0:122:386::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	2.20.215.99 2.20.215.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:122... 2a02:26f0:122:38d::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2a02:26f0:eb:... 2a02:26f0:eb:18e::1aca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:122... 2a02:26f0:122:391::1aca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	17.139.246.7 17.139.246.7	714 (APPLE-ENG...) (APPLE-ENGINEERING - Apple Inc.)
62	13

1 23.99.65.65 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: waws-prod-bay-013.cloudapp.net

flyt.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra15s29-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f029:16:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.60.71 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-100-60-71.deploy.akamaitechnologies.com

itunes.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:eb:18a::1aca (European Union)

ASN20940 (AKAMAI-ASN1, US)

www.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:122:386::2a1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

web-experience.itunes.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2.20.215.99 (European Union)

ASN20940 (AKAMAI-ASN1, US)

is5-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is4-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is1-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is2-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is3-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:122:38d::2a1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

web-experience.itunes.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:26f0:eb:18e::1aca (European Union)

ASN20940 (AKAMAI-ASN1, US)

www.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:122:391::1aca (European Union)

ASN20940 (AKAMAI-ASN1, US)

images.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 17.139.246.7 (Cupertino, United States)

ASN714 (APPLE-ENGINEERING - Apple Inc., US)

xp.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	apple.com itunes.apple.com Failed www.apple.com web-experience.itunes.apple.com images.apple.com xp.apple.com	1 MB
18	mzstatic.com is5-ssl.mzstatic.com is4-ssl.mzstatic.com is1-ssl.mzstatic.com is2-ssl.mzstatic.com is3-ssl.mzstatic.com	107 KB
2	facebook.net connect.facebook.net	20 KB
1	facebook.com www.facebook.com	53 B
1	googleadservices.com www.googleadservices.com	5 KB
1	flyt.it flyt.it	2 KB
0	doubleclick.net Failed bid.g.doubleclick.net Failed
0	google.de Failed www.google.de Failed
62	8

	Domain	Requested by
24	www.apple.com	itunes.apple.com
9	web-experience.itunes.apple.com	itunes.apple.com
7	is1-ssl.mzstatic.com	itunes.apple.com
5	is5-ssl.mzstatic.com	itunes.apple.com
4	is2-ssl.mzstatic.com	itunes.apple.com
2	connect.facebook.net	flyt.it
1	xp.apple.com	web-experience.itunes.apple.com
1	images.apple.com	itunes.apple.com
1	is3-ssl.mzstatic.com	itunes.apple.com
1	is4-ssl.mzstatic.com	itunes.apple.com
1	itunes.apple.com
1	www.facebook.com	flyt.it
1	www.googleadservices.com	flyt.it
1	flyt.it
0	bid.g.doubleclick.net Failed	www.googleadservices.com
0	www.google.de Failed	flyt.it
62	16

This site contains links to these domains. Also see Links.

Domain
www.apple.com
support.apple.com
locate.apple.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2016-12-09` - `2018-01-25`	a year	crt.sh
itunes.apple.com Symantec Class 3 EV SSL CA - G3	`2017-06-16` - `2018-04-20`	10 months	crt.sh
www.apple.com Symantec Class 3 EV SSL CA - G3	`2017-02-06` - `2017-10-15`	8 months	crt.sh
mzstatic.com Symantec Class 3 EV SSL CA - G3	`2017-04-12` - `2019-04-10`	2 years	crt.sh
mzuserxp.itunes.apple.com Symantec Class 3 EV SSL CA - G3	`2016-12-15` - `2018-03-03`	a year	crt.sh

This page contains 4 frames:

Frame: https://itunes.apple.com/us/album/twelvefour/id1022016889&app=itunes?app=itunes
Frame ID: 2428.1
Requests: 6 HTTP requests in this frame

Frame: https://www.google.de/ads/user-lists/1024710092/?random=1500089599664&cv=8&fst=1500087600000&num=1&fmt=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=0&url=http%3A%2F%2Fflyt.it%2FTwelvefour&tiba=flyt.it&cdct=2&is_vtc=1&random=2587435908&fpvtc=/1024710092/%3Frandom%3D841192160%26cv%3D8%26fst%3D1500087600000%26num%3D1%26fmt%3D1%26guid%3DON%26eid%3D376635471%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D0%26u_nmime%3D0%26frm%3D0%26url%3Dhttp%253A%252F%252Fflyt.it%252FTwelvefour%26tiba%3Dflyt.it%26cdct%3D2%26is_vtc%3D1&ipr=y&ulfeg=n
Frame ID: 2428.2
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 2428.3
Requests: 1 HTTP requests in this frame

Frame: https://itunes.apple.com/us/album/twelvefour/id1022016889&app=itunes?app=itunes
Frame ID: 2481.1
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

62
Requests

92 %
HTTPS

58 %
IPv6

8
Domains

16
Subdomains

13
IPs

3
Countries

1202 kB
Transfer

3063 kB
Size

4
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.apple.com/
Title: Apple

Search URL Search Domain Scan URL

URL: https://www.apple.com/us/shop/goto/bag
Title: Shopping Bag

Search URL Search Domain Scan URL

URL: https://www.apple.com/mac/
Title: Mac

Search URL Search Domain Scan URL

URL: https://www.apple.com/ipad/
Title: iPad

Search URL Search Domain Scan URL

URL: https://www.apple.com/iphone/
Title: iPhone

Search URL Search Domain Scan URL

URL: https://www.apple.com/watch/
Title: Watch

Search URL Search Domain Scan URL

URL: https://www.apple.com/tv/
Title: TV

Search URL Search Domain Scan URL

URL: https://www.apple.com/music/
Title: Music

Search URL Search Domain Scan URL

URL: https://support.apple.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://www.apple.com/us/search
Title: Search apple.com

Search URL Search Domain Scan URL

URL: https://www.apple.com/itunes/download/
Title: Download iTunes

Search URL Search Domain Scan URL

URL: https://locate.apple.com/
Title: find a reseller

Search URL Search Domain Scan URL

URL: https://www.apple.com/choose-your-country/
Title: United States

Search URL Search Domain Scan URL

URL: https://www.apple.com/privacy/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.apple.com/legal/internet-services/terms/site.html
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.apple.com/us/shop/goto/help/sales_refunds
Title: Sales and Refunds

Search URL Search Domain Scan URL

URL: https://www.apple.com/legal/
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.apple.com/sitemap/
Title: Site Map

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 1

http://connect.facebook.net/en_US/fbevents.js
https://connect.facebook.net/en_US/fbevents.js

Request 2

https://www.google.com/ads/user-lists/1024710092/?random=1500089599664&cv=8&fst=1500087600000&num=1&fmt=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/ads/user-lists/1024710092/?random=1500089599664&cv=8&fst=1500087600000&num=1&fmt=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

Request 4

http://connect.facebook.net/signals/config/764774676867656?v=2.7.18
https://connect.facebook.net/signals/config/764774676867656?v=2.7.18

Request 6

https://itunes.apple.com/us/album/twelvefour/id1022016889&app=itunes?app=itunes&ls=1&at=10l4GJ&ct=Twelvefour
https://itunes.apple.com/us/album/twelvefour/id1022016889&app=itunes?app=itunes

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Twelvefour Show response
flyt.it/ 2 KB
2 KB 351ms
193ms Document
text/html 23.99.65.65
Microsoft Corpora...

General

Domain/Path	Expires	Name / Value
.apple.com/	1970-01-01 00:00:00	Name: geo Value: DE
.apple.com/	1970-01-01 00:00:00	Name: ccl Value: mbta8XRMw6ZsrZ/alBWpwQ==
.apple.com/	2017-08-14 03:33:20	Name: a Value: QQANAAAACwA8fJUGMTBsNEdKClR3ZWx2ZWZvdXIAAAAAPOq9eQ==
.apple.com/	2017-07-15 03:33:30	Name: ls Value: 1

Source	Level	URL Text
console-api	error	URL: https://web-experience.itunes.apple.com/assets/vendor-3e4678538ca191ced94c7f3897f8ec45.js(Line 27) Message: storageObject: storage object not found. Override this function if there is a platform-specific implementation
console-api	warning	URL: https://web-experience.itunes.apple.com/assets/vendor-3e4678538ca191ced94c7f3897f8ec45.js(Line 27) Message: Metrics config: No config provided via delegate or fetched via init(), using default/cached config values.

flyt.it Open in urlscan Pro 23.99.65.65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

62 Requests

92 %HTTPS

58 %IPv6

8 Domains

16 Subdomains

13 IPs

3 Countries

1202 kBTransfer

3063 kBSize

4 Cookies

18 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

flyt.it Open in urlscan Pro
23.99.65.65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

92 %
HTTPS

58 %
IPv6

8
Domains

16
Subdomains

13
IPs

3
Countries

1202 kB
Transfer

3063 kB
Size

4
Cookies

62 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!