Report - wwwapple-id.info/

Report Overview

Submitted URL
wwwapple-id.info/
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-09 17:27:58
Access
public
Website Title
iCloud
Final URL
wwwapple-id.info/expire/index2.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
wwwapple-id.info	unknown	2023-11-15	2023-11-15	2024-01-15	4.1 kB	32 kB	188.114.96.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-09	1.1 kB	68 kB	142.250.74.99
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-09	441 B	4.1 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	wwwapple-id.info/	Apple Inc.
2024-05-09	medium	wwwapple-id.info/	Apple Inc.
2024-05-09	medium	wwwapple-id.info/	Apple Inc.
2024-05-09	medium	wwwapple-id.info/	Apple Inc.
2024-05-09	medium	wwwapple-id.info/	Apple Inc.
2024-05-09	medium	wwwapple-id.info/	Apple Inc.
2024-05-09	medium	wwwapple-id.info/	Apple Inc.
2024-05-09	medium	wwwapple-id.info/	Apple Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	wwwapple-id.info/expire/index2.html	1.1 kB	2024-05-09	2024-05-09
Pretty URL wwwapple-id.info/expire/index2.html IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-09 19:27:59 Last Seen2024-05-09 19:27:59 Times Seen1 Hash 13161497b5482e96bf74b438ba3bda7a 4317afd884413865281bb6fc732958aa1254087c b664ba70463800ca084240915195817bc9550a95ce1636dc842a658b3841e87a Loading...

	unknown	247 B	2024-05-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 19:27:59 Last Seen2024-05-09 19:27:59 Times Seen1 Hash 404715cbb1785cb9f31e72193941f29b 455156194037fc6383505e0e792bba9d56cc97d3 2b1f9bd3854c3dad8290a2f4c998ed2c68dc7f703286cf82c93f52a8722edd9d Loading...

	wwwapple-id.info/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-05-09	2024-05-09
Pretty URL wwwapple-id.info/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 19:27:59 Last Seen2024-05-09 19:27:59 Times Seen2 Hash e7fab5138d666cc630ef8c21791c5d50 c7d1346fa52b34514b6d28db3a432a9ec74f891f 3f6472d2526b71e11d6528c85513eb20279e1797c59000a88a42e414e8d30c5b Loading...

HTTP Transactions (11)

URL IP Response Size

wwwapple-id.info/cdn-cgi/challenge-platform/scripts/jsd/main.js

188.114.96.1

302 Found

0 B

URL GET HTTP/3
wwwapple-id.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wwwapple-id.info/expire/index2.html
Certificate
IssuerLet's Encrypt
Subjectwwwapple-id.info
FingerprintBD:DA:F6:28:A2:13:F9:C9:31:27:A5:06:25:6C:9C:76:40:67:19:FA
ValidityWed, 13 Mar 2024 01:54:41 GMT - Tue, 11 Jun 2024 01:54:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: wwwapple-id.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=b2dae22cfdfc79b56b686cb0b5bc78f5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 09 May 2024 17:27:32 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwSdePgzfTVBVk1fkuk6FVmj9mNZULcq0VQrA5gm6uZOz%2BP1ykhkr5Ur9sHmnMxRO2Gi5nzEH6Xu6v3i5cnpuQoYlOI%2BakwaA%2FBDpc8qV1nIcIDPRS2y5XwgAaoAZFyF%2FvF7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813669bedaab4fa-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.99

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://wwwapple-id.info/expire/index2.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wwwapple-id.info
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:06:37 GMT
expires: Fri, 09 May 2025 17:06:37 GMT
cache-control: public, max-age=31536000
age: 1255
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.99

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://wwwapple-id.info/expire/index2.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wwwapple-id.info
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:06:37 GMT
expires: Fri, 09 May 2025 17:06:37 GMT
cache-control: public, max-age=31536000
age: 1255
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wwwapple-id.info/cdn-cgi/challenge-platform/h/g/jsd/r/881366978c92b4fa

188.114.96.1

200 OK

0 B

URL POST HTTP/3
wwwapple-id.info/cdn-cgi/challenge-platform/h/g/jsd/r/881366978c92b4fa
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wwwapple-id.info/expire/index2.html
Certificate
IssuerLet's Encrypt
Subjectwwwapple-id.info
FingerprintBD:DA:F6:28:A2:13:F9:C9:31:27:A5:06:25:6C:9C:76:40:67:19:FA
ValidityWed, 13 Mar 2024 01:54:41 GMT - Tue, 11 Jun 2024 01:54:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/881366978c92b4fa HTTP/1.1
Host: wwwapple-id.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12166
Origin: https://wwwapple-id.info
DNT: 1
Connection: keep-alive
Referer: https://wwwapple-id.info/expire/index2.html
Cookie: PHPSESSID=b2dae22cfdfc79b56b686cb0b5bc78f5
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 17:27:32 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=crbusW_GyfWDGs0NaiApSgxwx1F_hHY9bVlUDNkhVPQ-1715275652-1.0.1.1-9aTDRGkWa0bL2eBRRxKV0LTNt85Iq6pbdkC2V55Dr7tYwlxXzDBf9m_KkE2GcJ8HnJDejQhfyQGsks_U9oC_eQ; Path=/; Expires=Fri, 09-May-25 17:27:32 GMT; Domain=.wwwapple-id.info; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhZ8zpZnH6MrQmQe6x1y7RmwVP0OPnYKFgmrp5rNhvRgPWpo2e9xh%2B96ib%2Blj5Ba7MWvKHfkrYqHi%2FPY%2Br7o2jc6di7l0kD%2F3Xsoov9eSdH7KWU0NN4ou%2FMiSgbsYibAODfn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8813669d78ecb4fa-OSL
alt-svc: h3=":443"; ma=86400

wwwapple-id.info/expire/img/favicon.png

188.114.96.1

520 No Reason Phrase

7.2 kB

URL GET HTTP/3
wwwapple-id.info/expire/img/favicon.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wwwapple-id.info/expire/index2.html
Certificate
IssuerLet's Encrypt
Subjectwwwapple-id.info
FingerprintBD:DA:F6:28:A2:13:F9:C9:31:27:A5:06:25:6C:9C:76:40:67:19:FA
ValidityWed, 13 Mar 2024 01:54:41 GMT - Tue, 11 Jun 2024 01:54:40 GMT

File type
HTML document, ASCII text, with very long lines (525)
Size
7.2 kB (7185 bytes)
Hash
c6357e16c8cde604758e4ec8bcdddcbd
4b5b8ad0ce0c459b78efcd68009dcef7cbbaeff6
35065bb643f6b66961340a09260e56aa016113d84dcac7d960615946a29bfccd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.

HTTP Headers

GET /expire/img/favicon.png HTTP/1.1
Host: wwwapple-id.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wwwapple-id.info/expire/index2.html
Cookie: PHPSESSID=b2dae22cfdfc79b56b686cb0b5bc78f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 520 No Reason Phrase
date: Thu, 09 May 2024 17:27:32 GMT
content-type: text/html; charset=UTF-8
content-length: 7185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fArPSGdRwSTpi7tYy6uu6FApfnIhuOjLZq%2BsRvIkIfQqttffOH7uqJvQ7lPaSNcDJw7hXxvHgTLp5Jmkr0Rhae6cJ74zClZtE7XK9RJoHZIUJ0At8xKuWxw7LV8GYx5rxgW4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
cf-ray: 8813669cef9bb4fa-OSL
alt-svc: h3=":443"; ma=86400

wwwapple-id.info/

188.114.96.1

302 Found

3.0 kB

URL User Request GET HTTP/2
wwwapple-id.info/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectwwwapple-id.info
FingerprintBD:DA:F6:28:A2:13:F9:C9:31:27:A5:06:25:6C:9C:76:40:67:19:FA
ValidityWed, 13 Mar 2024 01:54:41 GMT - Tue, 11 Jun 2024 01:54:40 GMT

File type

Size
3.0 kB (2951 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.

HTTP Headers

GET / HTTP/1.1
Host: wwwapple-id.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 09 May 2024 17:27:31 GMT
content-type: text/html; charset=UTF-8
location: ./expire/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
set-cookie: PHPSESSID=b2dae22cfdfc79b56b686cb0b5bc78f5; path=/
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o3G2RbxVQp4vrUqOswNLVodNPLVMcM%2FAghpIQsn4IYkkX4eK4IN9L%2ByM%2BIEQhhI6ol05nV%2Ft9nJE4XSHp1mbIHqaijbqKCyyEQ4IslgSZ%2BsNwRbF1KwBKMUmEGugSh2tghnO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881366958aff56ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wwwapple-id.info/expire/

188.114.96.1

302 Found

3.0 kB

URL User Request GET HTTP/2
wwwapple-id.info/expire/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectwwwapple-id.info
FingerprintBD:DA:F6:28:A2:13:F9:C9:31:27:A5:06:25:6C:9C:76:40:67:19:FA
ValidityWed, 13 Mar 2024 01:54:41 GMT - Tue, 11 Jun 2024 01:54:40 GMT

File type

Size
3.0 kB (2951 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.

HTTP Headers

GET /expire/ HTTP/1.1
Host: wwwapple-id.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=b2dae22cfdfc79b56b686cb0b5bc78f5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 09 May 2024 17:27:31 GMT
content-type: text/html; charset=UTF-8
location: index2.html
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2P4DMEkgZiA3KvPX%2F8tQlYywGoZWis1i2MRJ0T3sqA6mW7Pbd00dDKoIdL%2BZU5AWboEnMj8qavVOQFIkYSgr2xC0BPT41OyLNBi1Y0vVpTLJLFbddTSDBodapI%2B2w7U0nPLV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88136696bd3e56ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

wwwapple-id.info/expire/index2.html

188.114.96.1

200 OK

3.0 kB

URL User Request GET HTTP/3
wwwapple-id.info/expire/index2.html
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectwwwapple-id.info
FingerprintBD:DA:F6:28:A2:13:F9:C9:31:27:A5:06:25:6C:9C:76:40:67:19:FA
ValidityWed, 13 Mar 2024 01:54:41 GMT - Tue, 11 Jun 2024 01:54:40 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (3108), with no line terminators
Size
3.0 kB (2951 bytes)
Hash
1bc73a3d767a9bb4b1440cbb72d6a8ee
744954f73a8e123a3dc8e0bda7be903823e23a06
e83e0a212a7d073b1c0bf5814324a5840de6c04c931440244b71cc1ecbb8ea4d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.

HTTP Headers

GET /expire/index2.html HTTP/1.1
Host: wwwapple-id.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=b2dae22cfdfc79b56b686cb0b5bc78f5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:27:31 GMT
content-type: text/html
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 01 Apr 2024 13:57:03 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLNGYaAqQyTC8GZAadSE9hch47zu7R3bMaLgppTu2lsXSzxnrAJO1KEuQ3qM8I%2F8dSO6IKMWhl%2BMu%2Fra9JpBiEmph5ohgDtGOM8w30xpZ6oFCQJ7ygSsQgmW2t1YoSqn1k1S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881366978c92b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

wwwapple-id.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js

188.114.96.1

200 OK

7.9 kB

URL GET HTTP/3
wwwapple-id.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wwwapple-id.info/expire/index2.html
Certificate
IssuerLet's Encrypt
Subjectwwwapple-id.info
FingerprintBD:DA:F6:28:A2:13:F9:C9:31:27:A5:06:25:6C:9C:76:40:67:19:FA
ValidityWed, 13 Mar 2024 01:54:41 GMT - Tue, 11 Jun 2024 01:54:40 GMT

File type
JavaScript source, ASCII text, with very long lines (7852), with no line terminators
Size
7.9 kB (7852 bytes)
Hash
e7fab5138d666cc630ef8c21791c5d50
c7d1346fa52b34514b6d28db3a432a9ec74f891f
3f6472d2526b71e11d6528c85513eb20279e1797c59000a88a42e414e8d30c5b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/1b3559406bc8/main.js HTTP/1.1
Host: wwwapple-id.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=b2dae22cfdfc79b56b686cb0b5bc78f5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:27:32 GMT
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
cache-control: max-age=14400, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BW0c6Cd%2B0xWjXyobA9Aazy9nvbB1tZaoAy2rCoJcGjs9YJ%2BIfAGXXe%2F5xX3qbeTJcQk3RBSPjpwxvfQsMROu%2BhOrB8Zk2cqB6l%2B4ZO92h17V%2FAZ0PbUtPnQQG3THTqS%2FUAP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8813669c0de3b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Montserrat:700,900

142.250.74.106

200 OK

3.4 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat:700,900
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://wwwapple-id.info/expire/index2.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (3520), with no line terminators
Size
3.4 kB (3440 bytes)
Hash
e44d2d85f0696f48bb284c95decd5707
1e90791aa112a0357373089c27de12657f35ad9e
97087bd66f7fe60df8893dbaf967ff6e13b3057b6699e60467048f603c485c07

HTTP Headers

GET /css?family=Montserrat:700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wwwapple-id.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 May 2024 17:27:32 GMT
date: Thu, 09 May 2024 17:27:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wwwapple-id.info/expire/css/style.css

188.114.96.1

200 OK

1.9 kB

URL GET HTTP/3
wwwapple-id.info/expire/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://wwwapple-id.info/expire/index2.html
Certificate
IssuerLet's Encrypt
Subjectwwwapple-id.info
FingerprintBD:DA:F6:28:A2:13:F9:C9:31:27:A5:06:25:6C:9C:76:40:67:19:FA
ValidityWed, 13 Mar 2024 01:54:41 GMT - Tue, 11 Jun 2024 01:54:40 GMT

File type
ASCII text, with very long lines (2050), with no line terminators
Size
1.9 kB (1946 bytes)
Hash
566d79e6543cd3ce275c3f3dae0126c8
e66fb357b0fda7b012ca8b8259725c7e7367abd6
3f8b18fa21bb59995d83d7a0d6b7377587af4445d7c6ae474a92b1c0c0ef4239

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.

HTTP Headers

GET /expire/css/style.css HTTP/1.1
Host: wwwapple-id.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wwwapple-id.info/expire/index2.html
Cookie: PHPSESSID=b2dae22cfdfc79b56b686cb0b5bc78f5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 17:27:32 GMT
content-type: text/css
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 01 Apr 2024 14:20:15 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pqsHM09V95Ef8U1iSQV6XX%2FykXYC7ZODwbCad8Ea5%2Fgv8E29HHniHOCxBQ93aOvC%2FoXXOD3IWC7fVAdWo%2Fwhihno73e3cIhhPHVZUjsX%2FAwutGhdagYXtLDEIqVW9F%2BazODY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8813669a39c7b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (11)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL POST HTTP/3

IP

ASN

Requested by

Certificate

File type

Size