Report - icloud-hk.wang/login

Report Overview

Submitted URL
icloud-hk.wang/login
IP
104.21.3.221
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 03:36:37
Access
public
Website Title
登录若依系统
Final URL
icloud-hk.wang/login
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
76

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
icloud-hk.wang	unknown	2024-03-31	2024-03-31	2024-04-08	9.2 kB	810 kB	104.21.3.221

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.
2024-04-01	medium	icloud-hk.wang/	Apple Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed
2024-04-26	medium	icloud-hk.wang	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	icloud-hk.wang/ajax/libs/blockUI/jquery.blockUI.js	21 kB	2023-03-07	2024-05-04
Pretty URL icloud-hk.wang/ajax/libs/blockUI/jquery.blockUI.js IP 104.21.3.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:33:48 Last Seen2024-05-04 11:56:17 Times Seen184 Hash d2527dc37bd691ee37c0769a85d4e678 7f6ae26a61a7d5dfa1fed93de574d736e80e3476 5fccc001b2b5cadcb733169e116de392bb571b456e2bef0d5cbeaa51c85f7ea5 Loading...

	icloud-hk.wang/ruoyi/js/ry-ui.js?v=4.7.7	86 kB	2023-12-30	2024-04-26
Pretty URL icloud-hk.wang/ruoyi/js/ry-ui.js?v=4.7.7 IP 104.21.3.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-30 02:22:53 Last Seen2024-04-26 05:36:40 Times Seen2 Hash 39083f7a0a70d3373ab66bf89f92d5f8 e70898e35c7ca7c79656a6af2190cc5a0a3ef972 56b683d40aa73daa8ed75482622dae4e4b33b44dd55f1c30e296f4d8d08a09c5 Loading...

	icloud-hk.wang/ruoyi/login.js	2.8 kB	2023-03-07	2024-05-02
Pretty URL icloud-hk.wang/ruoyi/login.js IP 104.21.3.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:33:48 Last Seen2024-05-02 12:25:42 Times Seen74 Hash cf89d34e47238507a79cb717ed3269bb be69bd6007f5a98d74f92c4da86228d96e601ebe 68d17e20c8649e49628034b3eee2db84ac38e7b1454b794f97165287df895bf8 Loading...

	icloud-hk.wang/login	0 B	2023-03-07	2024-05-05
Pretty URL icloud-hk.wang/login IP 104.21.3.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 10:50:56 Times Seen37357253 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	icloud-hk.wang/login	48 B	2023-06-01	2024-05-04
Pretty URL icloud-hk.wang/login IP 104.21.3.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 00:10:52 Last Seen2024-05-04 11:56:17 Times Seen141 Hash fb5a8c94e360a6a4b6d2cc8755007bba da4356bfe27a14d941383bfba020db240c3bd94f 3aeecc9fb20b249d22a7eebc7d89fbd13783ee0dcad3dd59311e5b17321671d4 Loading...

	icloud-hk.wang/js/jquery.min.js	91 kB	2023-06-03	2024-05-02
Pretty URL icloud-hk.wang/js/jquery.min.js IP 104.21.3.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-03 11:12:46 Last Seen2024-05-02 12:25:42 Times Seen30 Hash 084e647ae4361cc771c6c0c3d9028e00 a1dac1dce335818bb9246698180f0b2db532c027 7012f2c3dd55886b81b706358ca2a01e5496a30161d8513f90a65ae4599c4359 Loading...

	icloud-hk.wang/ajax/libs/validate/jquery.validate.min.js	24 kB	2023-06-08	2024-04-27
Pretty URL icloud-hk.wang/ajax/libs/validate/jquery.validate.min.js IP 104.21.3.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 13:36:30 Last Seen2024-04-27 11:02:58 Times Seen34 Hash 01846b535f29a0ce062106d36915bd72 dd2283458f6a39fc75d850510780c1a4d14b321a 7e88110aa709a4468f1749b19288a72fb74253ad255ddbbe913ba4fd9bad820a Loading...

	icloud-hk.wang/ajax/libs/layer/layer.min.js	24 kB	2023-06-01	2024-05-02
Pretty URL icloud-hk.wang/ajax/libs/layer/layer.min.js IP 104.21.3.221 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-01 00:10:52 Last Seen2024-05-02 12:25:41 Times Seen66 Hash 076f3e9732208825c52ef16f04d1ed29 2637750086f0ab725f0a6aac790843613e610f66 97906a9e2b331eb0019411a782d4ad5e58c742dfac5ca7aec08530edaaa2840c Loading...

HTTP Transactions (20)

URL IP Response Size

icloud-hk.wang/ruoyi.png

104.21.3.221

200 OK

5.6 kB

URL GET HTTP/3
icloud-hk.wang/ruoyi.png
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
PNG image data, 121 x 75, 8-bit/color RGBA, non-interlaced
Size
5.6 kB (5645 bytes)
Hash
8da61aa0b047278cc267020e75cef219
767b05c2a119efdfca61882da672c559a6d88977
e2695a6aeb771b368b6e1e721530921312b3f8948e9390eb123ad6b5ab6d9615

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ruoyi.png HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:16 GMT
content-type: image/png
content-length: 5645
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:22 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qMKLlQdUbyvPVS0gzJly5w8xg4qbhozjZgdVNIbe0bvJz2WuuldM20CAHHS7ye2ZXngipYXAVUDd7brSse6Lgqau%2Fx6U9cyMkuhek7Yu4rKichXvIP5kIxlyliDGvLhUpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3870199a95685-OSL
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/ruoyi/css/ry-ui.css?v=4.7.7

104.21.3.221

200 OK

149 kB

URL GET HTTP/3
icloud-hk.wang/ruoyi/css/ry-ui.css?v=4.7.7
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
149 kB (148673 bytes)
Hash
4a9e3efd2ce5239a0362015538369b88
03539d1e3085f1caa8d6bc73bac13990b9b19ee6
4e4e6542d45276f7721fe2751ea8702b00c1af5bc4c6d1c50cb22f584bf3cfbe

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ruoyi/css/ry-ui.css?v=4.7.7 HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:17 GMT
content-type: text/css
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FXNiKuD%2Bm5s%2Fe6Q1zYs2MkrzaeeDbwXIJfH3PtRqKogk6oXgpt3zJQXDofZaRv2%2BHJXlXfNaUEr65QCHXi9JD1kAGo7HYI9mGL%2BzGfQ02WETDLvluB0P4%2BY5FWgITEAaLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3870199a75685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/css/style.min.css

104.21.3.221

200 OK

96 kB

URL GET HTTP/3
icloud-hk.wang/css/style.min.css
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
96 kB (96464 bytes)
Hash
a20f46f5974d3f853f0a67d4f0803dec
8872b8719a5c8fbdd7581e4207042a73d6e7df5e
637493f77e437059985da455dfa9287aa8766214cfc2bcfc5e11d40aa970f9c2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/style.min.css HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:17 GMT
content-type: text/css
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vNiFx4b8fUnlpXLfuvOI4TnsALmBpeUS9OU3iROCPOSBvtgd8WlfFbclnPOrkvDnoUDS1mPj9hKq116YWXV4eNFNmlSQE3%2BFaVk5kRZe824ssGl4be5UKA6irZ%2BMp%2Brsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3870159785685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/css/bootstrap.min.css

104.21.3.221

200 OK

21 kB

URL GET HTTP/3
icloud-hk.wang/css/bootstrap.min.css
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
ASCII text, with very long lines (65367), with CRLF line terminators
Size
21 kB (21422 bytes)
Hash
a1124333721a9bc6b8865a68472a7dbc
e9ff89169da4e8c93414492a2121f4aa257d8614
131274e2a9c6ccab840dfc9c0b875dea0e2a6c47a4fdc5e24fc97d9d91ef8238

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:17 GMT
content-type: text/css
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKLKMKNjFMPEcPKJDHuqkQ3wTjHViZ82bZD25HX8gt8IguH3p6UJQZNob2XO7I79Isboui8qgg0DVVxRDOq%2FMzpoaoD%2FwpMKmDr2YhapYVNYX7TV7WNA0EnXOn1U1MeW%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3870159755685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/css/font-awesome.min.css

104.21.3.221

200 OK

8.1 kB

URL GET HTTP/3
icloud-hk.wang/css/font-awesome.min.css
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
ASCII text, with very long lines (30837), with CRLF line terminators
Size
8.1 kB (8078 bytes)
Hash
a0e784c4ca94c271b0338dfb02055be6
88af80502c44cd52ca81ffe7dc7276b7eccb06cf
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/font-awesome.min.css HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:17 GMT
content-type: text/css
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwNe5LUzEXN77KzaDp6UBM157pTpgVyLyHMw0t0ANAUj6cVpM1taojzJE7veNh5Owlpb2kZZgmT%2FFHLGb9frmupl2pO0vrJ3WXgrB%2BHVSld2GtBoPk7RfXEwOYyMdGVwlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3870159775685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/img/login-background.jpg

104.21.3.221

200 OK

143 kB

URL GET HTTP/3
icloud-hk.wang/img/login-background.jpg
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2014:06:30 11:40:52], baseline, precision 8, 1440x900, components 3
Size
143 kB (142718 bytes)
Hash
31e21fdea575697a651cf4572562e398
822687d31ccd83c82ae0847afbee5e69a81db222
d16abd743d889ab710e5171f3c99509ff24f7cfd4e3aa2f23c55883d1503a081

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/login-background.jpg HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/css/login.min.css
Cookie: JSESSIONID=a8053627-2069-4c1e-9f44-2617a5a7e810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:18 GMT
content-type: image/jpeg
content-length: 142718
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AiaKdD65iscGk9FmNbfobTSEYSPHMvX4q4fMzbdCiTzpe%2F%2FtcXxFDvh0lUOyKmaFzvQn42SzrDJe5%2BU1zEdPODNVzRDvB3kh9t%2Fa75Gul6p7jjWNqV8impgAU0%2BVcncDfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3871519435685-OSL
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/img/user.png

104.21.3.221

200 OK

1.1 kB

URL GET HTTP/3
icloud-hk.wang/img/user.png
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1106 bytes)
Hash
681dfebf3a20ec9c580d8dc248eb6a6e
46a81ebddfdb1e2e647b711cf896aea3c4557f74
09bbf9c144222134ee6d4f28b25d4b846f8c099d72c4360c7998bfd89715eb45

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/user.png HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/css/login.min.css
Cookie: JSESSIONID=a8053627-2069-4c1e-9f44-2617a5a7e810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:20 GMT
content-type: image/png
content-length: 1106
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:26 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OyUIgsK60DdQ2QcSrv8o9ACwoXPew1gQmc3r5aCzFbDamLu9m5Vy2Daf9%2FJDxpVwS3QZoozPF0IvbMfT1jTRCbPNx3Lse0wFKS%2BgHBHDDa6O4eJ%2Fz6C%2FBIpjI5%2FMLxwkRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a38715294f5685-OSL
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/ajax/libs/layer/theme/default/layer.css?v=3.5.1

104.21.3.221

200 OK

16 kB

URL GET HTTP/3
icloud-hk.wang/ajax/libs/layer/theme/default/layer.css?v=3.5.1
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type

Size
16 kB (16348 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/layer/theme/default/layer.css?v=3.5.1 HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Cookie: JSESSIONID=a8053627-2069-4c1e-9f44-2617a5a7e810
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:20 GMT
content-type: text/css
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:26 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bqNLgTRsNauDP0N22YAOMR%2FpJL5lbFAqrv%2Ffzk4tsAVWz4OSjh9ptcNjNx6TJCv7rw4qNQGC1rdnCwVRtr%2FjoLfxD%2Fk8ooPSdeeRwuKedblqL9HXAAMaU6icMa452KVEeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a38716a9eb5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/captcha/captchaImage?type=math

104.21.3.221

200 OK

3.1 kB

URL GET HTTP/3
icloud-hk.wang/captcha/captchaImage?type=math
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x60, components 3
Size
3.1 kB (3052 bytes)
Hash
15593b2dde700a0cecbfcf0016016c0a
d0a5f96a4bbbcdebe212ffbf1d1d90e1ecc3fb53
cc7a2ba4894b025bfff5f2fd298bed72681297b82ce2a1e625dd6cee499f1adf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /captcha/captchaImage?type=math HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:14 GMT
content-type: image/jpeg
set-cookie: JSESSIONID=a8053627-2069-4c1e-9f44-2617a5a7e810; Path=/; HttpOnly; SameSite=lax
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v6Y6yov%2BAkmUGXxYZnx1Gs9rpwZKXeiWx0IJTP5F56lYrRu40ugkdseo2NplxTVDWz8YLWvbcculzFxvfYPnKcfkpgdrgyLVtiWyp8YpGeQD8Ta2zMCdTMIrYuOvMoxZdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a38701a9aa5685-OSL
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/ajax/libs/validate/jquery.validate.min.js

104.21.3.221

200 OK

24 kB

URL GET HTTP/3
icloud-hk.wang/ajax/libs/validate/jquery.validate.min.js
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type

Size
24 kB (24449 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/validate/jquery.validate.min.js HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxx4WwsTacRtr%2BrlHyljLlkzcAvpd5nJzwP0LHaESBS9qizWgcIGUxxZHVjTHbDKP1P4bpBHMMC6L5E9jUBBg%2B9G2KELAz%2BDtpwW7zA6q6cjSXtUbiVQIkjV9rf%2FcaQskQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a38701a9af5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/img/locked.png

104.21.3.221

200 OK

1.1 kB

URL GET HTTP/3
icloud-hk.wang/img/locked.png
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1132 bytes)
Hash
f6f30beb72f584e218bfec975eb1109d
bf2df8c47190b0643683569dbe42e619186135e3
5d49f096f9957f3b969cdf922469092b26550ec5cfe9c78a86515460c4230cd7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/locked.png HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/css/login.min.css
Cookie: JSESSIONID=a8053627-2069-4c1e-9f44-2617a5a7e810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:19 GMT
content-type: image/png
content-length: 1132
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:25 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUu7pqxn3B%2BGbsba0cAgggrfVTbP8oO4Ybcd4VKz3urV2NAHhMzm2ULwh6A4LJltjI49xqzkYZA34Cb2kOS2vPUK1z5YTXv47fGDWy2%2FprI%2BXtn08mC8x5kBqJ9TFXuIPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3871539525685-OSL
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/favicon.ico

104.21.3.221

200 OK

17 kB

URL GET HTTP/3
icloud-hk.wang/favicon.ico
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Size
17 kB (16958 bytes)
Hash
e49fd30ea870c7a820464ca56a113e6e
38ccc3603a8bc74ed3f7491222c9d50e73aa421a
148ce319907e947199c93f77c9317c0b166bc17d77d6cf6378f8374e8d2fb1a2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Cookie: JSESSIONID=a8053627-2069-4c1e-9f44-2617a5a7e810
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:18 GMT
content-type: image/x-icon
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPIjDSQrdav0gSwOnmCaQdddGiH194%2Fe%2B%2BANtQSexdiKF9M7U1A5KNEIepjKGuZY5Hnmi%2BSlxHj8sVEuGXyGyBQWygASIhZvPL9jDJOcWcJMnivUf7GXryeCTzhc%2F%2BvlmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a38719cb725685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/ajax/libs/blockUI/jquery.blockUI.js

104.21.3.221

200 OK

21 kB

URL GET HTTP/3
icloud-hk.wang/ajax/libs/blockUI/jquery.blockUI.js
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type

Size
21 kB (20641 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/blockUI/jquery.blockUI.js HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oks10mx755nLOy2a8%2B8ygkBLPel%2FXijsTcIPonfSQrk8%2FgFQ1eAK3T91IEBI8lAr0NjPxAaBjvQMEY3hMYO68RYhb0aY%2BtQjThu%2FQzPmNodXgG8b%2B4t3F9ItLRl%2FdaCaGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a38701a9b15685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/ruoyi/js/ry-ui.js?v=4.7.7

104.21.3.221

200 OK

86 kB

URL GET HTTP/3
icloud-hk.wang/ruoyi/js/ry-ui.js?v=4.7.7
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type

Size
86 kB (86547 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ruoyi/js/ry-ui.js?v=4.7.7 HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:16 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:21 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9vWb%2BQSOMKIGfDJu0Vddk%2FHKprwV0zx1OcR3l90T4WxF5RkzwPskjH64FodI7hbGl5ne6CMZqEAdOjEszmrE%2BmWRraDH5c8bLAI%2FQIe1zd%2BjfESa97Lf5Q9f%2FyN8JNGew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a38701a9b55685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/js/jquery.min.js

104.21.3.221

200 OK

91 kB

URL GET HTTP/3
icloud-hk.wang/js/jquery.min.js
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type

Size
91 kB (91387 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Paw4ZIEuI7F6i7uQjs8jfLtaD%2FTWgBLUTzSazZlp6miRSIKKDClD0AssNqK0UcizosZpt47TAJPc8ystTkDBIn8R191I9V7MMrA5o0klLdbGhc%2FEuq6zZkYfreF61%2BQ46g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a38701a9ac5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/ajax/libs/layer/layer.min.js

104.21.3.221

200 OK

24 kB

URL GET HTTP/3
icloud-hk.wang/ajax/libs/layer/layer.min.js
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type

Size
24 kB (23569 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/layer/layer.min.js HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QPcWlzFL7nkAyii5Qk12iTnar6GqINkWvM0kXJ0JJF1ZAgtobG7IUE%2BCb1iKVSC8%2FobJppWi0L%2FgcKVBtAkt5cR%2FXjGx8XHVNJoCoFqeaZrabC8aaKHZ6yZQoLH4lS9Qjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a38701a9b05685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/ruoyi/login.js

104.21.3.221

200 OK

2.8 kB

URL GET HTTP/3
icloud-hk.wang/ruoyi/login.js
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2927), with no line terminators
Size
2.8 kB (2766 bytes)
Hash
e3feba94a4b82f5fae3a91e163b6feb1
c9bdcd13c330056b851b0a9777779cbcdb861860
e359f644a171f13b77775cb6002d5f24c83dfe96d9a5ac93ac9e0306eacc8b57

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ruoyi/login.js HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFYPGKuzosV4VMqZgptdXCIEFmdUwyLVBfXf3IqVlUSdLmEnnxbMQgJDXfIkpxj0cNJuBf9S8j3qV59hOn5Swlj5118iI0oqTtSp%2BcUVvaRZqyjanQ5IRs%2FrqCd4nEWT7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a38701a9b75685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/fonts/fontawesome-webfont.woff2?v=4.7.0

104.21.3.221

200 OK

77 kB

URL GET HTTP/3
icloud-hk.wang/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/css/font-awesome.min.css
Cookie: JSESSIONID=a8053627-2069-4c1e-9f44-2617a5a7e810
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:18 GMT
content-type: application/font-woff2
content-length: 77160
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BZ4ma%2FIZd0RsKTXZARICOsaljx8LahiZjvD5NhVAZjskQHWeKD3fxVxqlEeCmROYupMq8wNC0GybyW26%2Bu88eyxink5y%2BTqZEhVpRvWhKN2ZCrHUFasvqCzGis%2B%2F9Cs9%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a3871559595685-OSL
alt-svc: h3=":443"; ma=86400

icloud-hk.wang/login

104.21.3.221

200 OK

4.1 kB

URL User Request GET HTTP/2
icloud-hk.wang/login
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4282), with no line terminators
Size
4.1 kB (4090 bytes)
Hash
8529a9b41e7dc0d070229be79519a4f9
253901f2453bbbeb5e674e54ec778cc8e08be7f4
838ba5e4d48f892e44e5fdcfbb24303f49e242dcda2ef2675b0c002418204112

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:36:14 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
content-language: zh-CN
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJ%2FTkOmElo1AC9HDdKTKYnMLijiPmL%2FBIAhlRdgxSr9X64aa7lPH9PGVnMAW7GnLwHeJYdfpCPc60PoNdbaSaGgJo9YET%2BOklXnFct9tB1BUSYBvjPA4HdtOzZ%2FgF0CfaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a386ee4af67128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

icloud-hk.wang/css/login.min.css

104.21.3.221

200 OK

2.8 kB

URL GET HTTP/3
icloud-hk.wang/css/login.min.css
IP
104.21.3.221:443
ASN
#13335 CLOUDFLARENET

Requested by
https://icloud-hk.wang/login
Certificate
IssuerLet's Encrypt
Subjecticloud-hk.wang
FingerprintCF:72:53:74:33:15:69:4D:BE:90:6C:DD:AC:90:F6:5D:1B:CC:B4:E7
ValiditySun, 31 Mar 2024 08:33:08 GMT - Sat, 29 Jun 2024 08:33:07 GMT

File type
ASCII text, with very long lines (2827), with no line terminators
Size
2.8 kB (2820 bytes)
Hash
efa254b3bcfffbadaf32b7023e1ca028
96739b51a465aaf96c832c552fdf24db2e62f707
1f3fdb28c09826fb49e1f38dd54c8146d33e8b3e81e24ae4e557d7b0cc26bd79

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/login.min.css HTTP/1.1
Host: icloud-hk.wang
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://icloud-hk.wang/login
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:36:16 GMT
content-type: text/css
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
last-modified: Tue, 26 Dec 2023 13:44:23 GMT
expires: Fri, 26 Apr 2024 03:35:23 GMT
cache-control: max-age=14400
x-cache: MISS
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGTw62N4PtQRkE4cA660xewQO4%2FKh8Ui6vQUoxsQnfDWWFDi%2FMWesBhS%2B8Zk%2FyYW3ZRS%2BSgy2ZtcQh2N1Tk9t16jnH%2BmBVGdWfqeQZInLuH%2BUJyyKcHv4TcnXjUSlIIeNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a38701597a5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML