https://assistguest.com
104.21.17.204 · Cloudflare, Inc.
Toronto, Canada
0 days ⚠
404 · 14.1s
Valid· WE1, Google Trust Services, US
COMPLETED
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
Apple
Vendors
29/31
Status
partial
No KB/IOK detections were recorded for this scan.
technology | finance | ecommerce | other · 7/19/2026
Apple returns a 404 page but loads a Cloudflare beacon script and makes a POST to /cdn-cgi/rum with a 204 status. The SSL cert is newly issued and the domain is extremely new (0 days old). The page content is a generic 404 rather than an obvious impersonation UI, but the screenshot attached indicates a potential visual impersonation attempt could exist if branding were present; however, the static HTML shows no brand logos or login forms. The combination of a new domain, SPA hints, and a beacon script suggests potential malicious intent or at least aggressive data collection behavior, but there is insufficient evidence of credential harvesting or explicit impersonation of a known brand from the page content itself.
Capture
Stages: 2
Canonical: Settled Render
Changed: No
Credential Signals
Forms: 0
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 4
Hosts: 2
Domains: 2
The domain Apple is brand-new (0 days) and uses a Cloudflare-based analytics beacon, with a POST to a Cloudflare-related endpoint. While there is no concrete evidence of credential harvesting or impersonation of a known brand in the static HTML, the combination of a new domain, SPA-like behavior, and telemetry beacon activity raises risk for potential credential collection or malicious data exfiltration if the SPA renders a phishing UI at runtime. The page itself shows a generic 404, not an explicit first-party service, and there is no visible brand impersonation in the captured HTML. Recommend monitoring and further testing to determine if the SPA loads credential capture forms or impersonates a known brand at runtime.
Monitor