appleid.oauth-icloud.com Open in urlscan Pro
194.135.33.55 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://appleid.oauth-icloud.com/
Submission: On October 05 via automatic, source ayashige (October 5th 2021, 5:25:53 am UTC) — Scanned from DE

Summary HTTP 33 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 33 HTTP transactions. The main IP is 194.135.33.55, located in Czech Republic and belongs to IPCONNECT, NL. The main domain is appleid.oauth-icloud.com.
TLS certificate: Issued by R3 on October 5th 2021. Valid for: 3 months.

This is the only time appleid.oauth-icloud.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	194.135.33.55 194.135.33.55	213373 (IPCONNECT) (IPCONNECT)
16	2a02:26f0:6c0... 2a02:26f0:6c00:29a::1aca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	2.17.186.40 2.17.186.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	17.32.194.7 17.32.194.7	714 (APPLE-ENG...) (APPLE-ENGINEERING)
33	5

1 194.135.33.55 (Czech Republic)

ASN213373 (IPCONNECT, NL)
PTR: alarm24stl.com

appleid.oauth-icloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:26f0:6c00:29a::1aca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.17.186.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-186-40.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 17.32.194.7 (Maiden, United States)

ASN714 (APPLE-ENGINEERING, US)

idmsa.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	apple.com www.apple.com idmsa.apple.com	71 KB
13	cdn-apple.com appleid.cdn-apple.com	793 KB
1	oauth-icloud.com appleid.oauth-icloud.com	241 KB
33	3

	Domain	Requested by
16	www.apple.com	appleid.oauth-icloud.com appleid.cdn-apple.com www.apple.com
13	appleid.cdn-apple.com	appleid.oauth-icloud.com appleid.cdn-apple.com
1	idmsa.apple.com	appleid.cdn-apple.com
1	appleid.oauth-icloud.com
33	4

This site contains links to these domains. Also see Links.

Domain
www.apple.com
support.apple.com
iforgot.apple.com
locate.apple.com

Subject Issuer	Validity	Valid
oauth-icloud.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
www.apple.com Apple Public EV Server RSA CA 2 - G1	`2021-09-08` - `2022-10-08`	a year	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2021-01-19` - `2022-02-18`	a year	crt.sh
idmsa.apple.com Apple IST CA 2 - G1	`2021-02-02` - `2022-03-04`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://appleid.oauth-icloud.com/
Frame ID: 55C0C7727E7FCC2867EA06552AE24E66
Requests: 32 HTTP requests in this frame

Frame: https://idmsa.apple.com/appleauth/auth/authorize/signin?frame_id=aid-7689ed91-2348-47fb-a130-097a2cf3fc5f&language=de_DE&iframeId=aid-7689ed91-2348-47fb-a130-097a2cf3fc5f&client_id=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&redirect_uri=https://appleid.oauth-icloud.com&response_type=code&response_mode=web_message&state=f3b0c2af-bced-49de-b1d3-a1155cf7a1da&rv=1&authVersion=latest
Frame ID: ED1F4E52742CFC7C89FE21771920C550
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deine Apple-ID verwalten

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Bag

Page Statistics

33
Requests

94 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

1105 kB
Transfer

2334 kB
Size

4
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.apple.com/de/
Title: Apple

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/shop/goto/bag
Title: Einkaufstasche

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/search
Title: apple.com durchsuchen Abbrechen

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/shop/goto/store
Title: Store

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/mac/
Title: Mac

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/ipad/
Title: iPad

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/iphone/
Title: iPhone

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/watch/
Title: Watch

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/tv/
Title: TV

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/music/
Title: Music

Search URL Search Domain Scan URL

URL: https://support.apple.com/de-de
Title: Support

Search URL Search Domain Scan URL

URL: https://iforgot.apple.com/password/verify/appleid
Title: Apple‑ID oder Passwort vergessen? Öffnet in einem neuen Fenster.

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/retail/
Title: Finde einen Apple Store

Search URL Search Domain Scan URL

URL: https://locate.apple.com/de/de/
Title: einen anderen Händler

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/legal/privacy/
Title: Datenschutzrichtlinie

Search URL Search Domain Scan URL

URL: https://www.apple.com/legal/privacy/de/cookies/
Title: Verwendung von Cookies

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/legal/terms/site.html
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/shop/goto/help/sales_refunds
Title: Verkauf und Rückerstattung

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/legal/
Title: Rechtliche Hinweise

Search URL Search Domain Scan URL

URL: https://www.apple.com/de/sitemap/
Title: Sitemap

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
appleid.oauth-icloud.com/ 240 KB
241 KB 2069ms
2000ms Document
text/html 194.135.33.55
IPCONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://appleid.oauth-icloud.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.135.33.55 , Czech Republic, ASN213373 (IPCONNECT, NL),
Reverse DNS: alarm24stl.com
Software: Apple /
Resource Hash: b5a90cc9fab2ad334201823c24bbeeef322395ed9069e1966515d1d27dd7778e

Request headers

Host: appleid.oauth-icloud.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache no-store
Connection: close
Content-Language: de-DE-x-lvariant-DEU
Content-Type: text/html;charset=UTF-8
Date: Tue, 05 Oct 2021 05:25:47 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Host: appleid.cdn-apple.com
Pragma: no-cache
Referrer-Policy: origin
Scnt: AAAA+jU1M0U5MzJCNDFEREMwRDQyNEY5MDk0QjRGOEM0RjkwRkNGMjNEMjlCQjJFMzQ0M0NFNUY0MTYzRTI2MjEyMDYyRTg4MTRENEY1MjJGODk2NjdEODJFMTI5RTZGMDBFQzcwRDJEMTlBQkMyQTM2ODJCMkVDMzhGMDIyMjBFQTZDMDNGRTM1RkRDMDVCOEQyMjNBODBENTU3NDU4MDlDNUQ5ODA2NjQ1MUEwODJFQjMzNUZBQ0FDOTE2N0Q5NzY1NDgxQzQyMjg0QzkwODZBN0NCQUU5REJFNTNFRDA2RkExRENEMjVBRTQ3ODM3NUMxRHwxAAABfE74JHUItmw/fGNx5we5/6AioE+6eYfefS6zh4+BwbuzWM0WbNcBVt5xYicAAAAI7GeosTF1ELvnRtJN2vsN8BkiFpPRAI1tNOwAt9RmM/FCDurZ6Q==
Server: Apple
Set-Cookie: idclient=web; Path=/; Domain=appleid.oauth-icloud.com; HttpOnly; Secure dslang=DE-DE; Path=/; Domain=oauth-icloud.com; HttpOnly; Secure site=DEU; Path=/; Domain=oauth-icloud.com; HttpOnly; Secure myacinfo=; Path=/; Domain=oauth-icloud.com; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Max-Age=0; HttpOnly; Secure awat=; Path=/; Domain=appleid.oauth-icloud.com; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Max-Age=0; HttpOnly; Secure aidsp=553E932B41DDC0D424F9094B4F8C4F90FCF23D29BB2E3443CE5F4163E26212062E8814D4F522F89667D82E129E6F00EC70D2D19ABC2A3682B2EC38F02220EA6C03FE35FDC05B8D223A80D55745809C5D98066451A082EB335FACAC9167D9765481C42284C9086A7CBAE9DBE53ED06FA1DCD25AE478375C1D; Path=/; Domain=appleid.oauth-icloud.com; HttpOnly; Secure
Transfer-Encoding: chunked
Vary: accept-encoding
X-Apple-I-Request-Id: 966656f7-1421-4d86-b91c-fd65446b7d5d
X-Buildversion: R16

GET
H2 404 fonts
www.apple.com/wss/ 0
0 274ms
218ms Stylesheet
text/html 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Requested by: Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK app-eyebrow.css
appleid.cdn-apple.com/static/cssj/1965579046/landing/web/ 443 KB
38 KB 83ms
11ms Stylesheet
text/css 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/static/cssj/1965579046/landing/web/app-eyebrow.css

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

4053ed51ab673d5d907f057127c5ee3d72a72fe02251459d27e9a9d86257d9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 19:05:47 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"453135-1631646347450"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38438

GET
H2 200 ac-globalnav.built.css
www.apple.com/ac/globalnav/6/de_DE/styles/ 107 KB
12 KB 81ms
25ms Stylesheet
text/css 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

d558adb34431925b180ac09fc8039aa0008ba96a4ac386e5a74ff1121ec83737

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
server: Apple
date: Tue, 05 Oct 2021 05:25:48 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: text/css
cache-control: max-age=0
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
content-length: 11969
x-xss-protection: 1; mode=block
expires: Tue, 05 Oct 2021 05:25:48 GMT

GET
H2 200 ac-globalfooter.built.css
www.apple.com/ac/globalfooter/6/de_DE/styles/ 45 KB
6 KB 79ms
23ms Stylesheet
text/css 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/ac/globalfooter/6/de_DE/styles/ac-globalfooter.built.css

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

fe5eb97414d903a382cdaa0fb6a44a4eca95902605ad123fc281e3d755b61d0f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
ntcoent-length: 46393
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
nncoection: close
vary: Accept-Encoding
content-length: 5279
x-xss-protection: 1; mode=block
server: Apple
x-frame-options: SAMEORIGIN
date: Tue, 05 Oct 2021 05:25:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-type: text/css
cache-control: max-age=28
expires: Tue, 05 Oct 2021 05:26:16 GMT

GET
H/1.1 200
OK common-header.js Show response
appleid.cdn-apple.com/static/jsj/2024771135/ 42 KB
15 KB 81ms
10ms Script
application/javascript 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/static/jsj/2024771135/common-header.js

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

61347f9a8a533ac11be0ad22b29d1fa30312cb0c9df37af035630e76f1b4bc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 19:05:47 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"42524-1631646347953"
Vary: accept-encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14435

GET
H/1.1 200
OK authService.latest.min.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/ 44 KB
14 KB 81ms
9ms Script
application/javascript 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/authService.latest.min.js

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

239a5df48a713570be0fd532184befe721d7dbc1be9c47cb6b2906015bfabab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 21 Sep 2021 17:51:54 GMT
Server: Apple
ETag: W/"45291-1632246714721"
Vary: accept-encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800,stale-while-revalidate=1800
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13419

GET
H/1.1 200
OK initFormStyle.js Show response
appleid.cdn-apple.com/static/jsj/1305823937/boot/ 314 B
656 B 79ms
8ms Script
application/javascript 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/static/jsj/1305823937/boot/initFormStyle.js

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

fc1dc5451975ee2e3cca010f0c398ef6a940d5b2d48c9ae57e83022ff9b3e52f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Mon, 30 Aug 2021 19:07:17 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"314-1630350437867"
Vary: accept-encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 160

GET
H/1.1 200
OK initBootData.js Show response
appleid.cdn-apple.com/static/jsj/1978403235/boot/ 4 KB
2 KB 71ms
8ms Script
application/javascript 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/static/jsj/1978403235/boot/initBootData.js

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

8e743265af12582065cb564bc0fcbf6b391fbc749eea733eef98e188fbb837d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 19:05:47 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"4277-1631646347974"
Vary: accept-encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1335

GET
H/1.1 200
OK authInitOptions.js Show response
appleid.cdn-apple.com/static/jsj/1920325159/web/boot/ 5 KB
3 KB 70ms
8ms Script
application/javascript 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/static/jsj/1920325159/web/boot/authInitOptions.js

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

cb58dd8d610ca310a1651f5245828221dbbe8e5db8657dcd6cd480a395e19867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 19:05:47 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"5117-1631646347948"
Vary: accept-encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2375

GET
H/1.1 200
OK initLocalizationStrings.js Show response
appleid.cdn-apple.com/static/jsj/331042498/boot/ 578 B
800 B 82ms
7ms Script
application/javascript 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/static/jsj/331042498/boot/initLocalizationStrings.js

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

2aee971442460cb00c8c7412dff4519ccf7206946312f534dfc363f3b1d11a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Mon, 30 Aug 2021 19:07:17 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"578-1630350437877"
Vary: accept-encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 304

GET
H/1.1 200
OK app.js Show response
appleid.cdn-apple.com/static/jsj/197049212/landing/web/ 775 KB
229 KB 87ms
12ms Script
application/javascript 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/static/jsj/197049212/landing/web/app.js

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

94ee144e0f02b37ac50aa5f839618e3caaf569c1d0b517bf7d2d244e6e33c350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 19:05:47 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"793497-1631646347949"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 234348

GET
H2 200 ac-globalnav.built.js Show response
www.apple.com/ac/globalnav/6/de_DE/scripts/ 121 KB
35 KB 51ms
51ms Script
application/x-javascript 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/scripts/ac-globalnav.built.js

Requested by

Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/static/jsj/197049212/landing/web/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

9688ab8eb6fd813ff3416f17ca6ee1c918be9ca85b7c56b04f435fbc90f142fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
server: Apple
date: Tue, 05 Oct 2021 05:25:48 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: application/x-javascript
cache-control: max-age=0
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
content-length: 35471
x-xss-protection: 1; mode=block
expires: Tue, 05 Oct 2021 05:25:48 GMT

GET
H2 200 ac-globalfooter.built.js Show response
www.apple.com/ac/globalfooter/6/de_DE/scripts/ 8 KB
4 KB 28ms
28ms Script
application/x-javascript 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.apple.com/ac/globalfooter/6/de_DE/scripts/ac-globalfooter.built.js

Requested by

Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/static/jsj/197049212/landing/web/app.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

2e2a0f886042318860883c56fd0b366b74c2c1de42a6aaa17eaf44cb1fa7ee64

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
nncoection: close
cneonction: close
content-length: 2893
x-xss-protection: 1; mode=block
server: Apple
x-frame-options: SAMEORIGIN
date: Tue, 05 Oct 2021 05:25:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=0
content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
expires: Tue, 05 Oct 2021 05:25:48 GMT

GET
H2 200 globalnav_apple_image__cxwwnrj0urau_large.svg
www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 554 B
1 KB 30ms
30ms Image
image/svg+xml 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_apple_image__cxwwnrj0urau_large.svg

Requested by

Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options: nosniff
x-cache: TCP_REFRESH_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (S)
nncoection: close
content-length: 554
x-xss-protection: 1; mode=block
x-cache-remote: TCP_IMS_HIT from a2-16-186-183.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (A)
last-modified: Fri, 08 May 2020 00:14:27 GMT
server: Apple
x-frame-options: SAMEORIGIN
date: Tue, 05 Oct 2021 05:25:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-type: image/svg+xml
cache-control: max-age=73
accept-ranges: bytes
expires: Tue, 05 Oct 2021 05:27:01 GMT

GET
H2 200 globalnav_links_store_image__d8z9vxma66c2_large.svg
www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 1 KB
1 KB 21ms
20ms Image
image/svg+xml 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_store_image__d8z9vxma66c2_large.svg

Requested by

Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

56b5afa556b3265d6c0c6d9b87e8ca5cc9ab14b80fce1e33ecc4457c4b37464e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
vary: Accept-Encoding
content-length: 648
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Aug 2021 20:36:42 GMT
server: Apple
x-frame-options: SAMEORIGIN
date: Tue, 05 Oct 2021 05:25:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-type: image/svg+xml
cache-control: max-age=441
accept-ranges: bytes
expires: Tue, 05 Oct 2021 05:33:09 GMT

GET
H2 200 globalnav_links_mac_image__fv4ktb435mum_large.svg
www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 802 B
1 KB 27ms
25ms Image
image/svg+xml 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_mac_image__fv4ktb435mum_large.svg

Requested by

Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

81849741dc42d40b8338a222866c5009893103efb5bdc4101d0ae5ca4d6e1375

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
nncoection: close
vary: Accept-Encoding
content-length: 466
x-xss-protection: 1; mode=block
last-modified: Fri, 08 May 2020 00:14:27 GMT
server: Apple
x-frame-options: SAMEORIGIN
date: Tue, 05 Oct 2021 05:25:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-type: image/svg+xml
cache-control: max-age=89
accept-ranges: bytes
expires: Tue, 05 Oct 2021 05:27:17 GMT

GET
H2 200 globalnav_links_ipad_image__fefum478f4uq_large.svg
www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 1002 B
893 B 32ms
30ms Image
image/svg+xml 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_ipad_image__fefum478f4uq_large.svg

Requested by

Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e3e8f864a3893b44258aedeb6260d85723541a9cdb5dc4daf141ccb769214648

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 May 2020 00:14:27 GMT
server: Apache
date: Tue, 05 Oct 2021 05:25:48 GMT
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: image/svg+xml
nncoection: close
cache-control: max-age=123
accept-ranges: bytes
content-length: 547
expires: Tue, 05 Oct 2021 05:27:51 GMT

GET
H2 200 globalnav_links_iphone_image__dhepc4hn14cy_large.svg
www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 1 KB
1 KB 32ms
31ms Image
image/svg+xml 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_iphone_image__dhepc4hn14cy_large.svg

Requested by

Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

a6184c9c55c75d613c2e81f5238d7e436714fab15e116eb29059d22817a90ef2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (A)
nncoection: close
vary: Accept-Encoding
content-length: 593
x-xss-protection: 1; mode=block
server: Apple
last-modified: Fri, 08 May 2020 00:14:27 GMT
x-cache-remote: TCP_IMS_HIT from a2-18-215-6.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
x-frame-options: SAMEORIGIN
date: Tue, 05 Oct 2021 05:25:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-type: image/svg+xml
cache-control: max-age=31
accept-ranges: bytes
expires: Tue, 05 Oct 2021 05:26:19 GMT

GET
H2 200 globalnav_links_watch_image__dfo5u4bhooqe_large.svg
www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 2 KB
2 KB 33ms
31ms Image
image/svg+xml 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_watch_image__dfo5u4bhooqe_large.svg

Requested by

Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

d577c9d1bad004bdabb9d0995cec0714e98b76e6053f2765ed09c23de6f328b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
nncoection: close
vary: Accept-Encoding
content-length: 910
x-xss-protection: 1; mode=block
last-modified: Fri, 08 May 2020 00:14:27 GMT
server: Apple
x-frame-options: SAMEORIGIN
date: Tue, 05 Oct 2021 05:25:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-type: image/svg+xml
cache-control: max-age=385
accept-ranges: bytes
expires: Tue, 05 Oct 2021 05:32:13 GMT

GET
H2 200 globalnav_links_tv_image__dtzdy60o3imq_large.svg
www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 264 B
1 KB 32ms
30ms Image
image/svg+xml 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_tv_image__dtzdy60o3imq_large.svg

Requested by

Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

8b25224a4527ed4efee23b222227fe0f00f1ef2ecfc3a64d0d55f9ba8a77d06b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options: nosniff
last-modified: Fri, 08 May 2020 00:14:27 GMT
server: Apple
date: Tue, 05 Oct 2021 05:25:48 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: image/svg+xml
nncoection: close
cache-control: max-age=72
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
content-length: 264
x-xss-protection: 1; mode=block
expires: Tue, 05 Oct 2021 05:27:00 GMT

GET
H2 200 globalnav_links_music_image__bewxrazzig02_large.svg
www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 1 KB
940 B 34ms
33ms Image
image/svg+xml 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_music_image__bewxrazzig02_large.svg

Requested by

Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

16e30f5480bc1dd538ad90ab859cda8a78badb4c3e9ddc3dfb5a5b6a358091e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 May 2020 00:14:27 GMT
server: Apache
date: Tue, 05 Oct 2021 05:25:48 GMT
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: image/svg+xml
nncoection: close
cache-control: max-age=260
accept-ranges: bytes
content-length: 594
expires: Tue, 05 Oct 2021 05:30:08 GMT

GET
H2 200 globalnav_links_support_image__b24reo1n4fbm_large.svg
www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 2 KB
1 KB 46ms
45ms Image
image/svg+xml 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_support_image__b24reo1n4fbm_large.svg

Requested by

Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

db645e8610c56a69be65cf9cf0ceebbb20bc505f1b91661b1617f8f7f26dbfc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
nncoection: close
vary: Accept-Encoding
content-length: 739
x-xss-protection: 1; mode=block
last-modified: Fri, 08 May 2020 00:14:27 GMT
server: Apple
x-frame-options: SAMEORIGIN
date: Tue, 05 Oct 2021 05:25:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-type: image/svg+xml
cache-control: max-age=350
accept-ranges: bytes
expires: Tue, 05 Oct 2021 05:31:38 GMT

GET
H2 200 globalnav_search_image__fca9mfoh8a2q_large.svg
www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 707 B
1 KB 46ms
44ms Image
image/svg+xml 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_search_image__fca9mfoh8a2q_large.svg

Requested by

Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

4209a6165a7b44b64f4a2b7bae04d1eac5367dcb03e823d9836bdaddfac5491a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
x-content-type-options: nosniff
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (A)
nncoection: close
vary: Accept-Encoding
content-length: 324
x-xss-protection: 1; mode=block
last-modified: Fri, 08 May 2020 00:14:27 GMT
server: Apple
x-frame-options: SAMEORIGIN
date: Tue, 05 Oct 2021 05:25:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-type: image/svg+xml
cache-control: max-age=32
accept-ranges: bytes
expires: Tue, 05 Oct 2021 05:26:20 GMT

GET
H2 200 globalnav_bag_image__bmix8075eg4i_large.svg
www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 718 B
1 KB 46ms
45ms Image
image/svg+xml 2a02:26f0:6c00:29a::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/ac/globalnav/6/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_bag_image__bmix8075eg4i_large.svg

Requested by

Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:29a::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apple /

Resource Hash

f1cd98822be46341b217b662db5cf71af58e176b471250d3099b1370dcce57fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: .akamaized.net .apple.com .apple-mapkit.com .cdn-apple.com .organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: .apple.com .apple-mapkit.com .cdn-apple.com .mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: .apple.com .apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' .apple.com
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.apple.com/ac/globalnav/6/de_DE/styles/ac-globalnav.built.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options: nosniff
last-modified: Fri, 08 May 2020 00:14:27 GMT
server: Apple
date: Tue, 05 Oct 2021 05:25:48 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MEM_HIT from a2-16-186-167.deploy.akamaitechnologies.com (AkamaiGHost/10.4.4-34529956) (-)
content-type: image/svg+xml
nncoection: close
cache-control: max-age=124
strict-transport-security: max-age=31536000; includeSubdomains
accept-ranges: bytes
content-length: 718
x-xss-protection: 1; mode=block
expires: Tue, 05 Oct 2021 05:27:52 GMT

GET
H/1.1 200
OK apple_id_desktop_2x.jpg
appleid.cdn-apple.com/static/bin/cb2381643449/dist/assets/ 442 KB
443 KB 9ms
8ms Image
image/jpeg 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://appleid.cdn-apple.com/static/bin/cb2381643449/dist/assets/apple_id_desktop_2x.jpg

Requested by

Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/static/cssj/1965579046/landing/web/app-eyebrow.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

eaa048615231faa8cfc35e0e2677cffdad48b59ff7b58cfd3ac111695af073a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.cdn-apple.com/static/cssj/1965579046/landing/web/app-eyebrow.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 21 Sep 2021 17:10:05 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"452813-1632244205890"
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 452813

GET
H/1.1 200
OK app_icons@2x.png
appleid.cdn-apple.com/static/bin/cb2444952294/dist/assets/ 29 KB
30 KB 10ms
9ms Image
image/png 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://appleid.cdn-apple.com/static/bin/cb2444952294/dist/assets/app_icons@2x.png

Requested by

Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/static/cssj/1965579046/landing/web/app-eyebrow.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

2f1cd57b13f6da9ea0610baa24c660ed5ae99bec708acd0c263b2fbd0cb2e59d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.cdn-apple.com/static/cssj/1965579046/landing/web/app-eyebrow.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 21 Sep 2021 17:10:05 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"29982-1632244205990"
Vary: accept-encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29757

GET appleicons_text.woff
www.apple.com/ac/globalfooter/6/de_DE/assets/ac-footer/legacy/ 0
0

GET
H/1.1 200
OK green-check.png
appleid.cdn-apple.com/static/bin/cb782083621/dist/assets/images/ 11 KB
11 KB 9ms
7ms Image
image/png 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://appleid.cdn-apple.com/static/bin/cb782083621/dist/assets/images/green-check.png

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

9e8dccd49921b1515f80b599ae69b01e95f620fcf92de93c91d1835c6da02aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 19:05:47 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"10846-1631646347740"
Vary: accept-encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10523

GET
H/1.1 200
OK alert_icon.png
appleid.cdn-apple.com/static/bin/cb2442680439/dist/assets/images/ 2 KB
3 KB 9ms
8ms Image
image/png 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://appleid.cdn-apple.com/static/bin/cb2442680439/dist/assets/images/alert_icon.png

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

95d20f4778660c38ec9ca629cfcb38e2c231432a88111562d90c56b3e73ea6c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Mon, 30 Aug 2021 19:07:17 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"2516-1630350437730"
Vary: accept-encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2248

GET
H/1.1 200
OK clock.png
appleid.cdn-apple.com/static/bin/cb4028851068/dist/assets/images/ 5 KB
6 KB 11ms
11ms Image
image/png 2.17.186.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://appleid.cdn-apple.com/static/bin/cb4028851068/dist/assets/images/clock.png

Requested by

Host: appleid.oauth-icloud.com
URL: https://appleid.oauth-icloud.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.17.186.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-186-40.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

144da382154b140a4585b1b7121835220406400c4f66def2b7f10863ff7bca62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Mon, 30 Aug 2021 19:07:17 GMT
Server: Apple
Host: appleid.cdn-apple.com
ETag: W/"5309-1630350437747"
Vary: accept-encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://appleid.apple.com
Cache-Control: public, max-age=2592000
Date: Tue, 05 Oct 2021 05:25:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5311

GET
H/1.1 200 Cookie set signin
idmsa.apple.com/appleauth/auth/authorize/ Frame ED1F 0
0 392ms
144ms Document
text/html 17.32.194.7
APPLE-ENGINEERING

General

Check archive.org

Show headers Download Go to

Full URL

https://idmsa.apple.com/appleauth/auth/authorize/signin?frame_id=aid-7689ed91-2348-47fb-a130-097a2cf3fc5f&language=de_DE&iframeId=aid-7689ed91-2348-47fb-a130-097a2cf3fc5f&client_id=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&redirect_uri=https://appleid.oauth-icloud.com&response_type=code&response_mode=web_message&state=f3b0c2af-bced-49de-b1d3-a1155cf7a1da&rv=1&authVersion=latest

Requested by

Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/appleauth/static/jsapi/authService.latest.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

17.32.194.7 Maiden, United States, ASN714 (APPLE-ENGINEERING, US),

Reverse DNS

Software

Apple /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; child-src blob: ; connect-src 'self' https://webcourier.sandbox.push.apple.com https://xp-qa.apple.com ; font-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; frame-src 'self' https://appleid.apple.com https://gsa.apple.com ; img-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://.mzstatic.com data: https://.apple.com ; media-src data: ; object-src 'none' ; script-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; style-src 'unsafe-inline' 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: idmsa.apple.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://appleid.oauth-icloud.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://appleid.oauth-icloud.com/

Response headers

Server: Apple
Date: Tue, 05 Oct 2021 05:25:49 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Apple-I-Request-ID: c4a37add-5811-4d51-967c-802bfc6dcf35
X-FRAME-OPTIONS: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Security-Policy: default-src 'self' ; child-src blob: ; connect-src 'self' https://webcourier.sandbox.push.apple.com https://xp-qa.apple.com ; font-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; frame-src 'self' https://appleid.apple.com https://gsa.apple.com ; img-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://*.mzstatic.com data: https://*.apple.com ; media-src data: ; object-src 'none' ; script-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; style-src 'unsafe-inline' 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ;
Referrer-Policy: origin
X-BuildVersion: R16_2
scnt: AAAA+kQ3OTU2MTIwNDk4NUIyODNBNEMzMUEwMzlDNURFRDVFMjk5MkUyODgxQUUzQUJCOTg3RDM5OUQxMUYwNjlDNThGNUNGOTQ3RkUyMTc4RjMxOTEzQkFGMzU1MzUwMDlGOEEyNjA0MkU4NkE4MzE2MDc0RjIyRUEzMEZDNzFENjJDNjVFOTRCMUFBOTFBRjVDODZFNDMyODg0QTFEQTczMTBBQUJGNzZFQTlDQ0YwQzFFMEQ4QzBGNkY5REUxREM5NDI4MjkwOEJGQzk0QTE4NEUzOTVFNTAzQThBQUM1QUZFQkJGOUQ2NUU0NkQxNDQ3OXwxAAABfE74AyRHr8sKNnO5kZF8d58wLsD6yvq8Gebz9ouOwWl0VxzxdQROqeay795oAAo80EGKrFs9fQeIIj8ljHFK/qw42LXYu5DuyGEYJV4QyRYQnzoGDA==
Set-Cookie: dslang=DE-DE; Domain=apple.com; Path=/; Secure; HttpOnly site=DEU; Domain=apple.com; Path=/; Secure; HttpOnly aasp=D79561204985B283A4C31A039C5DED5E2992E2881AE3ABB987D399D11F069C58F5CF947FE2178F31913BAF35535009F8A26042E86A8316074F22EA30FC71D62C65E94B1AA91AF5C86E432884A1DA7310AABF76EA9CCF0C1E0D8C0F6F9DE1DC94282908BFC94A184E395E503A8AAC5AFEBBF9D65E46D14479; Domain=idmsa.apple.com; Path=/; Secure; HttpOnly
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache no-store
X-Apple-Auth-Attributes: P4x1ZKnn/7hdec8eUPJ79+Tsu3VH0K6BFPAvpvoASumAOylQLBvL/IXxQOK6LCDGiilMGfvtp7w6UREgWBJYcIRWRMmJ7kAWhKR+C6ucJ3TJkkOn073tENHGojOd8tF9ihIkg99VWRI9hgtRbJYyneoarQAKPNBChmrK
X-Apple-HC-Bits: 12
X-Apple-HC-Challenge: 29c0ceb09a8c5b82099c148436ef1c48
X-Apple-I-Rscd: 400
vary: accept-encoding
Content-Encoding: gzip
Content-Language: de-DE-x-lvariant-DEU

GET appleicons_text.ttf
www.apple.com/ac/globalfooter/6/de_DE/assets/ac-footer/legacy/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.apple.com
URL: https://www.apple.com/ac/globalfooter/6/de_DE/assets/ac-footer/legacy/appleicons_text.woff

Domain: www.apple.com
URL: https://www.apple.com/ac/globalfooter/6/de_DE/assets/ac-footer/legacy/appleicons_text.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.appleid.oauth-icloud.com/	1969-12-31 23:59:59	Name: idclient Value: web
.oauth-icloud.com/	1969-12-31 23:59:59	Name: dslang Value: DE-DE
.oauth-icloud.com/	1969-12-31 23:59:59	Name: site Value: DEU
.appleid.oauth-icloud.com/	1969-12-31 23:59:59	Name: aidsp Value: 553E932B41DDC0D424F9094B4F8C4F90FCF23D29BB2E3443CE5F4163E26212062E8814D4F522F89667D82E129E6F00EC70D2D19ABC2A3682B2EC38F02220EA6C03FE35FDC05B8D223A80D55745809C5D98066451A082EB335FACAC9167D9765481C42284C9086A7CBAE9DBE53ED06FA1DCD25AE478375C1D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1\|SF+Pro+Icons,v1 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://appleid.oauth-icloud.com/ Message: Access to font at 'https://www.apple.com/ac/globalfooter/6/de_DE/assets/ac-footer/legacy/appleicons_text.woff' from origin 'https://appleid.oauth-icloud.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.apple.com/ac/globalfooter/6/de_DE/assets/ac-footer/legacy/appleicons_text.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://appleid.oauth-icloud.com/ Message: Access to font at 'https://www.apple.com/ac/globalfooter/6/de_DE/assets/ac-footer/legacy/appleicons_text.ttf' from origin 'https://appleid.oauth-icloud.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.apple.com/ac/globalfooter/6/de_DE/assets/ac-footer/legacy/appleicons_text.ttf Message: Failed to load resource: net::ERR_FAILED
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://idmsa.apple.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appleid.cdn-apple.com
appleid.oauth-icloud.com
idmsa.apple.com
www.apple.com
www.apple.com
17.32.194.7
194.135.33.55
2.17.186.40
2a02:26f0:6c00:29a::1aca
144da382154b140a4585b1b7121835220406400c4f66def2b7f10863ff7bca62
16e30f5480bc1dd538ad90ab859cda8a78badb4c3e9ddc3dfb5a5b6a358091e4
1e281e5d429981905e0c937ed7b9ca93559569504d49640c494aae8da7c58ef5
239a5df48a713570be0fd532184befe721d7dbc1be9c47cb6b2906015bfabab4
2aee971442460cb00c8c7412dff4519ccf7206946312f534dfc363f3b1d11a7c
2e2a0f886042318860883c56fd0b366b74c2c1de42a6aaa17eaf44cb1fa7ee64
2f1cd57b13f6da9ea0610baa24c660ed5ae99bec708acd0c263b2fbd0cb2e59d
4053ed51ab673d5d907f057127c5ee3d72a72fe02251459d27e9a9d86257d9df
4209a6165a7b44b64f4a2b7bae04d1eac5367dcb03e823d9836bdaddfac5491a
56b5afa556b3265d6c0c6d9b87e8ca5cc9ab14b80fce1e33ecc4457c4b37464e
61347f9a8a533ac11be0ad22b29d1fa30312cb0c9df37af035630e76f1b4bc61
81849741dc42d40b8338a222866c5009893103efb5bdc4101d0ae5ca4d6e1375
8b25224a4527ed4efee23b222227fe0f00f1ef2ecfc3a64d0d55f9ba8a77d06b
8e743265af12582065cb564bc0fcbf6b391fbc749eea733eef98e188fbb837d5
94ee144e0f02b37ac50aa5f839618e3caaf569c1d0b517bf7d2d244e6e33c350
95d20f4778660c38ec9ca629cfcb38e2c231432a88111562d90c56b3e73ea6c3
9688ab8eb6fd813ff3416f17ca6ee1c918be9ca85b7c56b04f435fbc90f142fc
9e8dccd49921b1515f80b599ae69b01e95f620fcf92de93c91d1835c6da02aea
a6184c9c55c75d613c2e81f5238d7e436714fab15e116eb29059d22817a90ef2
b5a90cc9fab2ad334201823c24bbeeef322395ed9069e1966515d1d27dd7778e
cb58dd8d610ca310a1651f5245828221dbbe8e5db8657dcd6cd480a395e19867
d558adb34431925b180ac09fc8039aa0008ba96a4ac386e5a74ff1121ec83737
d577c9d1bad004bdabb9d0995cec0714e98b76e6053f2765ed09c23de6f328b0
db645e8610c56a69be65cf9cf0ceebbb20bc505f1b91661b1617f8f7f26dbfc9
e3e8f864a3893b44258aedeb6260d85723541a9cdb5dc4daf141ccb769214648
eaa048615231faa8cfc35e0e2677cffdad48b59ff7b58cfd3ac111695af073a1
f1cd98822be46341b217b662db5cf71af58e176b471250d3099b1370dcce57fa
fc1dc5451975ee2e3cca010f0c398ef6a940d5b2d48c9ae57e83022ff9b3e52f
fe5eb97414d903a382cdaa0fb6a44a4eca95902605ad123fc281e3d755b61d0f

appleid.oauth-icloud.com Open in urlscan Pro 194.135.33.55 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

94 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

5 IPs

3 Countries

1105 kBTransfer

2334 kBSize

4 Cookies

20 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

appleid.oauth-icloud.com Open in urlscan Pro
194.135.33.55 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

94 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

1105 kB
Transfer

2334 kB
Size

4
Cookies

33 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!