appleid.musicforusa.com Open in urlscan Pro
2606:4700:3034::ac43:d6a5  Malicious Activity! Public Scan

22 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request sign-in Show response appleid.musicforusa.com/	120 KB 23 KB	1189ms 778ms	Document text/html	2606:4700:3034::ac43:d6a5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://appleid.musicforusa.com/sign-in Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d6a5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9e51f21a6162dced5bd1ade955aa119bc547013865d83df8624db45516c29e7c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache no-store cf-cache-status DYNAMIC cf-ray 7a993981c81cc45e-EWR content-encoding br content-language en-US-x-lvariant-USA content-type text/html;charset=UTF-8 date Sat, 18 Mar 2023 00:05:33 GMT expires Thu, 01 Jan 1970 00:00:00 GMT host appleid.apple.com nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache referrer-policy origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QM0Dn%2ButfOpEaP2EWydbbGZxEdM9FaxKZ0e28fa3GY6RUK%2B6uBy%2B%2FI2x9rMob%2Fob%2F8m512TTgbLw%2BtZuUTMPp3SDYPMLiy2oVDp9Evdj1W2pTlePSOfaRedPK2%2FwO%2FT2mVziq5iFfgnG%2FWlolJTxQnBYMjwIQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary accept-encoding x-apple-i-request-id 9a35dd38-c520-11ed-beb0-311d356c1840 x-buildversion R7_2
GET H2	404	fonts www.apple.com/wss/	0 0	80ms 40ms	Stylesheet text/html	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.apple.com/wss/fonts?families=SF+Pro,v3|SF+Pro+Icons,v3 Requested by Host: appleid.musicforusa.com URL: https://appleid.musicforusa.com/sign-in Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers
GET H2	200	ac-globalnav.built.css www.apple.com/ac/globalnav/7/en_US/styles/	114 KB 13 KB	102ms 62ms	Stylesheet text/css	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Requested by Host: appleid.musicforusa.com URL: https://appleid.musicforusa.com/sign-in Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash 60666cffc7c999ebc9392fbf55e0e545f8fa0705774f9d5449e95046d470618d Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com strict-transport-security max-age=31536000; includeSubdomains x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:33 GMT content-encoding gzip ntcoent-length 116297 x-cache TCP_REFRESH_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (S) content-length 12667 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade x-cache-remote TCP_IMS_HIT from a23-47-145-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) server Apple vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css cache-control max-age=251 expires Sat, 18 Mar 2023 00:09:44 GMT
GET H2	200	ac-globalfooter.built.css www.apple.com/ac/globalfooter/7/en_US/styles/	44 KB 6 KB	82ms 43ms	Stylesheet text/css	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.apple.com/ac/globalfooter/7/en_US/styles/ac-globalfooter.built.css Requested by Host: appleid.musicforusa.com URL: https://appleid.musicforusa.com/sign-in Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash 834f65e861d9e517777f27ebc9bbd2a2fdb291c9d2d913d03e8bad40600da99a Security Headers Name Value Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers content-security-policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com strict-transport-security max-age=31536000; includeSubdomains x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:33 GMT content-encoding gzip server Apple ntcoent-length 45448 x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css x-cache TCP_MEM_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) cache-control max-age=210 content-length 5342 x-xss-protection 1; mode=block expires Sat, 18 Mar 2023 00:09:03 GMT
GET H/1.1	200 OK	common-header.js Show response appleid.cdn-apple.com/static/jsj/N1303632466/	44 KB 15 KB	63ms 22ms	Script application/javascript	96.6.31.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/static/jsj/N1303632466/common-header.js Requested by Host: appleid.musicforusa.com URL: https://appleid.musicforusa.com/sign-in Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.6.31.49 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-31-49.deploy.static.akamaitechnologies.com Software Apple / Resource Hash b5a9bf072ade217ab958474521d73134e7c3520e2fb56722a8bf555769dbff72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Sat, 18 Mar 2023 00:05:33 GMT Last-Modified Thu, 02 Mar 2023 16:56:24 GMT Server Apple Host appleid.apple.com ETag W/"45018-1677776184901" Vary accept-encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid.apple.com Cache-Control public, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 14698
GET H/1.1	200 OK	authService.latest.min.js Show response appleid.cdn-apple.com/appleauth/static/jsapi/	45 KB 14 KB	55ms 14ms	Script application/javascript	96.6.31.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/appleauth/static/jsapi/authService.latest.min.js Requested by Host: appleid.musicforusa.com URL: https://appleid.musicforusa.com/sign-in Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.6.31.49 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-31-49.deploy.static.akamaitechnologies.com Software Apple / Resource Hash 1da825ac269fbe94434b15e99cebe92b8bf478c3efb75c791d26f92e27c9a1fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Sat, 18 Mar 2023 00:05:33 GMT Last-Modified Thu, 16 Mar 2023 17:43:30 GMT Server Apple ETag W/"45810-1678988610026" Vary accept-encoding Content-Type application/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control public, max-age=1800,stale-while-revalidate=1800 Connection keep-alive Accept-Ranges bytes Content-Length 13552
GET H/1.1	200 OK	home-8b37c72f8d7471d0a835.css appleid.cdn-apple.com/static/module-assets/	712 KB 47 KB	31ms 28ms	Stylesheet text/css	96.6.31.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/static/module-assets/home-8b37c72f8d7471d0a835.css Requested by Host: appleid.musicforusa.com URL: https://appleid.musicforusa.com/sign-in Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.6.31.49 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-31-49.deploy.static.akamaitechnologies.com Software Apple / Resource Hash d20f71d6ce5dbebf8bd8e70a7da2e6b43a42f6195c02fb92043385c728b07c55 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Sat, 18 Mar 2023 00:05:33 GMT Last-Modified Thu, 23 Feb 2023 17:22:33 GMT Server Apple Host appleid.apple.com ETag W/"728628-1677172953794" Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin https://appleid.apple.com Cache-Control public, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 47659
GET H/1.1	200 OK	runtime-7c230c897aa25565c3d1.js Show response appleid.cdn-apple.com/static/module-assets/	4 KB 2 KB	11ms 10ms	Script application/javascript	96.6.31.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/static/module-assets/runtime-7c230c897aa25565c3d1.js Requested by Host: appleid.musicforusa.com URL: https://appleid.musicforusa.com/sign-in Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.6.31.49 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-31-49.deploy.static.akamaitechnologies.com Software Apple / Resource Hash 1a4b470e2e5970b66b2021ad2fddada4257b6c168366bc4556197fdb2b4db247 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Sat, 18 Mar 2023 00:05:34 GMT Last-Modified Thu, 16 Mar 2023 20:27:58 GMT Server Apple Host appleid.apple.com ETag W/"4265-1678998478040" Vary accept-encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid.apple.com Cache-Control public, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 2038
GET H/1.1	200 OK	react-redux-kit-a1addbd2891d9c657e2b.js Show response appleid.cdn-apple.com/static/module-assets/	178 KB 59 KB	9ms 6ms	Script application/javascript	96.6.31.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/static/module-assets/react-redux-kit-a1addbd2891d9c657e2b.js Requested by Host: appleid.musicforusa.com URL: https://appleid.musicforusa.com/sign-in Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.6.31.49 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-31-49.deploy.static.akamaitechnologies.com Software Apple / Resource Hash 202421a242a4216c4c0e1063bc4e7c97df29930f5e6721bce1f4b87d80935b88 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Sat, 18 Mar 2023 00:05:34 GMT Last-Modified Fri, 03 Mar 2023 19:19:52 GMT Server Apple Host appleid.apple.com ETag W/"182506-1677871192602" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid.apple.com Cache-Control public, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 59885
GET H/1.1	200 OK	home-e696e39e11aa2e57df0a.js Show response appleid.cdn-apple.com/static/module-assets/	879 KB 238 KB	15ms 11ms	Script application/javascript	96.6.31.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/static/module-assets/home-e696e39e11aa2e57df0a.js Requested by Host: appleid.musicforusa.com URL: https://appleid.musicforusa.com/sign-in Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.6.31.49 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-31-49.deploy.static.akamaitechnologies.com Software Apple / Resource Hash fd009e7324cf757e5fe90f58c68fd77551670e45fec2e87c13560a43acf8cb85 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Sat, 18 Mar 2023 00:05:34 GMT Last-Modified Thu, 16 Mar 2023 20:27:58 GMT Server Apple Host appleid.apple.com ETag W/"899756-1678998478307" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid.apple.com Cache-Control public, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 243439
GET H/1.1	200 OK	531-5d4ccdf8aa9a99dd68e1.js Show response appleid.cdn-apple.com/static/module-assets/	401 KB 108 KB	16ms 15ms	Script application/javascript	96.6.31.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/static/module-assets/531-5d4ccdf8aa9a99dd68e1.js Requested by Host: appleid.cdn-apple.com URL: https://appleid.cdn-apple.com/static/module-assets/runtime-7c230c897aa25565c3d1.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.6.31.49 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-31-49.deploy.static.akamaitechnologies.com Software Apple / Resource Hash 6c1273b6a5e2e9ea06aa112e5550023dee3c5c1320ccb5704dd41e123ee167c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Sat, 18 Mar 2023 00:05:34 GMT Last-Modified Thu, 23 Feb 2023 17:22:26 GMT Server Apple Host appleid.apple.com ETag W/"410386-1677172946315" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid.apple.com Cache-Control public, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 109902
GET H/1.1	200 OK	WebApp-c6d1882e4da90f1bf9b0.css appleid.cdn-apple.com/static/module-assets/	230 KB 17 KB	7ms 4ms	Stylesheet text/css	96.6.31.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/static/module-assets/WebApp-c6d1882e4da90f1bf9b0.css Requested by Host: appleid.cdn-apple.com URL: https://appleid.cdn-apple.com/static/module-assets/runtime-7c230c897aa25565c3d1.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.6.31.49 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-31-49.deploy.static.akamaitechnologies.com Software Apple / Resource Hash e964cdd49da9a3d41db3c0eaaff40a4f1d838a85909346cb32def16939aa3653 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Sat, 18 Mar 2023 00:05:34 GMT Last-Modified Thu, 23 Feb 2023 17:22:26 GMT Server Apple Host appleid.apple.com ETag W/"235150-1677172946580" Vary Accept-Encoding Content-Type text/css Access-Control-Allow-Origin https://appleid.apple.com Cache-Control public, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 17049
GET H/1.1	200 OK	WebApp-45047cae6aa60de700c9.js Show response appleid.cdn-apple.com/static/module-assets/	855 KB 562 KB	7ms 5ms	Script application/javascript	96.6.31.49 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://appleid.cdn-apple.com/static/module-assets/WebApp-45047cae6aa60de700c9.js Requested by Host: appleid.cdn-apple.com URL: https://appleid.cdn-apple.com/static/module-assets/runtime-7c230c897aa25565c3d1.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.6.31.49 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-6-31-49.deploy.static.akamaitechnologies.com Software Apple / Resource Hash 5bea5a1318ba41613172e57bdc62aefd9f419432690af44e487f180bdf6d9cfe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Content-Encoding gzip Date Sat, 18 Mar 2023 00:05:34 GMT Last-Modified Thu, 16 Mar 2023 20:27:58 GMT Server Apple Host appleid.apple.com ETag W/"875510-1678998478039" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin https://appleid.apple.com Cache-Control public, max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 574982
GET H2	200	portal Show response appleid.musicforusa.com/bootstrap/	405 B 1 KB	688ms 670ms	Fetch application/json	2606:4700:3034::ac43:d6a5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://appleid.musicforusa.com/bootstrap/portal Requested by Host: appleid.cdn-apple.com URL: https://appleid.cdn-apple.com/static/module-assets/home-e696e39e11aa2e57df0a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d6a5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa9d52e38cb1e3b75e5fec330b759f392e14e8149715f4ddc2fd30ace714e25b Request headers X-Apple-I-FD-Client-Info {"U":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36","L":"en-US","Z":"GMT+00:00","V":"1.1","F":"Fla44j1e3NlY5BNlY5BSmHACVZXnN91Mh2q_v813ELv.2dI_AIQjvEodUW2vqBBNtQgB8DApDK1dDvmeUkaUd2wHBBNlY5BPY25BNnOVgw24uy.9MY"} X-Apple-I-Request-Context ca accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type application/json Accept application/json, text/plain, */* Referer https://appleid.musicforusa.com/ X-Apple-I-TimeZone Etc/Unknown Response headers date Sat, 18 Mar 2023 00:05:35 GMT x-apple-i-request-id 9b0a930b-c520-11ed-ba88-498d0740a359 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma no-cache referrer-policy origin server cloudflare host appleid.apple.com vary accept-encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NLXfhEZcuF0wKcg27YcQqfeWjx0gY4c17vHEtIuzWvi4hDOs8mTU%2FSXGrml7NmO6y4IyPL%2FKJdTYANejLK16cWOdGEwM0PywpBvetFJ1tsGQH9V%2B5LHmT8y%2BIoV4iJMuFkNm%2FJAGPg4AIQ7RKcykjvfiL%2FDiw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json;charset=UTF-8 cache-control no-cache, no-store cf-ray 7a99398a7b05423e-EWR x-buildversion R7_2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET		token appleid.apple.com/account/manage/gs/ws/	0 0
OPTIONS H/1.1	403	token appleid.apple.com/account/manage/gs/ws/ Frame	0 0	1031ms 22ms	Preflight	17.32.194.6 APPLE-ENGINEERING
General Check archive.org Show headers Download Go to Full URL https://appleid.apple.com/account/manage/gs/ws/token Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 17.32.194.6 Maiden, United States, ASN714 (APPLE-ENGINEERING, US), Reverse DNS appleid-nc-s.apple.com Software Apple / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-apple-i-fd-client-info,x-apple-i-request-context,x-apple-i-timezone Access-Control-Request-Method GET Origin https://appleid.musicforusa.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Connection keep-alive Content-Encoding gzip Date Sat, 18 Mar 2023 00:05:36 GMT Server Apple Transfer-Encoding chunked Vary origin,access-control-request-method,access-control-request-headers,accept-encoding X-Apple-I-Request-ID 9bcecd71-c520-11ed-a437-cf95bee69116
GET H2	200	logout apps.apple.com/includes/cwa/ Frame 00E0	0 0	263ms 14ms	Document text/html	2600:1400:d:58d::2a1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://apps.apple.com/includes/cwa/logout Requested by Host: appleid.cdn-apple.com URL: https://appleid.cdn-apple.com/static/module-assets/react-redux-kit-a1addbd2891d9c657e2b.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:58d::2a1 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software daiquiri/3.0.0 / Resource Hash Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://appleid-dev.apple.com https://appleid-qa1.corp.apple.com https://appleid-ut.corp.apple.com https://appleid-stage.apple.com https://appleid.apple.com; Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://appleid.musicforusa.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-US,en;q=0.9 Response headers apple-originating-system UnknownOriginatingSystem apple-seq 0.0 apple-tk false cache-control no-transform, max-age=44 content-encoding gzip content-length 433 content-security-policy frame-ancestors 'self' https://appleid-dev.apple.com https://appleid-qa1.corp.apple.com https://appleid-ut.corp.apple.com https://appleid-stage.apple.com https://appleid.apple.com; content-type text/html date Sat, 18 Mar 2023 00:05:36 GMT etag "d5ba4a6ab11546b67e525527e6a90a55" last-modified Fri, 10 Mar 2023 00:46:16 GMT server daiquiri/3.0.0 strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-apple-jingle-correlation-key 5OUNF7S3KIZ6VBBYHAYXAFQT3U x-apple-request-uuid eba8d2fe-5b52-33ea-8438-3831701613dd x-apple-version-number 2310.30.0 x-cache TCP_REFRESH_HIT from a23-33-238-23.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.1-47377106) (S) x-cache-remote TCP_IMS_HIT from a104-103-70-41.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) x-daiquiri-instance daiquiri:15887002:mr85p00it-hyhk04103901:7987:23RELEASE21:daiquiri-amp-all-shared-int-001-mr daiquiri:18493001:mr85p00it-hyhk03154801:7987:23RELEASE21:daiquiri-amp-all-shared-ext-001-mr daiquiri:11896003:mr47p00it-qujn06120101:7987:23RELEASE21:daiquiri-amp-store-l7shared-int-001-mr daiquiri:17117002:mr85p00it-hyhk03144601:7987:23RELEASE21:daiquiri-amp-store-shared-ext-002-mr x-frame-options SAMEORIGIN x-responding-instance silverbullet-external:3032:mr28p00it-ztdg08102401:8301:22REL2
GET H2	200	globalnav_apple_image__b5er5ngrzxqq_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	863 B 1 KB	11ms 6ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_apple_image__b5er5ngrzxqq_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash 185fef753937fdebf36104cf6481152e587d964a1b3496ab5d7623922a147a44 Security Headers Name Value Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_MEM_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) content-length 506 x-xss-protection 1; mode=block last-modified Sun, 24 Oct 2021 03:40:19 GMT server Apple x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=203 accept-ranges bytes expires Sat, 18 Mar 2023 00:08:59 GMT
GET H2	200	globalnav_links_store_image__c7jy08initqq_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	2 KB 2 KB	17ms 12ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_store_image__c7jy08initqq_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash 55d7561df16af1de5799324be81a44754dad9dab88ff218332afe9f025d77cc6 Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_REFRESH_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (S) cneonction close nncoection close content-length 962 x-xss-protection 1; mode=block last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-cache-remote TCP_IMS_HIT from a23-47-145-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=473 accept-ranges bytes expires Sat, 18 Mar 2023 00:13:29 GMT
GET H2	200	globalnav_links_mac_image__dazlko3t9a6a_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	1 KB 1 KB	51ms 46ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_mac_image__dazlko3t9a6a_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash 85b8c05e05b9e061cc54ea913585892d53a4a924e21ca56a5e8a157530fcadec Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_REFRESH_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (S) content-length 598 x-xss-protection 1; mode=block last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-cache-remote TCP_IMS_HIT from a23-47-145-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=593 accept-ranges bytes expires Sat, 18 Mar 2023 00:15:29 GMT
GET H2	200	globalnav_links_ipad_image__fw9qyj9lloi2_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	1 KB 1 KB	33ms 28ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_ipad_image__fw9qyj9lloi2_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash 31543acd0ac919c7d8f12cdc9e825b73a9e9ee49c6401a3b71eb56dc36610873 Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers unused62 8096267 strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_MEM_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) content-length 634 x-xss-protection 1; mode=block last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=395 accept-ranges bytes expires Sat, 18 Mar 2023 00:12:11 GMT
GET H2	200	globalnav_links_iphone_image__ko7x4isga4ia_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	1 KB 2 KB	10ms 6ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_iphone_image__ko7x4isga4ia_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash 1ef5ee6840f53e79a2d93d107829d6abfb11e1f9f2e0891bd320619ff5ce7799 Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers unused62 8096267 strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_MEM_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) nncoection close content-length 692 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=218 accept-ranges bytes expires Sat, 18 Mar 2023 00:09:14 GMT
GET H2	200	globalnav_links_watch_image__gkoblojrlsqe_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	1 KB 1 KB	13ms 9ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_watch_image__gkoblojrlsqe_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash 7889fed7ca01fa0705b734d8374be93aabe54474b7fb9879bd483b396465c22e Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_MEM_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) nncoection close content-length 683 x-xss-protection 1; mode=block last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=419 accept-ranges bytes expires Sat, 18 Mar 2023 00:12:35 GMT
GET H2	200	globalnav_links_airpods_image__f969s84ivmaa_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	2 KB 2 KB	28ms 25ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_airpods_image__f969s84ivmaa_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash e7f5e4bb2a9897973aad5732fa800bcf8609ce74f54b6d5621077e51d0cdd800 Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_MEM_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) cneonction close nncoection close content-length 854 x-xss-protection 1; mode=block last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=397 accept-ranges bytes expires Sat, 18 Mar 2023 00:12:13 GMT
GET H2	200	globalnav_links_tvhome_image__zb2ewyxbi6ae_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	2 KB 2 KB	19ms 16ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_tvhome_image__zb2ewyxbi6ae_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash a1a6667c2d48c2865744854bebc70c4c526d0060aaa841662c4bd16deac78f07 Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_MEM_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) nncoection close content-length 1072 x-xss-protection 1; mode=block last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=75 accept-ranges bytes expires Sat, 18 Mar 2023 00:06:51 GMT
GET H2	200	globalnav_links_onlyonapple_image__c4t8k97tougm_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	3 KB 2 KB	23ms 20ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_onlyonapple_image__c4t8k97tougm_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash f4f0faac906bf261752abe7ed163f6207b3c894548972d3f4e9d47c93fd1ae3e Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_MEM_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) nncoection close content-length 1209 x-xss-protection 1; mode=block last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=254 accept-ranges bytes expires Sat, 18 Mar 2023 00:09:50 GMT
GET H2	200	globalnav_links_accessories_image__edj0wqmfwxyu_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	4 KB 2 KB	32ms 29ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_accessories_image__edj0wqmfwxyu_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash 17aa4b44dae653f9a47130f8b6dcd98ec680f08a5bee286c8a9cdc8e5a3d678d Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_MEM_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (A) cneonction close nncoection close content-length 1066 x-xss-protection 1; mode=block last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=34 accept-ranges bytes expires Sat, 18 Mar 2023 00:06:10 GMT
GET H2	200	globalnav_links_support_image__bw9kctll7u3m_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	2 KB 2 KB	29ms 27ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_support_image__bw9kctll7u3m_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash 71392abcfe2eac44a408c9a10ee75abb8661fa50072880379cb00833142370b7 Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_REFRESH_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (S) cneonction close nncoection close content-length 869 x-xss-protection 1; mode=block last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-cache-remote TCP_IMS_HIT from a23-47-145-199.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (A) x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=38 accept-ranges bytes expires Sat, 18 Mar 2023 00:06:14 GMT
GET H2	200	globalnav_search_image__cbllq1gkias2_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	541 B 1 KB	23ms 21ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_search_image__cbllq1gkias2_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash a744871014431ff682fd7c87ed6fd05fb502dcd707c971b070cc88fc18f881d3 Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_MEM_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) nncoection close content-length 251 x-xss-protection 1; mode=block last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=129 accept-ranges bytes expires Sat, 18 Mar 2023 00:07:45 GMT
GET H2	200	globalnav_bag_image__yzte50i47ciu_large.svg www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/	477 B 1 KB	20ms 18ms	Image image/svg+xml	2600:141b:13:79f::1aca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_bag_image__yzte50i47ciu_large.svg Requested by Host: www.apple.com URL: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:13:79f::1aca Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apple / Resource Hash 9f86e7072e1441b16c4f9bb1dcde29f5e4f57409aa0e1f23462222ee7a0935af Security Headers Name Value Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains content-security-policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com x-content-type-options nosniff date Sat, 18 Mar 2023 00:05:36 GMT content-encoding gzip x-cache TCP_MEM_HIT from a23-47-145-215.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2-47081134) (-) cneonction close nncoection close content-length 298 x-xss-protection 1; mode=block last-modified Thu, 14 Oct 2021 23:19:28 GMT server Apple x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/svg+xml cache-control max-age=186 accept-ranges bytes expires Sat, 18 Mar 2023 00:08:42 GMT
GET		appleicons_text.woff www.apple.com/ac/globalfooter/7/en_US/assets/ac-footer/legacy/	0 0
GET H/1.1	200	signin idmsa.apple.com/appleauth/auth/authorize/ Frame 5086	0 0	251ms 70ms	Document text/html	17.32.194.7 APPLE-ENGINEERING
General Check archive.org Show headers Download Go to Full URL https://idmsa.apple.com/appleauth/auth/authorize/signin?frame_id=auth-5kwjwer3-ey5z-swq8-8pof-58iujbuj&skVersion=7&iframeId=auth-5kwjwer3-ey5z-swq8-8pof-58iujbuj&client_id=af1139274f266b22b68c2a3e7ad932cb3c0bbe854e13a79af78dcc73136882c3&redirect_uri=https://appleid.musicforusa.com&response_type=code&response_mode=web_message&state=auth-5kwjwer3-ey5z-swq8-8pof-58iujbuj&authVersion=latest Requested by Host: appleid.cdn-apple.com URL: https://appleid.cdn-apple.com/appleauth/static/jsapi/authService.latest.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 17.32.194.7 Maiden, United States, ASN714 (APPLE-ENGINEERING, US), Reverse DNS Software Apple / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' ; child-src blob: ; connect-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://webcourier.sandbox.push.apple.com https://xp-qa.apple.com ; font-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; frame-src 'self' https://appleid.apple.com https://gsa.apple.com ; img-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://*.mzstatic.com data: https://*.apple.com ; media-src data: ; object-src 'none' ; script-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; style-src 'unsafe-inline' 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://appleid.musicforusa.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control no-cache no-store Connection keep-alive Content-Encoding gzip Content-Language en-US-x-lvariant-USA Content-Security-Policy default-src 'self' ; child-src blob: ; connect-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://webcourier.sandbox.push.apple.com https://xp-qa.apple.com ; font-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; frame-src 'self' https://appleid.apple.com https://gsa.apple.com ; img-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://*.mzstatic.com data: https://*.apple.com ; media-src data: ; object-src 'none' ; script-src 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; style-src 'unsafe-inline' 'self' https://www.apple.com https://appleid.cdn-apple.com https://idmsa.apple.com https://gsa.apple.com https://idmsa.apple.com.cn https://signin.apple.com ; Content-Type text/html;charset=UTF-8 Date Sat, 18 Mar 2023 00:05:36 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Referrer-Policy origin Server Apple Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked X-Apple-Auth-Attributes QKiX7HHFaY0iFXoDNF+OZkjq83LkhjtQCCntcx/Fw9RXm7uPrhVIjk6FeigE/zwzEg4Ejz2yH5bXN3OJKHnYmKidtvTTxV4HqQyviGnw3/JFl2hSa+Aqarnn8TmVi+mRKAPnhBm62VderVrvw4drRv5eASvMw26m0xPri1u3ALJzSm+SjkjeMSpDnGoIUIbwfFJYSwYfVqLbHc+BoRYFN9f96o9TXeKXiIQy37sAS9DO01kaPw== X-Apple-HC-Bits 10 X-Apple-HC-Challenge 056a9192c6ad37dccc43a40f883842f2 X-Apple-I-Request-ID 9c0a01ac-c520-11ed-a480-ef8c199756af X-Apple-I-Rscd 400 X-BuildVersion R7 X-Content-Type-Options nosniff X-FRAME-OPTIONS DENY X-XSS-Protection 1; mode=block scnt AAAA-jMyQzc4MkNGNjNGQjMyMzkzOUEyQjkxQzFENUZGNUY0QjExMUUwREUwMUE2QzgwNDM2MzczMDI4MDlDQTIxRkNGMkE3RTI0NjY1QkI1MzhCMUFCRjQxREY3RDQyNUIyMzBGQTdFRUI4MDk2RjMxN0E2MjQ1NUYyRjAxMzUyQUYzMTgwNEY4OThDNTAxREYwMEE2NjkzQTE0M0FFODgwNTI2Mzk2QkUxRTdENUI3NzVBQzQzQzM5QUVCN0Y0OEU3OUFBODZGREE0OTVFNEY2RUM2OTBGRTE3MjFFMTcyQTdCNzRDQzgzQkVCQjIwOTU3NnwxAAABhvIW9mzjAr4WGAteBHdgjYFMFhqnAowfaMZvv6TQvmmggX1r3pS7-vqwUwBYAEvQztGyoHZ5ONBOcVyWLpFdv6lrumI7Qc3UJ8VeBivQ5vEJBEOB7Q vary accept-encoding
OPTIONS H/1.1	403	jslog appleid.apple.com/ Frame	0 0	32ms 32ms	Preflight	17.32.194.6 APPLE-ENGINEERING
General Check archive.org Show headers Download Go to Full URL https://appleid.apple.com/jslog Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 17.32.194.6 Maiden, United States, ASN714 (APPLE-ENGINEERING, US), Reverse DNS appleid-nc-s.apple.com Software Apple / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-apple-i-fd-client-info,x-apple-i-request-context,x-apple-i-timezone Access-Control-Request-Method POST Origin https://appleid.musicforusa.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Connection keep-alive Content-Encoding gzip Date Sat, 18 Mar 2023 00:05:36 GMT Server Apple Transfer-Encoding chunked Vary origin,access-control-request-method,access-control-request-headers,accept-encoding X-Apple-I-Request-ID 9c17bc67-c520-11ed-ba88-498d0740a359
GET DATA	200 OK	truncated /	516 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5d2270dd987043f011aa4fd9b5b710f371716ae41f073a7080208a5c7f09632a Request headers accept-language en-US,en;q=0.9 Referer https://appleid.musicforusa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
POST		jslog appleid.apple.com/	0 0
GET		appleicons_text.ttf www.apple.com/ac/globalfooter/7/en_US/assets/ac-footer/legacy/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

appleid.apple.com

URL

https://appleid.apple.com/account/manage/gs/ws/token

Domain

www.apple.com

URL

https://www.apple.com/ac/globalfooter/7/en_US/assets/ac-footer/legacy/appleicons_text.woff

Domain

appleid.apple.com

URL

https://appleid.apple.com/jslog

Domain

www.apple.com

URL

https://www.apple.com/ac/globalfooter/7/en_US/assets/ac-footer/legacy/appleicons_text.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| html5 object| Modernizr object| Detectizr object| AppleID object| idmsapis object| webpackChunk_idms_private_account_portal object| options object| appidmsparm object| dcHelper object| AC function| setPageFeature

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.musicforusa.com/	1969-12-31 23:59:59	Name: dslang Value: US-EN
			.musicforusa.com/	1969-12-31 23:59:59	Name: site Value: USA

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.apple.com/wss/fonts?families=SF+Pro,v3|SF+Pro+Icons,v3 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://appleid.musicforusa.com/sign-in Message: Access to fetch at 'https://appleid.apple.com/account/manage/gs/ws/token' from origin 'https://appleid.musicforusa.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://appleid.apple.com/account/manage/gs/ws/token Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://appleid.musicforusa.com/sign-in Message: Access to font at 'https://www.apple.com/ac/globalfooter/7/en_US/assets/ac-footer/legacy/appleicons_text.woff' from origin 'https://appleid.musicforusa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.apple.com/ac/globalfooter/7/en_US/assets/ac-footer/legacy/appleicons_text.woff Message: Failed to load resource: net::ERR_FAILED
security	error	Message: Refused to frame 'https://apps.apple.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' https://appleid-dev.apple.com https://appleid-qa1.corp.apple.com https://appleid-ut.corp.apple.com https://appleid-stage.apple.com https://appleid.apple.com".
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://idmsa.apple.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	error	URL: https://appleid.musicforusa.com/sign-in Message: Access to fetch at 'https://appleid.apple.com/jslog' from origin 'https://appleid.musicforusa.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://appleid.apple.com/jslog Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://appleid.musicforusa.com/sign-in Message: Access to font at 'https://www.apple.com/ac/globalfooter/7/en_US/assets/ac-footer/legacy/appleicons_text.ttf' from origin 'https://appleid.musicforusa.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.apple.com/ac/globalfooter/7/en_US/assets/ac-footer/legacy/appleicons_text.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appleid.apple.com
appleid.cdn-apple.com
appleid.musicforusa.com
apps.apple.com
idmsa.apple.com
www.apple.com
appleid.apple.com
www.apple.com
17.32.194.6
17.32.194.7
2600:1400:d:58d::2a1
2600:141b:13:79f::1aca
2606:4700:3034::ac43:d6a5
96.6.31.49
17aa4b44dae653f9a47130f8b6dcd98ec680f08a5bee286c8a9cdc8e5a3d678d
185fef753937fdebf36104cf6481152e587d964a1b3496ab5d7623922a147a44
1a4b470e2e5970b66b2021ad2fddada4257b6c168366bc4556197fdb2b4db247
1da825ac269fbe94434b15e99cebe92b8bf478c3efb75c791d26f92e27c9a1fe
1ef5ee6840f53e79a2d93d107829d6abfb11e1f9f2e0891bd320619ff5ce7799
202421a242a4216c4c0e1063bc4e7c97df29930f5e6721bce1f4b87d80935b88
31543acd0ac919c7d8f12cdc9e825b73a9e9ee49c6401a3b71eb56dc36610873
55d7561df16af1de5799324be81a44754dad9dab88ff218332afe9f025d77cc6
5bea5a1318ba41613172e57bdc62aefd9f419432690af44e487f180bdf6d9cfe
5d2270dd987043f011aa4fd9b5b710f371716ae41f073a7080208a5c7f09632a
60666cffc7c999ebc9392fbf55e0e545f8fa0705774f9d5449e95046d470618d
6c1273b6a5e2e9ea06aa112e5550023dee3c5c1320ccb5704dd41e123ee167c0
71392abcfe2eac44a408c9a10ee75abb8661fa50072880379cb00833142370b7
7889fed7ca01fa0705b734d8374be93aabe54474b7fb9879bd483b396465c22e
834f65e861d9e517777f27ebc9bbd2a2fdb291c9d2d913d03e8bad40600da99a
85b8c05e05b9e061cc54ea913585892d53a4a924e21ca56a5e8a157530fcadec
9e51f21a6162dced5bd1ade955aa119bc547013865d83df8624db45516c29e7c
9f86e7072e1441b16c4f9bb1dcde29f5e4f57409aa0e1f23462222ee7a0935af
a1a6667c2d48c2865744854bebc70c4c526d0060aaa841662c4bd16deac78f07
a744871014431ff682fd7c87ed6fd05fb502dcd707c971b070cc88fc18f881d3
b5a9bf072ade217ab958474521d73134e7c3520e2fb56722a8bf555769dbff72
d20f71d6ce5dbebf8bd8e70a7da2e6b43a42f6195c02fb92043385c728b07c55
e7f5e4bb2a9897973aad5732fa800bcf8609ce74f54b6d5621077e51d0cdd800
e964cdd49da9a3d41db3c0eaaff40a4f1d838a85909346cb32def16939aa3653
f4f0faac906bf261752abe7ed163f6207b3c894548972d3f4e9d47c93fd1ae3e
fa9d52e38cb1e3b75e5fec330b759f392e14e8149715f4ddc2fd30ace714e25b
fd009e7324cf757e5fe90f58c68fd77551670e45fec2e87c13560a43acf8cb85