detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 21 Feb 2023 09:20:18 GMT
Age: 72112
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 378d97dfed95fd35bca9d8699e56151a
46f96f400be9e5208ccbad84540a7855c9994bef
b86917bafe1d5d6f762dbbe5af0b906ce61e505539b5fe2a1e49b09d500a90c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B86917BAFE1D5D6F762DBBE5AF0B906CE61E505539B5FE2A1E49B09D500A90C6"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4380
Expires: Wed, 22 Feb 2023 06:35:11 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfa36617b3c3b31bda13d2caec1f680a
f6dda69c2c5b3436f1dcfc864246f0f07e7895bd
20f65d6d5b26a06e90d1fc06c17f0affc856f687e2d90d27233faa8c8bb12160
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20F65D6D5B26A06E90D1FC06C17F0AFFC856F687E2D90D27233FAA8C8BB12160"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5084
Expires: Wed, 22 Feb 2023 06:46:55 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 43 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash cb5da81448ab004b8643a49655e4d708
4dde07804c489548b6ca7109ee35b090c2848beb
3f226a45f2945ece2108e3e453d9a4e97ab650743192bf32996df3dfd75efadf
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: 7E4WvYoq470jJ4BmmeOqs4DAU4iOiemCNrLIpTbFUcnnu52tPc-gsQ==
content-encoding: gzip
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 05:14:56 GMT
age: 625
content-type: application/json
vary: Accept-Encoding
content-length: 42662
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3c926acb3daeb63b5374bdc352bbb679
167a2af5a3c8d1ec6d16c8f7ef1e063ce14ed481
e0bbf50d7d572d0b16ba4be51b190c4776777ecb572db9b25574b66d8e56ce36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0BBF50D7D572D0B16BA4BE51B190C4776777ECB572DB9B25574B66D8E56CE36"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11232
Expires: Wed, 22 Feb 2023 08:29:23 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BR3dtoHi9Wt1UcCN9N8TMcJeDxkHbRyeyEqs5IQQEyz5Wd12UBfrT0GFPyQHZ75u18trchwGXcA=
x-amz-request-id: NTAGN7NYH6NX4HS1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Feb 2023 04:58:48 GMT
age: 1403
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 97d7dde89cca188d19690d7bf759d034
7ec36525c8b5e8e278f0c5f26da3316687d89041
f8b500f9b1e8188807aab20f8e2540b5b2e888b13ff5f6f6211bbc28056f23e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8B500F9B1E8188807AAB20F8E2540B5B2E888B13FF5F6F6211BBC28056F23E8"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6587
Expires: Wed, 22 Feb 2023 07:11:58 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Feb 2023 04:38:11 GMT
content-type: application/json
age: 2640
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 05:22:11 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ea6730b0f10a6a69279d1643d6e0c355
b8cfe20c0f774c77467f0865e741990515b0b4db
2b0da2150aba5d2188b7c3b196d482e9cd9cc789e10efeec9576b4e00d21646d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2428
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 05:22:11 GMT
Last-Modified: Wed, 22 Feb 2023 04:41:43 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Feb 2023 04:51:26 GMT
age: 1845
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 94d194d4728ee415fb180610c25cb8cb
9b6a935fd24c43f427d6377d2d278592dcbcb372
cada2d0987669f945549c8f526568c04c4e0a3b662fb2c3efd30efe3a40e2577
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADA2D0987669F945549C8F526568C04C4E0A3B662FB2C3EFD30EFE3A40E2577"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4262
Expires: Wed, 22 Feb 2023 06:33:13 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 31497c8feb7244b8af9a51825584e392
3703b6a8510986783db9e19b7fd04e03b415d37f
79a9052da849dd23d87062e932b546d372379ed758c1c0a30b0670eca9fd50db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79A9052DA849DD23D87062E932B546D372379ED758C1C0A30B0670ECA9FD50DB"
Last-Modified: Tue, 21 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Wed, 22 Feb 2023 11:21:27 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
44.235.246.235200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 44.235.246.235:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Wed, 22 Feb 2023 05:22:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
push.services.mozilla.com/
34.216.140.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.140.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6hZ1eqViIPkYXpYY7L8OtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A3Z0tXL0aExPswdD6KubLLKVr9I=
appleidd.cyou/
103.181.135.108200 OK 1.8 kB IP 103.181.135.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1901)
Hash e69e87882f722d4e1cd2877a55e8c5e2
263c3ecd6a484add75b74476eb48c579027d5227
d79b0de833860b0437c2ad7a92be24e3e6e7355077c5d6572d95513e3ee61269
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET / HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1802
content-type: text/html; charset=utf-8
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221677034633557%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221677034633557%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (21681), with no line terminators
Hash 1f756f17ee545c83a8e563a9be5eb9f8
0440edf3703331e24bbdda82ef8391652e33b2a7
954e5a196bb674b4966f6ef8632076b34efd3f39898ac4472f1a9ecfd7bff287
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221677034633557%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21681
via: 1.1 google
date: Wed, 22 Feb 2023 05:02:02 GMT
age: 1210
last-modified: Wed, 22 Feb 2023 02:57:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 91abca0f08fb07b63ae1a0f2fd0a7c13
8b3dcf923848cfbca9756b8f1236ec5845d095be
63714422c51ac828ec167fe5900d29af636828e0b50be9a41d8674746cf7a128
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3519
Cache-Control: max-age=130794
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 05:22:12 GMT
Etag: "63f4f4af-1d7"
Expires: Thu, 23 Feb 2023 17:42:06 GMT
Last-Modified: Tue, 21 Feb 2023 16:43:27 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1676313455006&_since=%221666204638208%22
35.241.9.150200 OK 32 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1676313455006&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (32400), with no line terminators
Hash 95e488e43b0b17120315a40929758c77
828da5a1adcb6cd93bf8a775e69d3b4d2b6a6a5a
e572dca655faa0496d3e6bf770b2fe42bfd0264fc4dc858cb8b50f67e0465725
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1676313455006&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 32400
via: 1.1 google
date: Wed, 22 Feb 2023 04:16:50 GMT
age: 3922
last-modified: Tue, 21 Feb 2023 16:36:42 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
184.24.44.212200 OK 13 kB URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
IP 184.24.44.212:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2540a75e40969b8f6c816c66be1bf0ac
84c10e8286615566670e1380a80b05249d263fa3
9b303602d0eab00aa53cf537a04b93fecb5f6a60397b93dd69d4c0cfc6e2ef53
GET /ac/globalnav/7/en_US/styles/ac-globalnav.built.css HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apple
content-type: text/css
set-cookie: geo=NO; path=/; domain=.apple.com
x-content-type-options: nosniff
x-cache-remote: TCP_IMS_HIT from a23-218-92-31.deploy.akamaitechnologies.com (AkamaiGHost/11.0.1-46623256) (-)
vary: Accept-Encoding
ntcoent-length: 116297
cneonction: close
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
cache-control: max-age=0
expires: Wed, 22 Feb 2023 05:22:12 GMT
date: Wed, 22 Feb 2023 05:22:12 GMT
content-length: 12667
x-cache: TCP_REFRESH_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (S)
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: rQtvgH8wuF8jBUHOnxht9eytdTxvBbbCMM5hsMh/HGd1aqwEZ4Ahuyv1vl/kOHFhzJ6FxZiZDyJ1h17yjR2nqA==
x-amz-request-id: GJZXS98DSFFECC9M
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Feb 2023 04:48:30 GMT
age: 2022
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Feb 2023 04:38:11 GMT
content-type: application/json
age: 2641
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
appleid.cdn-apple.com/appleauth/static/cssj/602923700/widget/auth/app-sk7.css
23.43.132.13200 OK 42 kB URL HTTP/1.1 appleid.cdn-apple.com/appleauth/static/cssj/602923700/widget/auth/app-sk7.css
IP 23.43.132.13:0
File type Unicode text, UTF-8 text, with very long lines (64877), with no line terminators
Hash a51af6461af5ecb325065201eb689d93
5fdca3bac9e1e0d40a4e163a6b626762e2dedb89
a1ccf818054e837fdd93565aa2f7ab6e2b26309cccab21981d96cbdd71f10c38
GET /appleauth/static/cssj/602923700/widget/auth/app-sk7.css HTTP/1.1
Host: appleid.cdn-apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apple
Content-Type: text/css
Cache-Control: public, max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
ETag: W/"432959-1663616269972"
Last-Modified: Mon, 19 Sep 2022 19:37:49 GMT
Vary: accept-encoding
Content-Encoding: gzip
Content-Length: 42200
Date: Wed, 22 Feb 2023 05:22:12 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
appleidd.cyou/js/common-header.js
103.181.135.108200 OK 3.6 kB URL HTTP/2 appleidd.cyou/js/common-header.js
IP 103.181.135.108:0
File type ASCII text, with CRLF line terminators
Hash b083198252059000d6c9702cfe3f2f90
10d2b030f553895698674bd0b9a2d5f71e7e6ba9
b7a4ceff118ac256bf581f22553ee2f0322aeab5eed536c822d7187843aa1cd2
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET /js/common-header.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "3344-5f33ff1366fdd-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3595
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 84f8e2d1c22b2210dad1596c44de2bad
12cb454ccb2915bec4a2bbdb7360dc8ac26150e5
83d7e4717067389de751bc851af063a4a1f1785c783cda64ee304fca64b2597d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83D7E4717067389DE751BC851AF063A4A1F1785C783CDA64EE304FCA64B2597D"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14280
Expires: Wed, 22 Feb 2023 09:20:12 GMT
Date: Wed, 22 Feb 2023 05:22:12 GMT
Connection: keep-alive
appleidd.cyou/css/ac-globalfooter.built.css
103.181.135.108200 OK 6.0 kB URL HTTP/2 appleidd.cyou/css/ac-globalfooter.built.css
IP 103.181.135.108:0
File type Unicode text, UTF-8 text, with very long lines (45087), with no line terminators
Hash 5ace15a77d93f0595fbbda888b1cd8a1
056690120db892c05ec37f00eda1a9ff94b119eb
9adba0d6467d118fc029efb1dd36e684a7c3850f1fea8723dc76b0e98131dec8
Analyzer Verdict Alert openphish Apple Inc.
GET /css/ac-globalfooter.built.css HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "b0d8-5f33ff1361383-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6023
content-type: text/css
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP 34.111.73.144:0
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IXK++BM/kiqcv54R3eLC6r7EEij0dOQ0VXFiZ+xggm0IUtu6llzxdhdey6gLi8IjCwjnQsCH3zXmxxkOqotKjg==
x-amz-request-id: 87PG5PNZ69ZEMMBB
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Wed, 15 Feb 2023 12:55:33 GMT
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
age: 577599
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22
35.241.9.150200 OK 6.0 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (5951), with no line terminators
Hash 84c45909a46631dec23c78a3a547ca95
b511f80ad0abe7a6f0ce8988a0b9275573665c9a
ce6af1c28962645f13129411c11c7f156f0cd9e282f5ef0146d5cbd84a4e2b7e
GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5951
via: 1.1 google
date: Wed, 22 Feb 2023 04:48:30 GMT
age: 2022
last-modified: Sun, 19 Feb 2023 04:42:53 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677018954872&_since=%221666279968541%22
35.241.9.150200 OK 106 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677018954872&_since=%221666279968541%22
IP 35.241.9.150:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 106 kB (106519 bytes)
Hash e84007f4ec0541279ce64cf36e1ceb3a
0c8e6e058c5384b78118ba657edb331cb364dda1
a9b4b6b5d6bfe318370610568c633e56aa1e0e02e275734d238b3a324a743054
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677018954872&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 106519
via: 1.1 google
date: Wed, 22 Feb 2023 04:16:51 GMT
age: 3921
last-modified: Tue, 21 Feb 2023 22:35:54 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
appleidd.cyou/css/ac-globalnav.built.css
103.181.135.108200 OK 14 kB URL HTTP/2 appleidd.cyou/css/ac-globalnav.built.css
IP 103.181.135.108:0
File type ASCII text, with very long lines (712), with CRLF line terminators
Hash b3a12b6efa30ae6f778ea4def1ae3e8b
cb86e6509321825ff87d0258313b62990ac1c5bb
eb8edeb05a57f6cd3f2681fd73be6818ab720bae82ef16201d1e3f71bbf5e374
Analyzer Verdict Alert openphish Apple Inc.
GET /css/ac-globalnav.built.css HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "22299-5f33ff1360f9f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13889
content-type: text/css
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2
appleidd.cyou/css/228-3f644e07cb9c5c2e5340.css
103.181.135.108200 OK 5.0 kB URL HTTP/2 appleidd.cyou/css/228-3f644e07cb9c5c2e5340.css
IP 103.181.135.108:0
File type Unicode text, UTF-8 text, with very long lines (64278), with no line terminators
Hash ee9694181ab831106d83e7109acce923
8863b86f2a00be72296b5f56b457f01587240f6f
3bbbeed6839e249375f012c2008df94c842fb777c79ffe253a55e0c31b95b206
Analyzer Verdict Alert openphish Apple Inc.
GET /css/228-3f644e07cb9c5c2e5340.css HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "15c8f-5f33ff1360f9f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4954
content-type: text/css
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2
appleidd.cyou/js/la/layer.js
103.181.135.108200 OK 7.9 kB URL HTTP/2 appleidd.cyou/js/la/layer.js
IP 103.181.135.108:0
File type Unicode text, UTF-8 text, with very long lines (22680)
Hash 8677e7ab8522c8e019e3b5ed67d11a53
c57e0febe27275c6e32ae64a07664b690876b74d
fb4b4a42cf11f6dcb2ddb90e9d0c299881bf9dd4c2fcd0c46d97c517edcee16a
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET /js/la/layer.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "58d2-5f33ff136aa50-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7868
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22
35.241.9.150200 OK 60 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (59855), with no line terminators
Hash bcb198ca74c45fbd1b5861b2a0f9d223
5412c0ce213fac042543ac71439580df1344f9d6
cc36baa1c30fb3d6aa628df0a08dad136d3ddbf90fb7efcd7d814b80fed967d9
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 59855
via: 1.1 google
date: Wed, 22 Feb 2023 04:08:01 GMT
age: 4451
last-modified: Tue, 21 Feb 2023 20:40:27 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1505), with no line terminators
Hash 8c387573e466da58de34efecea89a4a1
3bee30f48f21c082dee7ce7b52ebd7b4e30edca8
019686dbf2b110ba2e746777c3539cf842f44eeb333ec45af0f41d785a2c9272
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1505
via: 1.1 google
date: Wed, 22 Feb 2023 05:20:45 GMT
age: 87
last-modified: Mon, 20 Feb 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 935 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Hash 6c796237d371d417e638a02a0cd932e7
6d289d3a27964ab953e0dd0d0d771ce754bc8851
b8d634496126a0452c5b9443293308160c29efffa1462027e0161876494982e8
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Wed, 22 Feb 2023 04:47:16 GMT
age: 2096
last-modified: Mon, 20 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (22469), with no line terminators
Hash 17717d070272f82b3d1e5ea83e8cb663
71c48b44180dd2fa42c9506df93de407f8ad3362
e9499f291df345def3e65b7c951365247357ba986c5c4aaf74c24bae96402a23
GET /v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22469
via: 1.1 google
date: Wed, 22 Feb 2023 05:12:15 GMT
age: 598
last-modified: Thu, 16 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: lbF8PfbmhJLy1cAWDcBdK7LEYc1dL8mRQiqlRl4lTQAuTUTt1TKuXHy5fWK1K/lQBKfROffrqpI=
x-amz-request-id: 78C0ZNTDNSHY8AJN
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Wed, 22 Feb 2023 04:53:13 GMT
age: 1740
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
content-length: 5348
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
35.241.9.150200 OK 2.4 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (2387), with no line terminators
Hash ffc6488079ed80a847550c9639a3dcbb
c605ae42b2e5f24edd322ff3dedcdb59487e3ffe
54185fa9e3158fc0bf16e9fc85b801f488dec533221128b5e00a12425d22b9b2
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2387
via: 1.1 google
date: Wed, 22 Feb 2023 05:13:38 GMT
age: 515
last-modified: Thu, 16 Feb 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 21 Feb 2023 09:20:18 GMT
Age: 72115
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
appleidd.cyou/js/site-jquery.min.js
103.181.135.108200 OK 33 kB URL HTTP/2 appleidd.cyou/js/site-jquery.min.js
IP 103.181.135.108:0
File type ASCII text, with very long lines (32056), with CRLF line terminators
Hash 5ec480205a2fbed2d54188cb5dd09873
3771c18ca7e2d84ae308a79ba587c4f1517d31bc
5172090b09d581591d763879e887441d3a795f0902c14ec82cb118635dc3d24a
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET /js/site-jquery.min.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "16b60-5f33ff13692f1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 32817
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2
appleidd.cyou/fonts?families=SF+Pro,v3|SF+Pro+Icons,v3|SF+Pro+JP,v1
103.181.135.108404 Not Found 1.8 kB URL HTTP/2 appleidd.cyou/fonts?families=SF+Pro,v3|SF+Pro+Icons,v3|SF+Pro+JP,v1
IP 103.181.135.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 321f9542c6ea17ba30fbc8e6e3d440d7
1ea37383d46323212f5418635664e80de5d42fb1
d30d0f9ce035c90119d4e51f7a81cff12e69f54389f1820fb439ecb0d72f5234
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET /fonts?families=SF+Pro,v3|SF+Pro+Icons,v3|SF+Pro+JP,v1 HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1829
content-type: text/html; charset=utf-8
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2
appleidd.cyou/js/jquery-3.4.1.min.js
103.181.135.108200 OK 1.7 kB URL HTTP/2 appleidd.cyou/js/jquery-3.4.1.min.js
IP 103.181.135.108:0
Hash 6b4b11b4f4dbb0873fb833da9de1e364
52e296f9a002ade6cb8faa9a3eb5bbeea4556ecc
b1fe5733d6277fa18fe98b388365296487e8fdd482bc7f59611377d2c610c2cb
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET /js/jquery-3.4.1.min.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "15853-5f33ff1368b25-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30682
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash b30f8ece578515cb7c33333cdf0485ca
6aa42099c66c2f0cd4a891912e7c75a17a4a7acf
43823ad0d90ecc55bdd40322582184762c58f7ed047a8c1063d8cc63ef50ba19
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Wed, 22 Feb 2023 04:36:20 GMT
age: 2753
last-modified: Tue, 14 Feb 2023 16:36:55 GMT
etag: "1676392615943"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1717), with no line terminators
Hash e12dcfe75b68417c5bcb10f1e15fb14d
2841426e274af947a3701e868ce533caf3394ff3
eff66487c461137a19d077cf62f840eb771b26a14ba3acbf411f1d03eab526be
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1717
via: 1.1 google
date: Wed, 22 Feb 2023 05:16:51 GMT
age: 322
last-modified: Tue, 14 Feb 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1251), with no line terminators
Hash 5c7621ec87fff35888cbda6a6efdb985
cacca9307e5a1adf74bbb94a74c903a270502523
f042c6e3f1eb4dd8fdc08549aa666db714dc70919c7cda9161c2acd675cec090
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1251
via: 1.1 google
date: Wed, 22 Feb 2023 05:13:48 GMT
age: 505
last-modified: Tue, 14 Feb 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
appleidd.cyou/css/app.441ee69e.css
103.181.135.108200 OK 38 kB URL HTTP/2 appleidd.cyou/css/app.441ee69e.css
IP 103.181.135.108:0
File type Unicode text, UTF-8 text, with very long lines (64652), with no line terminators
Hash ae59ed13c5743a8fd362c9a23afcc5ba
481180253b37bc178ffc0ee7c87b14fc541de1fc
35b054f21afaa7dff61ea6daf2b331c58a9ae46adbe002bbfcb6574ea3b520b7
Analyzer Verdict Alert openphish Apple Inc.
GET /css/app.441ee69e.css HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "76a9c-5f33ff1360f9f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 38176
content-type: text/css
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22
35.241.9.150200 OK 5.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (5628), with no line terminators
Hash be82ff7e7f2d325910e461e154dbf0b2
5fc5963b528fa5e0a06a3bcd63277b57a3d43aba
0b596ad035df202c3f780103926c488aa30776dbcceb0aefbe261eaab5103c96
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5628
via: 1.1 google
date: Wed, 22 Feb 2023 04:39:28 GMT
age: 2565
last-modified: Tue, 14 Feb 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4541
Expires: Wed, 22 Feb 2023 06:37:54 GMT
Date: Wed, 22 Feb 2023 05:22:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4541
Expires: Wed, 22 Feb 2023 06:37:54 GMT
Date: Wed, 22 Feb 2023 05:22:13 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4541
Expires: Wed, 22 Feb 2023 06:37:54 GMT
Date: Wed, 22 Feb 2023 05:22:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71674fc5-5c16-4206-b565-05be96860715.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71674fc5-5c16-4206-b565-05be96860715.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd2e85474bc5b6daa19eb8722e81d60
e62a0bf2f9a9b7bdbf45f45278ac89a450075979
bcbe4d59fd3b27549647f51bec45599ba48b386436675f1a64c3d3b96fc13f77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71674fc5-5c16-4206-b565-05be96860715.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8032
x-amzn-requestid: 4f2da189-b0ad-4f13-a0ca-643bb716e2b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtW0FGV4IAMFSxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53819-33884245247d3a1347382b4b;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:31:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -uuJJJHFFFjg2ODEALrPgxi10MnWEnyVsWGwKoVNzM6o8gLFLZv2gA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:41:31 GMT
age: 27642
etag: "e62a0bf2f9a9b7bdbf45f45278ac89a450075979"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dacef7f-d2f8-4689-8e99-f6264cd88f75.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dacef7f-d2f8-4689-8e99-f6264cd88f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb6757305388dc32866ee6c551938c4c
4eab046e0d4f23d91db4a56b8d6d8cde782e2e47
dc0a93e777b2aaf3f3881539de1de15015bcedc2445b8f5558d04a822399bae4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dacef7f-d2f8-4689-8e99-f6264cd88f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 8983434d-4704-4792-a9b6-625c7d6160f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtXYfGJAIAMF3Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53902-21e200522022d8bf513f1b19;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eKMh8liE2cyCm1LzXIvkcdGa_XRq8Bt1rrmSNvUdT4vZ7vSborqHkw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:53:12 GMT
age: 26941
etag: "4eab046e0d4f23d91db4a56b8d6d8cde782e2e47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c6732b7444870a5b22ebce5df2c278b
bd8bd8ba57a3d59b71f910110b7b0ce23c7bf605
6232d37914485ffd42f7e5932c36a9ff49bdd42bb8a13837cc9c054d86ccdc78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6014
x-amzn-requestid: e95f7ea9-3a3c-4649-9d52-857c07e985fa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AnhqGHq_oAMFwwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f2e30d-49271ec356ab804b185f63dd;Sampled=0
x-amzn-remapped-date: Mon, 20 Feb 2023 03:03:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 67WhU2rkqUNsyaWppmDkLPWGFWyJeuGFN6bjgpC0E52BkmPy8a3prg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 04:32:35 GMT
age: 2978
etag: "bd8bd8ba57a3d59b71f910110b7b0ce23c7bf605"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e7cd1e9feb9abc7f7d7f0d5fc7b181f0
cf3ce1808c48e1a86910e16731a044f6cb26275d
426c90298d5a0807b7820d803ce2907268df1195e15d5582eb0ff2f3deeb318c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7734
x-amzn-requestid: fe4dc342-33b6-45f6-984c-2c71dfa0ec13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-lGiJoAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f6-489049413f3cb63c537f20d0;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KyUqB4zqsHWgCv7C3-PymFep4oVmPy4ZHFf75lYOfWbb4qgvVRqoLg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:42:20 GMT
age: 27593
etag: "cf3ce1808c48e1a86910e16731a044f6cb26275d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e8486-3f6e-4401-a61f-82307f1eab6d.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e8486-3f6e-4401-a61f-82307f1eab6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4cd28cac5124a753970c48f3be03e23
f2f5231684295a81db59aa2a14e9d729c92c071f
b0acc1dd0696f1810c997f843d5c6f12a1963118bd59176c849f4e35135b613a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e8486-3f6e-4401-a61f-82307f1eab6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6129
x-amzn-requestid: 101c8095-2ae9-45f5-b7cb-13be313654f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-bFKHIAMFveg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f5-6ade4eb449dea4fb2f13b651;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FXPBQSnCNq9YuNoEvrNyc7cpA97JxH1AAploVRF2qcU1cs285WQvxQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 22:44:59 GMT
age: 23834
etag: "f2f5231684295a81db59aa2a14e9d729c92c071f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0efa662e-c334-4c53-be4c-81925d55c117.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0efa662e-c334-4c53-be4c-81925d55c117.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b55335999a026a3bf5d8c8c920a31562
08259dd5654e530dc29c35ea537bae21aa88fb0a
69b1cb1bb453da683c879daaf2f266f4ac7399e5de90cae879ce2fa19ac182cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0efa662e-c334-4c53-be4c-81925d55c117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8959
x-amzn-requestid: 1c3579bb-647b-499b-afce-f420de41686c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtXqyFDSoAMFhAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53977-500bef655fb9e0f744216d05;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qTYasQOed2Yym0WmLEv6OW5yB7EL8U1EmHAWiw7RWlADvNgrvraKOw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 22:00:04 GMT
age: 26529
etag: "08259dd5654e530dc29c35ea537bae21aa88fb0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
appleidd.cyou/js/la/theme/default/layer.css?v=3.5.1
103.181.135.108200 OK 2.8 kB URL HTTP/2 appleidd.cyou/js/la/theme/default/layer.css?v=3.5.1
IP 103.181.135.108:0
File type ASCII text, with very long lines (14271), with no line terminators
Hash 6497813545cf90650ae10de86c63d726
c85b41a63fb9c30662fd8562e1b5e904861efd32
b10eff28060fadecc17553df8fc74874fa5aa42d95c2c1942f0b4297e59bea01
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET /js/la/theme/default/layer.css?v=3.5.1 HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "37bf-5f33ff137a3a4-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2789
content-type: text/css
date: Wed, 22 Feb 2023 05:22:13 GMT
server: Apache
X-Firefox-Spdy: h2
appleidd.cyou/favicon.ico
103.181.135.108200 OK 1.5 kB URL HTTP/2 appleidd.cyou/favicon.ico
IP 103.181.135.108:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b23ab51cc242bd99af6c169bbe9de0aa
15e915c1fe631f343f71d1914ca30db548f7893f
d78af36a66915cf73d54f69e4ca3785d9c3241e550d67bd1d77069a704f12427
Analyzer Verdict Alert openphish Apple Inc.
GET /favicon.ico HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "576e-5f33ff135fc23-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1548
content-type: image/x-icon
date: Wed, 22 Feb 2023 05:22:15 GMT
server: Apache
X-Firefox-Spdy: h2
appleidd.cyou/ap/signin/step1/getCout
103.181.135.108200 OK 42 B URL HTTP/2 appleidd.cyou/ap/signin/step1/getCout
IP 103.181.135.108:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 01e8c3f9c67d97142cb5d74b5df1f6f2
3f2be8c21f6aad2b5d614961154f1a1309cb5202
b7d366184a1824df63437650d30483c6414b6c794cb79cb9411f8b90f60b5337
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
POST /ap/signin/step1/getCout HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 6
Origin: https://appleidd.cyou
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: https://appleidd.cyou
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 42
content-type: application/json; charset=utf-8
date: Wed, 22 Feb 2023 05:22:17 GMT
server: Apache
X-Firefox-Spdy: h2
appleidd.cyou/ap/signin/step1/getipCout
103.181.135.108200 OK 45 B URL HTTP/2 appleidd.cyou/ap/signin/step1/getipCout
IP 103.181.135.108:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b8a90c39629ef77d044fcfc5d7bea337
9c6f63e648a06125b353c3de4489a65c57ecada9
5e12ca8f569d0a08929ee91f3c0a6575199116bf85eecf8cb1db3cb068acae62
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
POST /ap/signin/step1/getipCout HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 6
Origin: https://appleidd.cyou
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: https://appleidd.cyou
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 45
content-type: application/json; charset=utf-8
date: Wed, 22 Feb 2023 05:22:17 GMT
server: Apache
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_apple_image__b5er5ngrzxqq_large.svg
184.24.44.212200 OK 506 B URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_apple_image__b5er5ngrzxqq_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (863), with no line terminators
Hash 7c6393caa9f0ae330e47551b60036d2d
4d52261dfc38b7fb8d2034f20919f2763774c029
48952a3f26c6ae478ee3514125aefc94b40eecca7bddccdb805922974540aa1f
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_apple_image__b5er5ngrzxqq_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 24 Oct 2021 03:40:19 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 506
cache-control: max-age=327
expires: Wed, 22 Feb 2023 05:27:44 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_REFRESH_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (S)
vary: Accept-Encoding
x-cache-remote: TCP_IMS_HIT from a23-218-92-44.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_mac_image__dazlko3t9a6a_large.svg
184.24.44.212200 OK 598 B URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_mac_image__dazlko3t9a6a_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1105), with no line terminators
Hash a9c6830bebe54b8b8b1d6c09ffb507f7
505c03add10939828c6144829156f2b1d08e8754
df07b4d85a33c691804b8c390671a92169e77dc8a5d3866e3fe89d2225bcfec4
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_mac_image__dazlko3t9a6a_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 598
cache-control: max-age=30
expires: Wed, 22 Feb 2023 05:22:47 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (A)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_iphone_image__ko7x4isga4ia_large.svg
184.24.44.212200 OK 692 B URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_iphone_image__ko7x4isga4ia_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1405), with no line terminators
Hash 7b4ff597390846f2167a67084b491684
74cfd43323817a5304dc68f1065aaf16e96750f2
2e161c18e91b8293781747a383c38ee7ae1bfad8461f5adb7d0dc2afa9484f37
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_iphone_image__ko7x4isga4ia_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 692
cache-control: max-age=125
expires: Wed, 22 Feb 2023 05:24:22 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_ipad_image__fw9qyj9lloi2_large.svg
184.24.44.212200 OK 634 B URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_ipad_image__fw9qyj9lloi2_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1164), with no line terminators
Hash 422c1654daadd76d616c3ebe7400c652
b20c8cd51f5ebf946b57a4515b58f449712dee0b
385c1ec51ab7b5b645224c0a645914cc554b65c04c8b67c6e4d9cff4a9d4b1f7
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_ipad_image__fw9qyj9lloi2_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
cneonction: close
content-type: image/svg+xml
content-encoding: gzip
content-length: 634
cache-control: max-age=136
expires: Wed, 22 Feb 2023 05:24:33 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_watch_image__gkoblojrlsqe_large.svg
184.24.44.212200 OK 683 B URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_watch_image__gkoblojrlsqe_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1309), with no line terminators
Hash 9655609bfd5cb54cdbc923f75aea2603
f1ba0f202e5aafeb2a2cf3536b650c184322de36
6ab90f93a1a92a4f6e4a2700ff97ef2622cb80c01618d3d9dde2ba131619ca52
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_watch_image__gkoblojrlsqe_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 683
cache-control: max-age=268
expires: Wed, 22 Feb 2023 05:26:45 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_store_image__c7jy08initqq_large.svg
184.24.44.212200 OK 962 B URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_store_image__c7jy08initqq_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2420)
Hash 0f16108c3fb34b73cfadbef5be143b2b
48aa366845387de2db1a19380d20ce6c115942cc
e87b18c511711ba7a2ea18b6d59e99157bd434b8736814174dac7bb289112140
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_store_image__c7jy08initqq_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
cneonction: close
content-type: image/svg+xml
content-encoding: gzip
content-length: 962
cache-control: max-age=95
expires: Wed, 22 Feb 2023 05:23:52 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_REFRESH_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (S)
vary: Accept-Encoding
x-cache-remote: TCP_IMS_HIT from a23-218-92-31.deploy.akamaitechnologies.com (AkamaiGHost/11.0.1-46623256) (-)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_airpods_image__f969s84ivmaa_large.svg
184.24.44.212200 OK 854 B URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_airpods_image__f969s84ivmaa_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1722), with no line terminators
Hash ccafac1d17b3463e9b1791fafb74d823
303c530474238638b653c90e357f926b0cfeb97a
2d39e19a8a4adbee7603871c6555353d0b5d027431847416b36c75b172578bc6
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_airpods_image__f969s84ivmaa_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
cneonction: close
nncoection: close
content-type: image/svg+xml
content-encoding: gzip
content-length: 854
cache-control: max-age=105
expires: Wed, 22 Feb 2023 05:24:02 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_tvhome_image__zb2ewyxbi6ae_large.svg
184.24.44.212200 OK 1.1 kB URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_tvhome_image__zb2ewyxbi6ae_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2194), with no line terminators
Hash 7e5c9145beda748ed091373d4d00c388
f05e136c704c40e1d42ef10e6710ca50a0027180
e60052f03009b4e45c2dd716f3b5eee1d310d1b00cc8715859a4bec19eb543b9
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_tvhome_image__zb2ewyxbi6ae_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: gzip
content-length: 1072
cache-control: max-age=83
expires: Wed, 22 Feb 2023 05:23:40 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_onlyonapple_image__c4t8k97tougm_large.svg
184.24.44.212200 OK 1.2 kB URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_onlyonapple_image__c4t8k97tougm_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3005)
Hash 6efffff904781b3d24719effa94332a8
c79405a1d2fd7a6f0e833bd8850ed7e0da69f74b
b77233816900aac9af97e9100811034b08035a7df369c5270e960239ccf6dd12
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_onlyonapple_image__c4t8k97tougm_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 1209
cache-control: max-age=56
expires: Wed, 22 Feb 2023 05:23:13 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (A)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_accessories_image__edj0wqmfwxyu_large.svg
184.24.44.212200 OK 1.1 kB URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_accessories_image__edj0wqmfwxyu_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3656), with no line terminators
Hash ec25b25d4c050a47b8e5e64bad5f3232
fab0dffe9e649add52075339398c56d045d579ed
d54b4bc940da30a1d84664d26288b948e9de59e0c5cca5aa872cd418c276ea1a
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_accessories_image__edj0wqmfwxyu_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
content-type: image/svg+xml
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
content-length: 1066
cache-control: max-age=125
expires: Wed, 22 Feb 2023 05:24:22 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
appleidd.cyou/js/app.62bf2fef.js
103.181.135.108200 OK 4.8 MB URL HTTP/2 appleidd.cyou/js/app.62bf2fef.js
IP 103.181.135.108:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size 4.8 MB (4841218 bytes)
Hash 439a2e0a0239c9560333a7cb34d2dae9
7b624c0dba6e30325100b963375f04f95714d99a
bbbb8cae81d8ac8bc891dda11e71f3ecb0ba718e30d2e10be90eeb28c2d2e34b
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET /js/app.62bf2fef.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "694bb2-5f33ff1361768-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2
appleidd.cyou/api/api.php
103.181.135.108200 OK 30 B URL HTTP/2 appleidd.cyou/api/api.php
IP 103.181.135.108:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fe7d5f1b678ede88dc2a45f7abdf8627
b25cfbebb09fbc12062bc09317a4b7b2b6d17fe9
98906dc5b39657e206730049cf40115d28ab10719342990a07ea7f8dec418217
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
POST /api/api.php HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4
Origin: https://appleidd.cyou
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 30
content-type: text/html; charset=UTF-8
date: Wed, 22 Feb 2023 05:22:17 GMT
server: Apache
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_search_image__cbllq1gkias2_large.svg
184.24.44.212200 OK 251 B URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_search_image__cbllq1gkias2_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (541), with no line terminators
Hash 6627ecc07b9fbdd1002061f230d02d8f
c9cd2a1ef41fc70b22650c2e93206a1db44ba902
95b63219e669f69e2267e58a5a50de05318e00bccbccab6c4d185f60debd8500
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_search_image__cbllq1gkias2_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 251
cache-control: max-age=88
expires: Wed, 22 Feb 2023 05:23:45 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_bag_image__yzte50i47ciu_large.svg
184.24.44.212200 OK 298 B URL HTTP/2 www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_bag_image__yzte50i47ciu_large.svg
IP 184.24.44.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (477), with no line terminators
Hash 1d93b5b20a166de20ad8f9db54c97f9d
6294c9080ef5645c7e7867883ca4d0f064faff2a
03e992684f059f880af5bfe6bc1bc0467f822c3db7a6edd2854aa1d0c9633538
GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_bag_image__yzte50i47ciu_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 298
cache-control: max-age=146
expires: Wed, 22 Feb 2023 05:24:43 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2
appleid.cdn-apple.com/appleauth/static/bin/cb1633718600/dist/assets/HR_gradient_dark.png
23.43.132.13200 OK 1.3 kB URL HTTP/1.1 appleid.cdn-apple.com/appleauth/static/bin/cb1633718600/dist/assets/HR_gradient_dark.png
IP 23.43.132.13:0
File type PNG image data, 382 x 50, 4-bit colormap, non-interlaced\012- data
Hash 94ac33ef626d201b1093264f6438c201
341cc1e181909f6feb6f0b97b9aadfa79bae00be
f1eba2e630f0c5f98187b94528869e15a8ab6558a8cb96f68339875b6d5c27e7
GET /appleauth/static/bin/cb1633718600/dist/assets/HR_gradient_dark.png HTTP/1.1
Host: appleid.cdn-apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleid.cdn-apple.com/appleauth/static/cssj/602923700/widget/auth/app-sk7.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apple
Content-Type: image/png
Cache-Control: public, max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
ETag: W/"1240-1673569071400"
Last-Modified: Fri, 13 Jan 2023 00:17:51 GMT
Vary: accept-encoding
Content-Encoding: gzip
Content-Length: 1263
Date: Wed, 22 Feb 2023 05:22:17 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
appleid.cdn-apple.com/appleauth/static/bin/cb3432457731/dist/assets/shared-icons.woff
23.43.132.13200 OK 9.6 kB URL HTTP/1.1 appleid.cdn-apple.com/appleauth/static/bin/cb3432457731/dist/assets/shared-icons.woff
IP 23.43.132.13:0
File type Web Open Font Format, TrueType, length 9552, version 1.0\012- data
Hash e9e7624727ba14678b9a71b6f90745e3
0f0b7625cd06387c601f1632b0f69719b920f68a
6de3580fdeace0ff74927b2449e34587dd0b2a03c7711cf0087925e25429efe3
GET /appleauth/static/bin/cb3432457731/dist/assets/shared-icons.woff HTTP/1.1
Host: appleid.cdn-apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://appleidd.cyou
Connection: keep-alive
Referer: https://appleid.cdn-apple.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apple
Content-Type: application/x-font-woff
Cache-Control: public, max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
ETag: W/"9552-1671224583671"
Last-Modified: Fri, 16 Dec 2022 21:03:03 GMT
Vary: Accept-Encoding
Date: Wed, 22 Feb 2023 05:22:17 GMT
Content-Length: 9552
Connection: keep-alive
appleidd.cyou/images/appleicons_text.ttf
103.181.135.108404 Not Found 1.8 kB URL HTTP/2 appleidd.cyou/images/appleicons_text.ttf
IP 103.181.135.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash b948c2629ca722fac048789ceb7736d4
388705e50d5444b101018026b4927090319fc170
3633a94f34e2559c53435d6c4e1251400279fac83b2be9bf7379bd30342f5e43
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET /images/appleicons_text.ttf HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/css/ac-globalfooter.built.css
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1831
content-type: text/html; charset=utf-8
date: Wed, 22 Feb 2023 05:22:18 GMT
server: Apache
X-Firefox-Spdy: h2
appleidd.cyou/images/appleicons_text.woff
103.181.135.108404 Not Found 8.7 kB URL HTTP/2 appleidd.cyou/images/appleicons_text.woff
IP 103.181.135.108:0
Hash 96058c505f107418936af9b0acbbac38
7fb97a48ecba7bfb91c96ae722ca72b3befa17d6
07e5772ae7e2763ae453e27aa7a4e85f9d1551eb2c0d2d82e7034938759be37b
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET /images/appleicons_text.woff HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://appleidd.cyou/css/ac-globalfooter.built.css
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-type: text/html; charset=utf-8
date: Wed, 22 Feb 2023 05:22:18 GMT
server: Apache
X-Firefox-Spdy: h2
appleidd.cyou/images/appleicons_text.woff
103.181.135.108404 Not Found 0 B URL HTTP/2 appleidd.cyou/images/appleicons_text.woff
IP 103.181.135.108:0
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET /images/appleicons_text.woff HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://appleidd.cyou/css/ac-globalfooter.built.css
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-type: text/html; charset=utf-8
date: Wed, 22 Feb 2023 05:22:17 GMT
server: Apache
X-Firefox-Spdy: h2
appleidd.cyou/js/chunk-vendors.fe412a36.js
103.181.135.108200 OK 0 B URL HTTP/2 appleidd.cyou/js/chunk-vendors.fe412a36.js
IP 103.181.135.108:0
Analyzer Verdict Alert openphish Apple Inc.
fortinet Phishing
GET /js/chunk-vendors.fe412a36.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "32272-5f33ff1360f9f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2