Report - appleidd.cyou/

Report Overview

Submitted URL
appleidd.cyou/
IP
103.181.135.108
ASN
#9294 GNET INC.
Submitted
2023-02-22 05:22:31
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
70

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox-settings-attachments.cdn.mozilla.net	11509	2019-11-30T10:32:57Z	2023-03-13T08:38:30Z	412 B	808 kB	34.111.73.144
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.4 kB	8.9 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	1.3 kB	18 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	7.6 kB	274 kB	35.241.9.150
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.5 kB	93.184.220.29
shavar.services.mozilla.com	3602	2015-09-28T08:30:01Z	2023-03-13T05:09:14Z	453 B	204 B	44.235.246.235
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.216.140.79
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	52 kB	34.120.237.76
detectportal.firefox.com	1601	2018-08-30T11:52:03Z	2023-03-13T05:09:11Z	606 B	428 B	34.107.221.82
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-13T08:02:38Z	435 B	43 kB	34.120.5.221
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
appleidd.cyou	unknown	2023-02-21T19:27:56Z	2023-02-22T04:34:36Z	9.5 kB	5.0 MB	103.181.135.108
www.apple.com	182	2012-05-21T18:16:57Z	2023-03-13T05:10:50Z	7.0 kB	38 kB	184.24.44.212
appleid.cdn-apple.com	3288	2013-09-15T19:16:35Z	2023-03-13T05:25:32Z	1.4 kB	54 kB	23.43.132.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.
2023-02-21	medium	appleidd.cyou/	Apple Inc.

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-22	medium	appleidd.cyou/	Phishing
2023-02-22	medium	appleidd.cyou/js/common-header.js	Phishing
2023-02-22	medium	appleidd.cyou/js/la/layer.js	Phishing
2023-02-22	medium	appleidd.cyou/js/site-jquery.min.js	Phishing
2023-02-22	medium	appleidd.cyou/fonts?families=SF+Pro,v3\|SF+Pro+Icons,v3\|SF+Pro+JP,v1	Phishing
2023-02-22	medium	appleidd.cyou/js/jquery-3.4.1.min.js	Phishing
2023-02-22	medium	appleidd.cyou/js/la/theme/default/layer.css?v=3.5.1	Phishing
2023-02-22	medium	appleidd.cyou/ap/signin/step1/getCout	Phishing
2023-02-22	medium	appleidd.cyou/ap/signin/step1/getipCout	Phishing
2023-02-22	medium	appleidd.cyou/js/app.62bf2fef.js	Phishing
2023-02-22	medium	appleidd.cyou/api/api.php	Phishing
2023-02-22	medium	appleidd.cyou/images/appleicons_text.ttf	Phishing
2023-02-22	medium	appleidd.cyou/images/appleicons_text.woff	Phishing
2023-02-22	medium	appleidd.cyou/images/appleicons_text.woff	Phishing
2023-02-22	medium	appleidd.cyou/js/chunk-vendors.fe412a36.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	appleidd.cyou/js/common-header.js	13 kB	2023-03-08	2024-05-07
Pretty URL appleidd.cyou/js/common-header.js IP 103.181.135.108 ASN #9294 GNET INC. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:45:54 Last Seen2024-05-07 06:06:41 Times Seen263 Hash 3116390d97b7281a7c43073d655fc4cd fa7011fb7b4685d6808b78e0c939b41c76ae8829 a3f5c56504e96f238d90806f253ed4bedadaf5b22ca6217a2d9ae7fc894f816f Loading...

	appleidd.cyou/js/la/layer.js	23 kB	2023-03-07	2024-05-08
Pretty URL appleidd.cyou/js/la/layer.js IP 103.181.135.108 ASN #9294 GNET INC. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:47 Last Seen2024-05-08 10:11:02 Times Seen668 Hash e710aaba7133d392c3ae01bdcc36451d f02223198f057582ec01c7a02488060687b58c2e a97e4941ceb1a7df7bcf5e9631b8d9e8f7b47d7ccb59b5ed3968380465e0e824 Loading...

	unknown	0 B	2023-03-07	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-09 03:27:05 Times Seen37456038 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	appleidd.cyou/js/jquery-3.4.1.min.js	88 kB	2023-03-07	2024-05-07
Pretty URL appleidd.cyou/js/jquery-3.4.1.min.js IP 103.181.135.108 ASN #9294 GNET INC. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:32 Last Seen2024-05-07 06:06:42 Times Seen8614 Hash a6b6350ee94a3ea74595c065cbf58af0 b15f7cfa79519756dff1ad22553fd0ed09024343 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb Loading...

	appleidd.cyou/js/chunk-vendors.fe412a36.js	205 kB	2023-03-13	2023-03-14
Pretty URL appleidd.cyou/js/chunk-vendors.fe412a36.js IP 103.181.135.108 ASN #9294 GNET INC. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:23:18 Last Seen2023-03-14 07:37:29 Times Seen1 Hash 1a946eedff2fad73fad684a3b557f9b2 0d898a1d2feaa3b8056cb7519ba66e23ea44d749 6cf0e947103d44cba32d92227460141b91e0c739fd85eb4527b2f117526b7d8c Loading...

	appleidd.cyou/js/app.62bf2fef.js	6.9 MB	2023-03-13	2023-03-14
Pretty URL appleidd.cyou/js/app.62bf2fef.js IP 103.181.135.108 ASN #9294 GNET INC. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:41:11 Last Seen2023-03-14 07:37:29 Times Seen1 Hash 7b264e7326ce9700c20d8687337c54cd 26ad5535ae7e5ac7ba42c5ef7fcf64fff848f8c6 976dbeae3de529c249a59ca7def87791c87f769fe586b69fb71823cd3e746899 Loading...

HTTP Transactions (80)

URL IP Response Size

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 21 Feb 2023 09:20:18 GMT
Age: 72112
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
378d97dfed95fd35bca9d8699e56151a
46f96f400be9e5208ccbad84540a7855c9994bef
b86917bafe1d5d6f762dbbe5af0b906ce61e505539b5fe2a1e49b09d500a90c6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B86917BAFE1D5D6F762DBBE5AF0B906CE61E505539B5FE2A1E49B09D500A90C6"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4380
Expires: Wed, 22 Feb 2023 06:35:11 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfa36617b3c3b31bda13d2caec1f680a
f6dda69c2c5b3436f1dcfc864246f0f07e7895bd
20f65d6d5b26a06e90d1fc06c17f0affc856f687e2d90d27233faa8c8bb12160

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20F65D6D5B26A06E90D1FC06C17F0AFFC856F687E2D90D27233FAA8C8BB12160"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5084
Expires: Wed, 22 Feb 2023 06:46:55 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

43 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
43 kB (42662 bytes)
Hash
cb5da81448ab004b8643a49655e4d708
4dde07804c489548b6ca7109ee35b090c2848beb
3f226a45f2945ece2108e3e453d9a4e97ab650743192bf32996df3dfd75efadf

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: 7E4WvYoq470jJ4BmmeOqs4DAU4iOiemCNrLIpTbFUcnnu52tPc-gsQ==
content-encoding: gzip
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 05:14:56 GMT
age: 625
content-type: application/json
vary: Accept-Encoding
content-length: 42662
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3c926acb3daeb63b5374bdc352bbb679
167a2af5a3c8d1ec6d16c8f7ef1e063ce14ed481
e0bbf50d7d572d0b16ba4be51b190c4776777ecb572db9b25574b66d8e56ce36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0BBF50D7D572D0B16BA4BE51B190C4776777ECB572DB9B25574B66D8E56CE36"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11232
Expires: Wed, 22 Feb 2023 08:29:23 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: BR3dtoHi9Wt1UcCN9N8TMcJeDxkHbRyeyEqs5IQQEyz5Wd12UBfrT0GFPyQHZ75u18trchwGXcA=
x-amz-request-id: NTAGN7NYH6NX4HS1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Feb 2023 04:58:48 GMT
age: 1403
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
97d7dde89cca188d19690d7bf759d034
7ec36525c8b5e8e278f0c5f26da3316687d89041
f8b500f9b1e8188807aab20f8e2540b5b2e888b13ff5f6f6211bbc28056f23e8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F8B500F9B1E8188807AAB20F8E2540B5B2E888B13FF5F6F6211BBC28056F23E8"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6587
Expires: Wed, 22 Feb 2023 07:11:58 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Feb 2023 04:38:11 GMT
content-type: application/json
age: 2640
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 22 Feb 2023 05:22:11 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ea6730b0f10a6a69279d1643d6e0c355
b8cfe20c0f774c77467f0865e741990515b0b4db
2b0da2150aba5d2188b7c3b196d482e9cd9cc789e10efeec9576b4e00d21646d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2428
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 05:22:11 GMT
Last-Modified: Wed, 22 Feb 2023 04:41:43 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Feb 2023 04:51:26 GMT
age: 1845
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
94d194d4728ee415fb180610c25cb8cb
9b6a935fd24c43f427d6377d2d278592dcbcb372
cada2d0987669f945549c8f526568c04c4e0a3b662fb2c3efd30efe3a40e2577

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CADA2D0987669F945549C8F526568C04C4E0A3B662FB2C3EFD30EFE3A40E2577"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4262
Expires: Wed, 22 Feb 2023 06:33:13 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
31497c8feb7244b8af9a51825584e392
3703b6a8510986783db9e19b7fd04e03b415d37f
79a9052da849dd23d87062e932b546d372379ed758c1c0a30b0670eca9fd50db

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79A9052DA849DD23D87062E932B546D372379ED758C1C0A30B0670ECA9FD50DB"
Last-Modified: Tue, 21 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Wed, 22 Feb 2023 11:21:27 GMT
Date: Wed, 22 Feb 2023 05:22:11 GMT
Connection: keep-alive

shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2

44.235.246.235

200 OK

8 B

URL HTTP/1.1
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
44.235.246.235:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
8 B (8 bytes)
Hash
29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b

HTTP Headers

POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Wed, 22 Feb 2023 05:22:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close

push.services.mozilla.com/

34.216.140.79

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.216.140.79:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6hZ1eqViIPkYXpYY7L8OtQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A3Z0tXL0aExPswdD6KubLLKVr9I=

appleidd.cyou/

103.181.135.108

200 OK

1.8 kB

URL HTTP/2
appleidd.cyou/
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1901)
Size
1.8 kB (1802 bytes)
Hash
e69e87882f722d4e1cd2877a55e8c5e2
263c3ecd6a484add75b74476eb48c579027d5227
d79b0de833860b0437c2ad7a92be24e3e6e7355077c5d6572d95513e3ee61269

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1802
content-type: text/html; charset=utf-8
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221677034633557%22

35.241.9.150

200 OK

22 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221677034633557%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (21681), with no line terminators
Size
22 kB (21681 bytes)
Hash
1f756f17ee545c83a8e563a9be5eb9f8
0440edf3703331e24bbdda82ef8391652e33b2a7
954e5a196bb674b4966f6ef8632076b34efd3f39898ac4472f1a9ecfd7bff287

HTTP Headers

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221677034633557%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21681
via: 1.1 google
date: Wed, 22 Feb 2023 05:02:02 GMT
age: 1210
last-modified: Wed, 22 Feb 2023 02:57:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
91abca0f08fb07b63ae1a0f2fd0a7c13
8b3dcf923848cfbca9756b8f1236ec5845d095be
63714422c51ac828ec167fe5900d29af636828e0b50be9a41d8674746cf7a128

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3519
Cache-Control: max-age=130794
Content-Type: application/ocsp-response
Date: Wed, 22 Feb 2023 05:22:12 GMT
Etag: "63f4f4af-1d7"
Expires: Thu, 23 Feb 2023 17:42:06 GMT
Last-Modified: Tue, 21 Feb 2023 16:43:27 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1676313455006&_since=%221666204638208%22

35.241.9.150

200 OK

32 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1676313455006&_since=%221666204638208%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (32400), with no line terminators
Size
32 kB (32400 bytes)
Hash
95e488e43b0b17120315a40929758c77
828da5a1adcb6cd93bf8a775e69d3b4d2b6a6a5a
e572dca655faa0496d3e6bf770b2fe42bfd0264fc4dc858cb8b50f67e0465725

HTTP Headers

GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1676313455006&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 32400
via: 1.1 google
date: Wed, 22 Feb 2023 04:16:50 GMT
age: 3922
last-modified: Tue, 21 Feb 2023 16:36:42 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css

184.24.44.212

200 OK

13 kB

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (65536), with no line terminators
Size
13 kB (12667 bytes)
Hash
2540a75e40969b8f6c816c66be1bf0ac
84c10e8286615566670e1380a80b05249d263fa3
9b303602d0eab00aa53cf537a04b93fecb5f6a60397b93dd69d4c0cfc6e2ef53

HTTP Headers

GET /ac/globalnav/7/en_US/styles/ac-globalnav.built.css HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apple
content-type: text/css
set-cookie: geo=NO; path=/; domain=.apple.com
x-content-type-options: nosniff
x-cache-remote: TCP_IMS_HIT from a23-218-92-31.deploy.akamaitechnologies.com (AkamaiGHost/11.0.1-46623256) (-)
vary: Accept-Encoding
ntcoent-length: 116297
cneonction: close
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
cache-control: max-age=0
expires: Wed, 22 Feb 2023 05:22:12 GMT
date: Wed, 22 Feb 2023 05:22:12 GMT
content-length: 12667
x-cache: TCP_REFRESH_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (S)
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: rQtvgH8wuF8jBUHOnxht9eytdTxvBbbCMM5hsMh/HGd1aqwEZ4Ahuyv1vl/kOHFhzJ6FxZiZDyJ1h17yjR2nqA==
x-amz-request-id: GJZXS98DSFFECC9M
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Feb 2023 04:48:30 GMT
age: 2022
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Feb 2023 04:38:11 GMT
content-type: application/json
age: 2641
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

appleid.cdn-apple.com/appleauth/static/cssj/602923700/widget/auth/app-sk7.css

23.43.132.13

200 OK

42 kB

URL HTTP/1.1
appleid.cdn-apple.com/appleauth/static/cssj/602923700/widget/auth/app-sk7.css
IP
23.43.132.13:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (64877), with no line terminators
Size
42 kB (42200 bytes)
Hash
a51af6461af5ecb325065201eb689d93
5fdca3bac9e1e0d40a4e163a6b626762e2dedb89
a1ccf818054e837fdd93565aa2f7ab6e2b26309cccab21981d96cbdd71f10c38

HTTP Headers

GET /appleauth/static/cssj/602923700/widget/auth/app-sk7.css HTTP/1.1
Host: appleid.cdn-apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Apple
Content-Type: text/css
Cache-Control: public, max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
ETag: W/"432959-1663616269972"
Last-Modified: Mon, 19 Sep 2022 19:37:49 GMT
Vary: accept-encoding
Content-Encoding: gzip
Content-Length: 42200
Date: Wed, 22 Feb 2023 05:22:12 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *

appleidd.cyou/js/common-header.js

103.181.135.108

200 OK

3.6 kB

URL HTTP/2
appleidd.cyou/js/common-header.js
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
ASCII text, with CRLF line terminators
Size
3.6 kB (3595 bytes)
Hash
b083198252059000d6c9702cfe3f2f90
10d2b030f553895698674bd0b9a2d5f71e7e6ba9
b7a4ceff118ac256bf581f22553ee2f0322aeab5eed536c822d7187843aa1cd2

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET /js/common-header.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "3344-5f33ff1366fdd-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3595
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
84f8e2d1c22b2210dad1596c44de2bad
12cb454ccb2915bec4a2bbdb7360dc8ac26150e5
83d7e4717067389de751bc851af063a4a1f1785c783cda64ee304fca64b2597d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83D7E4717067389DE751BC851AF063A4A1F1785C783CDA64EE304FCA64B2597D"
Last-Modified: Mon, 20 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14280
Expires: Wed, 22 Feb 2023 09:20:12 GMT
Date: Wed, 22 Feb 2023 05:22:12 GMT
Connection: keep-alive

appleidd.cyou/css/ac-globalfooter.built.css

103.181.135.108

200 OK

6.0 kB

URL HTTP/2
appleidd.cyou/css/ac-globalfooter.built.css
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
Unicode text, UTF-8 text, with very long lines (45087), with no line terminators
Size
6.0 kB (6023 bytes)
Hash
5ace15a77d93f0595fbbda888b1cd8a1
056690120db892c05ec37f00eda1a9ff94b119eb
9adba0d6467d118fc029efb1dd36e684a7c3850f1fea8723dc76b0e98131dec8

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.

HTTP Headers

GET /css/ac-globalfooter.built.css HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "b0d8-5f33ff1361383-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6023
content-type: text/css
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin

34.111.73.144

200 OK

807 kB

URL HTTP/2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP
34.111.73.144:0
ASN
#15169 GOOGLE

File type
data
Size
807 kB (807180 bytes)
Hash
914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857

HTTP Headers

GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: IXK++BM/kiqcv54R3eLC6r7EEij0dOQ0VXFiZ+xggm0IUtu6llzxdhdey6gLi8IjCwjnQsCH3zXmxxkOqotKjg==
x-amz-request-id: 87PG5PNZ69ZEMMBB
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Wed, 15 Feb 2023 12:55:33 GMT
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
age: 577599
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22

35.241.9.150

200 OK

6.0 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (5951), with no line terminators
Size
6.0 kB (5951 bytes)
Hash
84c45909a46631dec23c78a3a547ca95
b511f80ad0abe7a6f0ce8988a0b9275573665c9a
ce6af1c28962645f13129411c11c7f156f0cd9e282f5ef0146d5cbd84a4e2b7e

HTTP Headers

GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1676781773899&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5951
via: 1.1 google
date: Wed, 22 Feb 2023 04:48:30 GMT
age: 2022
last-modified: Sun, 19 Feb 2023 04:42:53 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677018954872&_since=%221666279968541%22

35.241.9.150

200 OK

106 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677018954872&_since=%221666279968541%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
106 kB (106519 bytes)
Hash
e84007f4ec0541279ce64cf36e1ceb3a
0c8e6e058c5384b78118ba657edb331cb364dda1
a9b4b6b5d6bfe318370610568c633e56aa1e0e02e275734d238b3a324a743054

HTTP Headers

GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1677018954872&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 106519
via: 1.1 google
date: Wed, 22 Feb 2023 04:16:51 GMT
age: 3921
last-modified: Tue, 21 Feb 2023 22:35:54 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

appleidd.cyou/css/ac-globalnav.built.css

103.181.135.108

200 OK

14 kB

URL HTTP/2
appleidd.cyou/css/ac-globalnav.built.css
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
ASCII text, with very long lines (712), with CRLF line terminators
Size
14 kB (13889 bytes)
Hash
b3a12b6efa30ae6f778ea4def1ae3e8b
cb86e6509321825ff87d0258313b62990ac1c5bb
eb8edeb05a57f6cd3f2681fd73be6818ab720bae82ef16201d1e3f71bbf5e374

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.

HTTP Headers

GET /css/ac-globalnav.built.css HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "22299-5f33ff1360f9f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13889
content-type: text/css
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

appleidd.cyou/css/228-3f644e07cb9c5c2e5340.css

103.181.135.108

200 OK

5.0 kB

URL HTTP/2
appleidd.cyou/css/228-3f644e07cb9c5c2e5340.css
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
Unicode text, UTF-8 text, with very long lines (64278), with no line terminators
Size
5.0 kB (4954 bytes)
Hash
ee9694181ab831106d83e7109acce923
8863b86f2a00be72296b5f56b457f01587240f6f
3bbbeed6839e249375f012c2008df94c842fb777c79ffe253a55e0c31b95b206

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.

HTTP Headers

GET /css/228-3f644e07cb9c5c2e5340.css HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "15c8f-5f33ff1360f9f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4954
content-type: text/css
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

appleidd.cyou/js/la/layer.js

103.181.135.108

200 OK

7.9 kB

URL HTTP/2
appleidd.cyou/js/la/layer.js
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
Unicode text, UTF-8 text, with very long lines (22680)
Size
7.9 kB (7868 bytes)
Hash
8677e7ab8522c8e019e3b5ed67d11a53
c57e0febe27275c6e32ae64a07664b690876b74d
fb4b4a42cf11f6dcb2ddb90e9d0c299881bf9dd4c2fcd0c46d97c517edcee16a

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET /js/la/layer.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "58d2-5f33ff136aa50-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7868
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22

35.241.9.150

200 OK

60 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (59855), with no line terminators
Size
60 kB (59855 bytes)
Hash
bcb198ca74c45fbd1b5861b2a0f9d223
5412c0ce213fac042543ac71439580df1344f9d6
cc36baa1c30fb3d6aa628df0a08dad136d3ddbf90fb7efcd7d814b80fed967d9

HTTP Headers

GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1677012027435&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 59855
via: 1.1 google
date: Wed, 22 Feb 2023 04:08:01 GMT
age: 4451
last-modified: Tue, 21 Feb 2023 20:40:27 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22

35.241.9.150

200 OK

1.5 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1505), with no line terminators
Size
1.5 kB (1505 bytes)
Hash
8c387573e466da58de34efecea89a4a1
3bee30f48f21c082dee7ce7b52ebd7b4e30edca8
019686dbf2b110ba2e746777c3539cf842f44eeb333ec45af0f41d785a2c9272

HTTP Headers

GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1505
via: 1.1 google
date: Wed, 22 Feb 2023 05:20:45 GMT
age: 87
last-modified: Mon, 20 Feb 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22

35.241.9.150

200 OK

935 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Size
935 B (935 bytes)
Hash
6c796237d371d417e638a02a0cd932e7
6d289d3a27964ab953e0dd0d0d771ce754bc8851
b8d634496126a0452c5b9443293308160c29efffa1462027e0161876494982e8

HTTP Headers

GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Wed, 22 Feb 2023 04:47:16 GMT
age: 2096
last-modified: Mon, 20 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22

35.241.9.150

200 OK

22 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (22469), with no line terminators
Size
22 kB (22469 bytes)
Hash
17717d070272f82b3d1e5ea83e8cb663
71c48b44180dd2fa42c9506df93de407f8ad3362
e9499f291df345def3e65b7c951365247357ba986c5c4aaf74c24bae96402a23

HTTP Headers

GET /v1/buckets/main/collections/search-config/changeset?_expected=1675353179510&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22469
via: 1.1 google
date: Wed, 22 Feb 2023 05:12:15 GMT
age: 598
last-modified: Thu, 16 Feb 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: lbF8PfbmhJLy1cAWDcBdK7LEYc1dL8mRQiqlRl4lTQAuTUTt1TKuXHy5fWK1K/lQBKfROffrqpI=
x-amz-request-id: 78C0ZNTDNSHY8AJN
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Wed, 22 Feb 2023 04:53:13 GMT
age: 1740
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
content-length: 5348
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22

35.241.9.150

200 OK

2.4 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (2387), with no line terminators
Size
2.4 kB (2387 bytes)
Hash
ffc6488079ed80a847550c9639a3dcbb
c605ae42b2e5f24edd322ff3dedcdb59487e3ffe
54185fa9e3158fc0bf16e9fc85b801f488dec533221128b5e00a12425d22b9b2

HTTP Headers

GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2387
via: 1.1 google
date: Wed, 22 Feb 2023 05:13:38 GMT
age: 515
last-modified: Thu, 16 Feb 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 21 Feb 2023 09:20:18 GMT
Age: 72115
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

appleidd.cyou/js/site-jquery.min.js

103.181.135.108

200 OK

33 kB

URL HTTP/2
appleidd.cyou/js/site-jquery.min.js
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
ASCII text, with very long lines (32056), with CRLF line terminators
Size
33 kB (32817 bytes)
Hash
5ec480205a2fbed2d54188cb5dd09873
3771c18ca7e2d84ae308a79ba587c4f1517d31bc
5172090b09d581591d763879e887441d3a795f0902c14ec82cb118635dc3d24a

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET /js/site-jquery.min.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "16b60-5f33ff13692f1-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 32817
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

appleidd.cyou/fonts?families=SF+Pro,v3|SF+Pro+Icons,v3|SF+Pro+JP,v1

103.181.135.108

404 Not Found

1.8 kB

URL HTTP/2
appleidd.cyou/fonts?families=SF+Pro,v3|SF+Pro+Icons,v3|SF+Pro+JP,v1
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.8 kB (1829 bytes)
Hash
321f9542c6ea17ba30fbc8e6e3d440d7
1ea37383d46323212f5418635664e80de5d42fb1
d30d0f9ce035c90119d4e51f7a81cff12e69f54389f1820fb439ecb0d72f5234

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET /fonts?families=SF+Pro,v3|SF+Pro+Icons,v3|SF+Pro+JP,v1 HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1829
content-type: text/html; charset=utf-8
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

appleidd.cyou/js/jquery-3.4.1.min.js

103.181.135.108

200 OK

1.7 kB

URL HTTP/2
appleidd.cyou/js/jquery-3.4.1.min.js
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
data
Size
1.7 kB (1743 bytes)
Hash
6b4b11b4f4dbb0873fb833da9de1e364
52e296f9a002ade6cb8faa9a3eb5bbeea4556ecc
b1fe5733d6277fa18fe98b388365296487e8fdd482bc7f59611377d2c610c2cb

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET /js/jquery-3.4.1.min.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "15853-5f33ff1368b25-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30682
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258

35.241.9.150

200 OK

682 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Size
682 B (682 bytes)
Hash
b30f8ece578515cb7c33333cdf0485ca
6aa42099c66c2f0cd4a891912e7c75a17a4a7acf
43823ad0d90ecc55bdd40322582184762c58f7ed047a8c1063d8cc63ef50ba19

HTTP Headers

GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Wed, 22 Feb 2023 04:36:20 GMT
age: 2753
last-modified: Tue, 14 Feb 2023 16:36:55 GMT
etag: "1676392615943"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22

35.241.9.150

200 OK

1.7 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1717), with no line terminators
Size
1.7 kB (1717 bytes)
Hash
e12dcfe75b68417c5bcb10f1e15fb14d
2841426e274af947a3701e868ce533caf3394ff3
eff66487c461137a19d077cf62f840eb771b26a14ba3acbf411f1d03eab526be

HTTP Headers

GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1667238122278&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1717
via: 1.1 google
date: Wed, 22 Feb 2023 05:16:51 GMT
age: 322
last-modified: Tue, 14 Feb 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22

35.241.9.150

200 OK

1.3 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1251), with no line terminators
Size
1.3 kB (1251 bytes)
Hash
5c7621ec87fff35888cbda6a6efdb985
cacca9307e5a1adf74bbb94a74c903a270502523
f042c6e3f1eb4dd8fdc08549aa666db714dc70919c7cda9161c2acd675cec090

HTTP Headers

GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Content-Length, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1251
via: 1.1 google
date: Wed, 22 Feb 2023 05:13:48 GMT
age: 505
last-modified: Tue, 14 Feb 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

appleidd.cyou/css/app.441ee69e.css

103.181.135.108

200 OK

38 kB

URL HTTP/2
appleidd.cyou/css/app.441ee69e.css
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
Unicode text, UTF-8 text, with very long lines (64652), with no line terminators
Size
38 kB (38176 bytes)
Hash
ae59ed13c5743a8fd362c9a23afcc5ba
481180253b37bc178ffc0ee7c87b14fc541de1fc
35b054f21afaa7dff61ea6daf2b331c58a9ae46adbe002bbfcb6574ea3b520b7

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.

HTTP Headers

GET /css/app.441ee69e.css HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "76a9c-5f33ff1360f9f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 38176
content-type: text/css
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22

35.241.9.150

200 OK

5.6 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (5628), with no line terminators
Size
5.6 kB (5628 bytes)
Hash
be82ff7e7f2d325910e461e154dbf0b2
5fc5963b528fa5e0a06a3bcd63277b57a3d43aba
0b596ad035df202c3f780103926c488aa30776dbcceb0aefbe261eaab5103c96

HTTP Headers

GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1675734066429&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 5628
via: 1.1 google
date: Wed, 22 Feb 2023 04:39:28 GMT
age: 2565
last-modified: Tue, 14 Feb 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4541
Expires: Wed, 22 Feb 2023 06:37:54 GMT
Date: Wed, 22 Feb 2023 05:22:13 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4541
Expires: Wed, 22 Feb 2023 06:37:54 GMT
Date: Wed, 22 Feb 2023 05:22:13 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
29675b43fa4a5609baa371c2449bfaf8
938fb69ea5d808388521b237e813f54ad2c1ec51
108b6420ad8473bb4150630466153daae7f70ca3b3eda9258e6e0c8d59cbfe3c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "108B6420AD8473BB4150630466153DAAE7F70CA3B3EDA9258E6E0C8D59CBFE3C"
Last-Modified: Mon, 20 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4541
Expires: Wed, 22 Feb 2023 06:37:54 GMT
Date: Wed, 22 Feb 2023 05:22:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71674fc5-5c16-4206-b565-05be96860715.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71674fc5-5c16-4206-b565-05be96860715.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8032 bytes)
Hash
2cd2e85474bc5b6daa19eb8722e81d60
e62a0bf2f9a9b7bdbf45f45278ac89a450075979
bcbe4d59fd3b27549647f51bec45599ba48b386436675f1a64c3d3b96fc13f77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71674fc5-5c16-4206-b565-05be96860715.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8032
x-amzn-requestid: 4f2da189-b0ad-4f13-a0ca-643bb716e2b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtW0FGV4IAMFSxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53819-33884245247d3a1347382b4b;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:31:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -uuJJJHFFFjg2ODEALrPgxi10MnWEnyVsWGwKoVNzM6o8gLFLZv2gA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:41:31 GMT
age: 27642
etag: "e62a0bf2f9a9b7bdbf45f45278ac89a450075979"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dacef7f-d2f8-4689-8e99-f6264cd88f75.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8863 bytes)
Hash
bb6757305388dc32866ee6c551938c4c
4eab046e0d4f23d91db4a56b8d6d8cde782e2e47
dc0a93e777b2aaf3f3881539de1de15015bcedc2445b8f5558d04a822399bae4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7dacef7f-d2f8-4689-8e99-f6264cd88f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 8983434d-4704-4792-a9b6-625c7d6160f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtXYfGJAIAMF3Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53902-21e200522022d8bf513f1b19;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:34:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eKMh8liE2cyCm1LzXIvkcdGa_XRq8Bt1rrmSNvUdT4vZ7vSborqHkw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:53:12 GMT
age: 26941
etag: "4eab046e0d4f23d91db4a56b8d6d8cde782e2e47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6014 bytes)
Hash
8c6732b7444870a5b22ebce5df2c278b
bd8bd8ba57a3d59b71f910110b7b0ce23c7bf605
6232d37914485ffd42f7e5932c36a9ff49bdd42bb8a13837cc9c054d86ccdc78

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F403cd5de-6016-40c5-bb7a-1ee6515b0fdb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6014
x-amzn-requestid: e95f7ea9-3a3c-4649-9d52-857c07e985fa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AnhqGHq_oAMFwwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f2e30d-49271ec356ab804b185f63dd;Sampled=0
x-amzn-remapped-date: Mon, 20 Feb 2023 03:03:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 67WhU2rkqUNsyaWppmDkLPWGFWyJeuGFN6bjgpC0E52BkmPy8a3prg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 04:32:35 GMT
age: 2978
etag: "bd8bd8ba57a3d59b71f910110b7b0ce23c7bf605"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7734 bytes)
Hash
e7cd1e9feb9abc7f7d7f0d5fc7b181f0
cf3ce1808c48e1a86910e16731a044f6cb26275d
426c90298d5a0807b7820d803ce2907268df1195e15d5582eb0ff2f3deeb318c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7734
x-amzn-requestid: fe4dc342-33b6-45f6-984c-2c71dfa0ec13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-lGiJoAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f6-489049413f3cb63c537f20d0;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KyUqB4zqsHWgCv7C3-PymFep4oVmPy4ZHFf75lYOfWbb4qgvVRqoLg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 21:42:20 GMT
age: 27593
etag: "cf3ce1808c48e1a86910e16731a044f6cb26275d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e8486-3f6e-4401-a61f-82307f1eab6d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6129 bytes)
Hash
e4cd28cac5124a753970c48f3be03e23
f2f5231684295a81db59aa2a14e9d729c92c071f
b0acc1dd0696f1810c997f843d5c6f12a1963118bd59176c849f4e35135b613a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F481e8486-3f6e-4401-a61f-82307f1eab6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6129
x-amzn-requestid: 101c8095-2ae9-45f5-b7cb-13be313654f4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-bFKHIAMFveg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f5-6ade4eb449dea4fb2f13b651;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FXPBQSnCNq9YuNoEvrNyc7cpA97JxH1AAploVRF2qcU1cs285WQvxQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 22:44:59 GMT
age: 23834
etag: "f2f5231684295a81db59aa2a14e9d729c92c071f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0efa662e-c334-4c53-be4c-81925d55c117.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8959 bytes)
Hash
b55335999a026a3bf5d8c8c920a31562
08259dd5654e530dc29c35ea537bae21aa88fb0a
69b1cb1bb453da683c879daaf2f266f4ac7399e5de90cae879ce2fa19ac182cb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0efa662e-c334-4c53-be4c-81925d55c117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8959
x-amzn-requestid: 1c3579bb-647b-499b-afce-f420de41686c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtXqyFDSoAMFhAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f53977-500bef655fb9e0f744216d05;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:36:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qTYasQOed2Yym0WmLEv6OW5yB7EL8U1EmHAWiw7RWlADvNgrvraKOw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Feb 2023 22:00:04 GMT
age: 26529
etag: "08259dd5654e530dc29c35ea537bae21aa88fb0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

appleidd.cyou/js/la/theme/default/layer.css?v=3.5.1

103.181.135.108

200 OK

2.8 kB

URL HTTP/2
appleidd.cyou/js/la/theme/default/layer.css?v=3.5.1
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
ASCII text, with very long lines (14271), with no line terminators
Size
2.8 kB (2789 bytes)
Hash
6497813545cf90650ae10de86c63d726
c85b41a63fb9c30662fd8562e1b5e904861efd32
b10eff28060fadecc17553df8fc74874fa5aa42d95c2c1942f0b4297e59bea01

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET /js/la/theme/default/layer.css?v=3.5.1 HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "37bf-5f33ff137a3a4-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2789
content-type: text/css
date: Wed, 22 Feb 2023 05:22:13 GMT
server: Apache
X-Firefox-Spdy: h2

appleidd.cyou/favicon.ico

103.181.135.108

200 OK

1.5 kB

URL HTTP/2
appleidd.cyou/favicon.ico
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
1.5 kB (1548 bytes)
Hash
b23ab51cc242bd99af6c169bbe9de0aa
15e915c1fe631f343f71d1914ca30db548f7893f
d78af36a66915cf73d54f69e4ca3785d9c3241e550d67bd1d77069a704f12427

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "576e-5f33ff135fc23-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1548
content-type: image/x-icon
date: Wed, 22 Feb 2023 05:22:15 GMT
server: Apache
X-Firefox-Spdy: h2

appleidd.cyou/ap/signin/step1/getCout

103.181.135.108

200 OK

42 B

URL HTTP/2
appleidd.cyou/ap/signin/step1/getCout
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
JSON data\012- , ASCII text, with no line terminators
Size
42 B (42 bytes)
Hash
01e8c3f9c67d97142cb5d74b5df1f6f2
3f2be8c21f6aad2b5d614961154f1a1309cb5202
b7d366184a1824df63437650d30483c6414b6c794cb79cb9411f8b90f60b5337

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

POST /ap/signin/step1/getCout HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 6
Origin: https://appleidd.cyou
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: https://appleidd.cyou
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 42
content-type: application/json; charset=utf-8
date: Wed, 22 Feb 2023 05:22:17 GMT
server: Apache
X-Firefox-Spdy: h2

appleidd.cyou/ap/signin/step1/getipCout

103.181.135.108

200 OK

45 B

URL HTTP/2
appleidd.cyou/ap/signin/step1/getipCout
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
JSON data\012- , ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
b8a90c39629ef77d044fcfc5d7bea337
9c6f63e648a06125b353c3de4489a65c57ecada9
5e12ca8f569d0a08929ee91f3c0a6575199116bf85eecf8cb1db3cb068acae62

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

POST /ap/signin/step1/getipCout HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 6
Origin: https://appleidd.cyou
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: https://appleidd.cyou
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 45
content-type: application/json; charset=utf-8
date: Wed, 22 Feb 2023 05:22:17 GMT
server: Apache
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_apple_image__b5er5ngrzxqq_large.svg

184.24.44.212

200 OK

506 B

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_apple_image__b5er5ngrzxqq_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (863), with no line terminators
Size
506 B (506 bytes)
Hash
7c6393caa9f0ae330e47551b60036d2d
4d52261dfc38b7fb8d2034f20919f2763774c029
48952a3f26c6ae478ee3514125aefc94b40eecca7bddccdb805922974540aa1f

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_apple_image__b5er5ngrzxqq_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 24 Oct 2021 03:40:19 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 506
cache-control: max-age=327
expires: Wed, 22 Feb 2023 05:27:44 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_REFRESH_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (S)
vary: Accept-Encoding
x-cache-remote: TCP_IMS_HIT from a23-218-92-44.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_mac_image__dazlko3t9a6a_large.svg

184.24.44.212

200 OK

598 B

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_mac_image__dazlko3t9a6a_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1105), with no line terminators
Size
598 B (598 bytes)
Hash
a9c6830bebe54b8b8b1d6c09ffb507f7
505c03add10939828c6144829156f2b1d08e8754
df07b4d85a33c691804b8c390671a92169e77dc8a5d3866e3fe89d2225bcfec4

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_mac_image__dazlko3t9a6a_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 598
cache-control: max-age=30
expires: Wed, 22 Feb 2023 05:22:47 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (A)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_iphone_image__ko7x4isga4ia_large.svg

184.24.44.212

200 OK

692 B

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_iphone_image__ko7x4isga4ia_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1405), with no line terminators
Size
692 B (692 bytes)
Hash
7b4ff597390846f2167a67084b491684
74cfd43323817a5304dc68f1065aaf16e96750f2
2e161c18e91b8293781747a383c38ee7ae1bfad8461f5adb7d0dc2afa9484f37

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_iphone_image__ko7x4isga4ia_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 692
cache-control: max-age=125
expires: Wed, 22 Feb 2023 05:24:22 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_ipad_image__fw9qyj9lloi2_large.svg

184.24.44.212

200 OK

634 B

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_ipad_image__fw9qyj9lloi2_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1164), with no line terminators
Size
634 B (634 bytes)
Hash
422c1654daadd76d616c3ebe7400c652
b20c8cd51f5ebf946b57a4515b58f449712dee0b
385c1ec51ab7b5b645224c0a645914cc554b65c04c8b67c6e4d9cff4a9d4b1f7

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_ipad_image__fw9qyj9lloi2_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
cneonction: close
content-type: image/svg+xml
content-encoding: gzip
content-length: 634
cache-control: max-age=136
expires: Wed, 22 Feb 2023 05:24:33 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_watch_image__gkoblojrlsqe_large.svg

184.24.44.212

200 OK

683 B

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_watch_image__gkoblojrlsqe_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1309), with no line terminators
Size
683 B (683 bytes)
Hash
9655609bfd5cb54cdbc923f75aea2603
f1ba0f202e5aafeb2a2cf3536b650c184322de36
6ab90f93a1a92a4f6e4a2700ff97ef2622cb80c01618d3d9dde2ba131619ca52

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_watch_image__gkoblojrlsqe_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 683
cache-control: max-age=268
expires: Wed, 22 Feb 2023 05:26:45 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_store_image__c7jy08initqq_large.svg

184.24.44.212

200 OK

962 B

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_store_image__c7jy08initqq_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2420)
Size
962 B (962 bytes)
Hash
0f16108c3fb34b73cfadbef5be143b2b
48aa366845387de2db1a19380d20ce6c115942cc
e87b18c511711ba7a2ea18b6d59e99157bd434b8736814174dac7bb289112140

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_store_image__c7jy08initqq_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
cneonction: close
content-type: image/svg+xml
content-encoding: gzip
content-length: 962
cache-control: max-age=95
expires: Wed, 22 Feb 2023 05:23:52 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_REFRESH_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (S)
vary: Accept-Encoding
x-cache-remote: TCP_IMS_HIT from a23-218-92-31.deploy.akamaitechnologies.com (AkamaiGHost/11.0.1-46623256) (-)
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_airpods_image__f969s84ivmaa_large.svg

184.24.44.212

200 OK

854 B

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_airpods_image__f969s84ivmaa_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1722), with no line terminators
Size
854 B (854 bytes)
Hash
ccafac1d17b3463e9b1791fafb74d823
303c530474238638b653c90e357f926b0cfeb97a
2d39e19a8a4adbee7603871c6555353d0b5d027431847416b36c75b172578bc6

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_airpods_image__f969s84ivmaa_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
cneonction: close
nncoection: close
content-type: image/svg+xml
content-encoding: gzip
content-length: 854
cache-control: max-age=105
expires: Wed, 22 Feb 2023 05:24:02 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_tvhome_image__zb2ewyxbi6ae_large.svg

184.24.44.212

200 OK

1.1 kB

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_tvhome_image__zb2ewyxbi6ae_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2194), with no line terminators
Size
1.1 kB (1072 bytes)
Hash
7e5c9145beda748ed091373d4d00c388
f05e136c704c40e1d42ef10e6710ca50a0027180
e60052f03009b4e45c2dd716f3b5eee1d310d1b00cc8715859a4bec19eb543b9

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_tvhome_image__zb2ewyxbi6ae_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: gzip
content-length: 1072
cache-control: max-age=83
expires: Wed, 22 Feb 2023 05:23:40 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_onlyonapple_image__c4t8k97tougm_large.svg

184.24.44.212

200 OK

1.2 kB

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_onlyonapple_image__c4t8k97tougm_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3005)
Size
1.2 kB (1209 bytes)
Hash
6efffff904781b3d24719effa94332a8
c79405a1d2fd7a6f0e833bd8850ed7e0da69f74b
b77233816900aac9af97e9100811034b08035a7df369c5270e960239ccf6dd12

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_onlyonapple_image__c4t8k97tougm_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 1209
cache-control: max-age=56
expires: Wed, 22 Feb 2023 05:23:13 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (A)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_accessories_image__edj0wqmfwxyu_large.svg

184.24.44.212

200 OK

1.1 kB

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_accessories_image__edj0wqmfwxyu_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3656), with no line terminators
Size
1.1 kB (1066 bytes)
Hash
ec25b25d4c050a47b8e5e64bad5f3232
fab0dffe9e649add52075339398c56d045d579ed
d54b4bc940da30a1d84664d26288b948e9de59e0c5cca5aa872cd418c276ea1a

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_accessories_image__edj0wqmfwxyu_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
content-type: image/svg+xml
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-encoding: gzip
content-length: 1066
cache-control: max-age=125
expires: Wed, 22 Feb 2023 05:24:22 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

appleidd.cyou/js/app.62bf2fef.js

103.181.135.108

200 OK

4.8 MB

URL HTTP/2
appleidd.cyou/js/app.62bf2fef.js
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size
4.8 MB (4841218 bytes)
Hash
439a2e0a0239c9560333a7cb34d2dae9
7b624c0dba6e30325100b963375f04f95714d99a
bbbb8cae81d8ac8bc891dda11e71f3ecb0ba718e30d2e10be90eeb28c2d2e34b

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET /js/app.62bf2fef.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "694bb2-5f33ff1361768-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

appleidd.cyou/api/api.php

103.181.135.108

200 OK

30 B

URL HTTP/2
appleidd.cyou/api/api.php
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
JSON data\012- , ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
fe7d5f1b678ede88dc2a45f7abdf8627
b25cfbebb09fbc12062bc09317a4b7b2b6d17fe9
98906dc5b39657e206730049cf40115d28ab10719342990a07ea7f8dec418217

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

POST /api/api.php HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4
Origin: https://appleidd.cyou
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-length: 30
content-type: text/html; charset=UTF-8
date: Wed, 22 Feb 2023 05:22:17 GMT
server: Apache
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_search_image__cbllq1gkias2_large.svg

184.24.44.212

200 OK

251 B

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_search_image__cbllq1gkias2_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (541), with no line terminators
Size
251 B (251 bytes)
Hash
6627ecc07b9fbdd1002061f230d02d8f
c9cd2a1ef41fc70b22650c2e93206a1db44ba902
95b63219e669f69e2267e58a5a50de05318e00bccbccab6c4d185f60debd8500

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_search_image__cbllq1gkias2_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 251
cache-control: max-age=88
expires: Wed, 22 Feb 2023 05:23:45 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_bag_image__yzte50i47ciu_large.svg

184.24.44.212

200 OK

298 B

URL HTTP/2
www.apple.com/ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_bag_image__yzte50i47ciu_large.svg
IP
184.24.44.212:0
ASN
#16625 AKAMAI-AS

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (477), with no line terminators
Size
298 B (298 bytes)
Hash
1d93b5b20a166de20ad8f9db54c97f9d
6294c9080ef5645c7e7867883ca4d0f064faff2a
03e992684f059f880af5bfe6bc1bc0467f822c3db7a6edd2854aa1d0c9633538

HTTP Headers

GET /ac/globalnav/7/en_US/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_bag_image__yzte50i47ciu_large.svg HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.apple.com/ac/globalnav/7/en_US/styles/ac-globalnav.built.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 23:19:28 GMT
server: Apple
accept-ranges: bytes
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
content-type: image/svg+xml
content-encoding: gzip
content-length: 298
cache-control: max-age=146
expires: Wed, 22 Feb 2023 05:24:43 GMT
date: Wed, 22 Feb 2023 05:22:17 GMT
x-cache: TCP_MEM_HIT from a95-101-11-150.deploy.akamaitechnologies.com (AkamaiGHost/11.0.0-46340752) (-)
vary: Accept-Encoding
set-cookie: geo=NO; path=/; domain=.apple.com
X-Firefox-Spdy: h2

appleid.cdn-apple.com/appleauth/static/bin/cb1633718600/dist/assets/HR_gradient_dark.png

23.43.132.13

200 OK

1.3 kB

URL HTTP/1.1
appleid.cdn-apple.com/appleauth/static/bin/cb1633718600/dist/assets/HR_gradient_dark.png
IP
23.43.132.13:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 382 x 50, 4-bit colormap, non-interlaced\012- data
Size
1.3 kB (1263 bytes)
Hash
94ac33ef626d201b1093264f6438c201
341cc1e181909f6feb6f0b97b9aadfa79bae00be
f1eba2e630f0c5f98187b94528869e15a8ab6558a8cb96f68339875b6d5c27e7

HTTP Headers

GET /appleauth/static/bin/cb1633718600/dist/assets/HR_gradient_dark.png HTTP/1.1
Host: appleid.cdn-apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleid.cdn-apple.com/appleauth/static/cssj/602923700/widget/auth/app-sk7.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: Apple
Content-Type: image/png
Cache-Control: public, max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
ETag: W/"1240-1673569071400"
Last-Modified: Fri, 13 Jan 2023 00:17:51 GMT
Vary: accept-encoding
Content-Encoding: gzip
Content-Length: 1263
Date: Wed, 22 Feb 2023 05:22:17 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *

appleid.cdn-apple.com/appleauth/static/bin/cb3432457731/dist/assets/shared-icons.woff

23.43.132.13

200 OK

9.6 kB

URL HTTP/1.1
appleid.cdn-apple.com/appleauth/static/bin/cb3432457731/dist/assets/shared-icons.woff
IP
23.43.132.13:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 9552, version 1.0\012- data
Size
9.6 kB (9552 bytes)
Hash
e9e7624727ba14678b9a71b6f90745e3
0f0b7625cd06387c601f1632b0f69719b920f68a
6de3580fdeace0ff74927b2449e34587dd0b2a03c7711cf0087925e25429efe3

HTTP Headers

GET /appleauth/static/bin/cb3432457731/dist/assets/shared-icons.woff HTTP/1.1
Host: appleid.cdn-apple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://appleidd.cyou
Connection: keep-alive
Referer: https://appleid.cdn-apple.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: Apple
Content-Type: application/x-font-woff
Cache-Control: public, max-age=2592000
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
ETag: W/"9552-1671224583671"
Last-Modified: Fri, 16 Dec 2022 21:03:03 GMT
Vary: Accept-Encoding
Date: Wed, 22 Feb 2023 05:22:17 GMT
Content-Length: 9552
Connection: keep-alive

appleidd.cyou/images/appleicons_text.ttf

103.181.135.108

404 Not Found

1.8 kB

URL HTTP/2
appleidd.cyou/images/appleicons_text.ttf
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.8 kB (1831 bytes)
Hash
b948c2629ca722fac048789ceb7736d4
388705e50d5444b101018026b4927090319fc170
3633a94f34e2559c53435d6c4e1251400279fac83b2be9bf7379bd30342f5e43

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET /images/appleicons_text.ttf HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/css/ac-globalfooter.built.css
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-encoding: gzip
content-length: 1831
content-type: text/html; charset=utf-8
date: Wed, 22 Feb 2023 05:22:18 GMT
server: Apache
X-Firefox-Spdy: h2

appleidd.cyou/images/appleicons_text.woff

103.181.135.108

404 Not Found

8.7 kB

URL HTTP/2
appleidd.cyou/images/appleicons_text.woff
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type
data
Size
8.7 kB (8677 bytes)
Hash
96058c505f107418936af9b0acbbac38
7fb97a48ecba7bfb91c96ae722ca72b3befa17d6
07e5772ae7e2763ae453e27aa7a4e85f9d1551eb2c0d2d82e7034938759be37b

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET /images/appleicons_text.woff HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://appleidd.cyou/css/ac-globalfooter.built.css
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-type: text/html; charset=utf-8
date: Wed, 22 Feb 2023 05:22:18 GMT
server: Apache
X-Firefox-Spdy: h2

appleidd.cyou/images/appleicons_text.woff

103.181.135.108

404 Not Found

0 B

URL HTTP/2
appleidd.cyou/images/appleicons_text.woff
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET /images/appleicons_text.woff HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://appleidd.cyou/css/ac-globalfooter.built.css
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
access-control-allow-origin: *
set-cookie: PHPSESSID=605c0e5da960146094681819ad55f303; path=/
vary: Accept-Encoding
content-type: text/html; charset=utf-8
date: Wed, 22 Feb 2023 05:22:17 GMT
server: Apache
X-Firefox-Spdy: h2

appleidd.cyou/js/chunk-vendors.fe412a36.js

103.181.135.108

200 OK

0 B

URL HTTP/2
appleidd.cyou/js/chunk-vendors.fe412a36.js
IP
103.181.135.108:0
ASN
#9294 GNET INC.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Apple Inc.
fortinet	Phishing

HTTP Headers

GET /js/chunk-vendors.fe412a36.js HTTP/1.1
Host: appleidd.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appleidd.cyou/
Cookie: PHPSESSID=605c0e5da960146094681819ad55f303
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 27 Jan 2023 14:47:18 GMT
etag: "32272-5f33ff1360f9f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 22 Feb 2023 05:22:12 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (80)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers