| setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/ |  51.195.76.105 | 200 OK | 1.8 kB |
URL User Request GET HTTP/1.1setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/ IP51.195.76.105:80
File typeHTML document, ASCII text, with CRLF line terminators Hashdc810092d006c87615659c7c96835d7b b7ee6d424a7c3d2edb46eccd9b57e5e4de4e8f16 0cc39974ba166f936302102b34715aafb92109a51f9026c05edd78eda1807e6f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 21:54:33 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1754
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/css/sdn_login.css | 51.195.76.105 | 200 OK | 8.7 kB |
URL GET HTTP/1.1setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/css/sdn_login.css IP51.195.76.105:80
Requested byhttp://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
File typeASCII text, with very long lines (6033) Hashfafb4fe4dd5b2abb89d619ad106e602d 8774139dd2ed58774208e83fb0127ecec7e542b0 8b6fa960f62402920411733cd02a09c81a853da432e5240ae77955f9b1cb6d43
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/sdn_login.css HTTP/1.1
Host: setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 21:54:33 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 27 Jul 2023 09:26:05 GMT
ETag: "4511-601748daca540-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8688
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/js/jquery-1.12.0.js | 51.195.76.105 | 200 OK | 88 kB |
URL GET HTTP/1.1setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/js/jquery-1.12.0.js IP51.195.76.105:80
Requested byhttp://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
File typeJavaScript source, ASCII text Hashcd0095b52c4242a8aea3ae91aba35ea8 9020a4b42b2efec26411fa97fdd3bfc69a880e4e c85537acad72f0d7d409dfc1e2d2daa59032f71d29642a8b64b9852f70166fbb
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /js/jquery-1.12.0.js HTTP/1.1
Host: setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 21:54:33 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 27 Jul 2023 09:26:05 GMT
ETag: "47d11-601748daca540-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
|
|
| setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/images/waitwheel.gif | 51.195.76.105 | 200 OK | 3.2 kB |
URL GET HTTP/1.1setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/images/waitwheel.gif IP51.195.76.105:80
Requested byhttp://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
File typeGIF image data, version 89a, 32 x 32 Hasha51c5608d01acf32df728f299767f82b 2eb3f9f430fb2a6267e0d252129ef6473d074f37 aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images/waitwheel.gif HTTP/1.1
Host: setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 21:54:33 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 27 Jul 2023 09:26:05 GMT
ETag: "c88-601748daca540"
Accept-Ranges: bytes
Content-Length: 3208
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: image/gif
|
|
| setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/css/fonts/open-sans-v13-latin-regular.woff2 | 51.195.76.105 | 200 OK | 16 kB |
URL GET HTTP/1.1setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/css/fonts/open-sans-v13-latin-regular.woff2 IP51.195.76.105:80
Requested byhttp://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
File typeWeb Open Font Format (Version 2), TrueType, length 15572, version 1.6554 Hashe64cab167bbdc04807429d10873901a0 afc44700053c9a28f9ab26f6aec4862ac1d0795d 60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/fonts/open-sans-v13-latin-regular.woff2 HTTP/1.1
Host: setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/css/sdn_login.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 21:54:33 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 27 Jul 2023 09:26:05 GMT
ETag: "3cd4-601748daca540"
Accept-Ranges: bytes
Content-Length: 15572
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/css/fonts/open-sans-v13-latin-600.woff2 | 51.195.76.105 | 200 OK | 16 kB |
URL GET HTTP/1.1setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/css/fonts/open-sans-v13-latin-600.woff2 IP51.195.76.105:80
Requested byhttp://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
File typeWeb Open Font Format (Version 2), TrueType, length 16164, version 1.6554 Hashfa907b3395c41e35cdb25dca66a58ca9 a0b0c389cf46d63c850e61fed572485ff0b68183 efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /css/fonts/open-sans-v13-latin-600.woff2 HTTP/1.1
Host: setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/css/sdn_login.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 21:54:33 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 27 Jul 2023 09:26:05 GMT
ETag: "3f24-601748daca540"
Accept-Ranges: bytes
Content-Length: 16164
Keep-Alive: timeout=1, max=99
Connection: Keep-Alive
Content-Type: font/woff2
|
|
| a814af5066c8454f8f5a2ce559deacd2.wm.gogonow.de/ | 51.195.76.105 | 200 OK | 62 B |
URL POST HTTP/1.1a814af5066c8454f8f5a2ce559deacd2.wm.gogonow.de/ IP51.195.76.105:80
Requested byhttp://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
Hashb0627a18f035ab0edc902173ee442b4f 5c27c42894892c9ed31ec33327694ffb89e54876 e829deb19bd934df2be5f66c84a1a1e9908950506478f09ced00b7d36277c814
POST / HTTP/1.1
Host: a814af5066c8454f8f5a2ce559deacd2.wm.gogonow.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 43
Origin: http://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de
DNT: 1
Connection: keep-alive
Referer: http://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 21:54:33 GMT
Server: Apache/2.4.38 (Debian)
Access-Control-Allow-Origin: http://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json
|
|
| setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/images/favicon.ico | 51.195.76.105 | 200 OK | 108 kB |
URL GET HTTP/1.1setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/images/favicon.ico IP51.195.76.105:80
Requested byhttp://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
File typeMS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Size108 kB (107707 bytes) Hashb7a50f8d7504e3575962dd3d21aef861 e844161e0a2b0f4922fa2d747d954a7fa834c127 a690aa11d67faae0cf3c66063205062b9b6c1519d17a0b38111e5f4449ae30d9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /images/favicon.ico HTTP/1.1
Host: setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://setup.icloud.com.x.676e018fb91a3jvzjfhbculpb5zzsp5r4b7j76ripa3v.2886954758.tfkc.de/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 May 2024 21:54:33 GMT
Server: Apache/2.4.38 (Debian)
Last-Modified: Thu, 27 Jul 2023 09:26:05 GMT
ETag: "1a4bb-601748daca540"
Accept-Ranges: bytes
Content-Length: 107707
Keep-Alive: timeout=1, max=98
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
|
|