iclloudu.com Open in urlscan Pro
2606:4700:3032::681f:444c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://iclloudu.com/
Submission: On October 30 via automatic, source openphish (October 30th 2020, 2:22:52 am UTC)

Summary HTTP 49 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3032::681f:444c, located in United States and belongs to CLOUDFLARENET, US. The main domain is iclloudu.com.

This is the only time iclloudu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:303... 2606:4700:3032::681f:444c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:26f0:6c0... 2a02:26f0:6c00:185::1aca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	104.85.254.167 104.85.254.167	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.24.4.238 184.24.4.238	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
49	6

11 2606:4700:3032::681f:444c (United States)

ASN13335 (CLOUDFLARENET, US)

iclloudu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:185::1aca (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

www.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.85.254.167 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-254-167.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.4.238 (United States)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-24-4-238.deploy.static.akamaitechnologies.com

www.icloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	iclloudu.com iclloudu.com	69 KB
5	cdn-apple.com appleid.cdn-apple.com	97 KB
2	apple.com 1 redirects www.apple.com	440 B
1	jquery.com code.jquery.com	30 KB
1	icloud.com www.icloud.com Failed
49	5

	Domain	Requested by
11	iclloudu.com	iclloudu.com appleid.cdn-apple.com
5	appleid.cdn-apple.com	iclloudu.com appleid.cdn-apple.com
2	www.apple.com	1 redirects iclloudu.com
1	code.jquery.com	iclloudu.com
1	www.icloud.com	iclloudu.com
49	5

This site contains links to these domains. Also see Links.

Domain
www.icloud.com
www.apple.com

Subject Issuer	Validity	Valid
www.apple.com DigiCert SHA2 Extended Validation Server CA-3	`2020-10-07` - `2021-10-08`	a year	crt.sh
appleid.cdn-apple.com DigiCert SHA2 Extended Validation Server CA-3	`2020-02-10` - `2021-02-09`	a year	crt.sh
www.icloud.com DigiCert SHA2 Extended Validation Server CA-3	`2020-07-02` - `2021-07-03`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://iclloudu.com/
Frame ID: EC6E70CC73B590C6E65955D3A0B9B6EA
Requests: 40 HTTP requests in this frame

Frame: http://iclloudu.com/ic.php
Frame ID: BC8D958B50B3B223D84A98074ED9EB1D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

49
Requests

16 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

195 kB
Transfer

1352 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.icloud.com/
Title: Create Apple ID

Search URL Search Domain Scan URL

URL: https://www.apple.com/support/systemstatus/
Title: System Status

Search URL Search Domain Scan URL

URL: https://www.apple.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.apple.com/legal/internet-services/icloud/
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

http://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1 HTTP 301
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

49 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
iclloudu.com/ 28 KB
9 KB 471ms
457ms Document
text/html 2606:4700:3032::681f:444c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://iclloudu.com/

Protocol

HTTP/1.1

Server

2606:4700:3032::681f:444c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

614e9143ff2c5f77b75089ac3e7778bf624deb133f89038a759584e691f32089

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: iclloudu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 02:22:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=db00dbcd0a7f3bd48138fa83ecc8a33b71604024553; expires=Sun, 29-Nov-20 02:22:33 GMT; path=/; domain=.iclloudu.com; HttpOnly; SameSite=Lax
Last-Modified: Sun, 25 Oct 2020 15:18:32 GMT
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: DYNAMIC
cf-request-id: 0618e967fe0000dfbf57829000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s7nmnZyYLHQ%2B%2BKXxrWIGSQpfOe%2BdFlH3Oa1%2BAucvxY%2BUpDKBbMn244duubaClKX5FJufdkrRumF4EQDHGNMfxyLtF7%2FHqy3SHWxRxxCiruSotee%2FclbzuI4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 5ea1ab533cb4dfbf-FRA
Content-Encoding: gzip

GET
H/1.1 404
Not Found cloudkit.js
iclloudu.com/ging_files/ 0
0 464ms
458ms Script
text/html 2606:4700:3032::681f:444c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://iclloudu.com/ging_files/cloudkit.js

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/

Protocol

HTTP/1.1

Server

2606:4700:3032::681f:444c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://iclloudu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 02:22:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0618e969d30000d6fd6d806000000001
Pragma: no-cache
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w1C0n0Dux829V1kEOEMsdlh767g8ajx4%2BBoZPvEyCs9fqvo%2FKZEabSLToNOLD4P2MtWtX6X7x9j7rgdSwvNHXBkKmkPEcQHzv%2Bb0var3W%2BEVgg2G7lFu%2BOI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
X-Turbo-Charged-By: LiteSpeed
CF-RAY: 5ea1ab561e8cd6fd-FRA

GET
H/1.1 200
OK main.css
iclloudu.com/ging_files/ 302 KB
31 KB 667ms
667ms Stylesheet
text/css 2606:4700:3032::681f:444c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://iclloudu.com/ging_files/main.css

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/

Protocol

HTTP/1.1

Server

2606:4700:3032::681f:444c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0917abab1b1f4b5e88859cd9c0ff1bc0e327b5c11997610e9c18123457b417d8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://iclloudu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 02:22:34 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
Content-Length: 31276
cf-request-id: 0618e969ce0000dfbf52945000000001
Last-Modified: Wed, 18 Dec 2019 14:56:42 GMT
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=af3SmV1DdRYN53BLkJ7axkZMZusw3MTBYAp7EQnpWx9NFZA0VvSsqIH97v3iJgzlHhFRyxevPkc21%2FpICwOzy6CR%2BJZGkUWYrNf%2Fog5tWEiX82D13nAFgNQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: public, max-age=604800
X-Turbo-Charged-By: LiteSpeed
Accept-Ranges: bytes
CF-RAY: 5ea1ab561ee8dfbf-FRA
Expires: Fri, 06 Nov 2020 02:22:34 GMT

GET
H/1.1 404
Not Found main.js
iclloudu.com/ging_files/ 0
0 464ms
458ms Script
text/html 2606:4700:3032::681f:444c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://iclloudu.com/ging_files/main.js

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/

Protocol

HTTP/1.1

Server

2606:4700:3032::681f:444c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://iclloudu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 02:22:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0618e969d3000016e6e2b98000000001
pragma: no-cache
Server: cloudflare
x-frame-options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SOA9Ocl%2FT%2FQJ2x6QPUKtn%2BM1TtFFZp8rmxP7BGXdut4NCdwJ4k0Xb%2BujR5dxOOTK6zLCfP3jnApQVZcI7vIefveUBd8nRMkmCgGdvSejs5qUYejObkZwCYw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
CF-RAY: 5ea1ab561ae516e6-FRA

GET
DATA 200
OK truncated
/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35d69f83d3ffb5cdd8db9ba1aa43b23eeb0bd23da28722ce99fd1e8e9303d343

Request headers

Referer: http://iclloudu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/css

GET
H/1.1 404
Not Found main.js
iclloudu.com/ging_files/ 0
0 452ms
452ms Script
text/html 2606:4700:3032::681f:444c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://iclloudu.com/ging_files/main.js

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/

Protocol

HTTP/1.1

Server

2606:4700:3032::681f:444c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://iclloudu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 02:22:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0618e96c740000dfbff81fb000000001
pragma: no-cache
Server: cloudflare
x-frame-options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=c6le3Up9E3IR5xXy2zK2eq1OYt7tYYrjFRLll966tkECISyvjLA4plz06lxjotmJEEPaxw6FEGrmwP98kWyuV%2BbtEf2oa5DGDqEXKUS0WGBhmo2BN9JwIjo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
CF-RAY: 5ea1ab5a5ad8dfbf-FRA

GET
H/1.1 404
Not Found SFNSText-Light.woff
iclloudu.com/fonts/ 0
0 454ms
453ms Font
text/html 2606:4700:3032::681f:444c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://iclloudu.com/fonts/SFNSText-Light.woff

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/ging_files/main.css

Protocol

HTTP/1.1

Server

2606:4700:3032::681f:444c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: http://iclloudu.com
Referer: http://iclloudu.com/ging_files/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 02:22:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0618e96c7b000016e608930000000001
Pragma: no-cache
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KKbsjnc9T7gc5PsLRm%2BFJbSMdVutIX%2BsE6%2Fe28M9ICnJClK8BUFTUGpl0GEgtTOm%2BLdRwOWgxi5VO5Bz%2BDWl6tlcYZpfsgzzihCYSwLx5n0UQy88dviHdLk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
X-Turbo-Charged-By: LiteSpeed
CF-RAY: 5ea1ab5a5f4d16e6-FRA

GET
H/1.1 200
OK ic.php Show response
iclloudu.com/ Frame BC8D 41 KB
27 KB 1103ms
1102ms Document
text/html 2606:4700:3032::681f:444c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://iclloudu.com/ic.php

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/

Protocol

HTTP/1.1

Server

2606:4700:3032::681f:444c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.34

Resource Hash

4ee22025b7fa0ab145dfb088cfd171c0e1f6b2c83035350f94d43dac6a9c2f2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Host: iclloudu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://iclloudu.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __cfduid=db00dbcd0a7f3bd48138fa83ecc8a33b71604024553
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://iclloudu.com/

Response headers

Date: Fri, 30 Oct 2020 02:22:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Turbo-Charged-By: LiteSpeed
CF-Cache-Status: DYNAMIC
cf-request-id: 0618e96e3c0000dfbfe5022000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=er2GvB9VBZZG2FqE5JJKrgHCBRVA7zSHxRN4%2FzbEJRSmEwoXudLs8BCtz0h%2BREqDFCGpc4lRv92hO5RLLAI8IJW5SLC%2BAC5D9cqyY%2FT77cIHeDkJtLCyAVo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 5ea1ab5d2d6bdfbf-FRA
Content-Encoding: gzip

GET 8b43f81d-0949-4fbe-924b-a6e1abbe7c79
https://www.icloud.com/ 0
0

GET e3a188a3-1f83-417f-831e-302fd2e3b256
https://www.icloud.com/ 0
0

GET af74e99a-d678-4174-bc5d-3c8f4811aa3a
https://www.icloud.com/ 0
0

GET b3e5d3ee-8c17-4ab1-a862-a92e2469cb45
https://www.icloud.com/ 0
0

GET f544fc7c-567c-4650-a22a-cad95e906bcb
https://www.icloud.com/ 0
0

GET d1ef8e3f-eb62-4c48-89fc-4e63bfa5dd69
https://www.icloud.com/ 0
0

GET 8bbf29b2-616f-4025-9530-e33da2cf230d
https://www.icloud.com/ 0
0

GET 2d2dfd08-dd0e-4777-bbd3-4b39b69e3c49
https://www.icloud.com/ 0
0

GET e2a2837e-52c5-482f-9285-54e72053ceda
https://www.icloud.com/ 0
0

GET 1f2eb70d-8c0e-4509-9ebb-4e230d1b9e77
https://www.icloud.com/ 0
0

GET bf44da5b-c9f5-4a42-b284-74b199bad0c2
https://www.icloud.com/ 0
0

GET e85e9dfa-d953-4948-9404-3818d019e073
https://www.icloud.com/ 0
0

GET 58ab5138-c73d-457c-acb6-43fc3254de9d
https://www.icloud.com/ 0
0

GET c1f13925-8f47-429f-9915-fc1dd889d5d5
https://www.icloud.com/ 0
0

GET a3a31876-961a-4cc6-bac6-d04a2bf7724f
https://www.icloud.com/ 0
0

GET 86e4596d-a569-4eb9-bb18-7adb5370f369
https://www.icloud.com/ 0
0

GET 9bc6e8b2-7798-4927-b9d0-b56f2cdb3f29
https://www.icloud.com/ 0
0

GET a10a38c1-053d-4eb6-ac3d-25ddcc8f998f
https://www.icloud.com/ 0
0

GET cd155b2d-2ecf-43ec-a037-29dece2b6347
https://www.icloud.com/ 0
0

GET fe004284-b8c6-4f77-a1ca-27c0949bcde0
https://www.icloud.com/ 0
0

GET fea585f4-285d-4d35-9959-39519d923fd5
https://www.icloud.com/ 0
0

GET a62d9b72-b84a-4941-95be-b2b36b35f508
https://www.icloud.com/ 0
0

GET 7a86e9ea-743d-4a3c-b96a-4a1e42e4607c
https://www.icloud.com/ 0
0

GET afc4b035-4ec5-48c8-91f4-1d88bc67ee19
https://www.icloud.com/ 0
0

GET 719c0af6-a130-4d40-b830-ae67874f462e
https://www.icloud.com/ 0
0

GET 7a52d8c6-ee1d-49bb-81c3-276648273df6
https://www.icloud.com/ 0
0

GET 917064a1-0854-45a2-9cb9-f9a408440617
https://www.icloud.com/ 0
0

GET e97eda6c-a919-4545-8064-15602e36fb11
https://www.icloud.com/ 0
0

GET 9706508e-fdf3-49c4-a777-948d10d1a15c
https://www.icloud.com/ 0
0

GET 66b45fca-2897-40ec-bf59-6ef466db1476
https://www.icloud.com/ 0
0

GET
H/1.1 404
Not Found SFNSText-Regular.woff
iclloudu.com/fonts/ 0
0 445ms
445ms Font
text/html 2606:4700:3032::681f:444c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://iclloudu.com/fonts/SFNSText-Regular.woff

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/ging_files/main.css

Protocol

HTTP/1.1

Server

2606:4700:3032::681f:444c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: http://iclloudu.com
Referer: http://iclloudu.com/ging_files/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 02:22:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0618e96e43000016e6ee3d2000000001
Pragma: no-cache
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FsNPjiBl3xc2knZ6aJ3RqHtsWdtAOmdbKC7U%2Fcem2UrIkErGnFD8v0i62lW%2F494Ijw5pHDgj6VvdAl4TfERndJnsvbZTk29D30oErHX245w57WQmCMZk9Dw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
X-Turbo-Charged-By: LiteSpeed
CF-RAY: 5ea1ab5d39de16e6-FRA

GET
H/1.1 404
Not Found SFUIText-Light.woff
iclloudu.com/fonts/ 0
0 453ms
452ms Font
text/html 2606:4700:3032::681f:444c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://iclloudu.com/fonts/SFUIText-Light.woff

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/ging_files/main.css

Protocol

HTTP/1.1

Server

2606:4700:3032::681f:444c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: http://iclloudu.com
Referer: http://iclloudu.com/ging_files/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 02:22:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0618e96e5d0000d6fd6e32c000000001
Pragma: no-cache
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E9BCk6augh0x%2F2mZgs%2Fy9%2Fk5W8BEnwdBVm%2BCNUw8u8tDcuYDsV4to0HNyj0gKyHCHX7e3JigxzKf7sagMBbEb%2FiT0DXGUMAR1%2FToy%2FArQStnodmz77ZcTHY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
X-Turbo-Charged-By: LiteSpeed
CF-RAY: 5ea1ab5d6f4dd6fd-FRA

GET
H/1.1 404
Not Found SFUIText-Regular.woff
iclloudu.com/fonts/ 0
0 446ms
446ms Font
text/html 2606:4700:3032::681f:444c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://iclloudu.com/fonts/SFUIText-Regular.woff

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/ging_files/main.css

Protocol

HTTP/1.1

Server

2606:4700:3032::681f:444c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: http://iclloudu.com
Referer: http://iclloudu.com/ging_files/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 30 Oct 2020 02:22:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
NEL: {"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
cf-request-id: 0618e97004000016e62c296000000001
Pragma: no-cache
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XDdYG4EVaUPqKEnOuusvFT2Sh9hU5q4CwBt6kzGKuUKBjEncI8wjZjcb48LambEAK%2Fl8yn0VX0cu%2FxlzzOZoElnKeRVqsHjRNwJINCNCJTMOYcgDJqwwKXI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
X-Turbo-Charged-By: LiteSpeed
CF-RAY: 5ea1ab600c5916e6-FRA

GET
H2

404

fonts
www.apple.com/wss/ Frame BC8D
Redirect Chain

http://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1

0
0

42ms
12ms

Stylesheet
text/html

2a02:26f0:6c00:185::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Requested by: Host: iclloudu.com
URL: http://iclloudu.com/ic.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:185::1aca , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://iclloudu.com/ic.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Fri, 30 Oct 2020 02:22:36 GMT
Server: AkamaiGHost
strict-transport-security: max-age=31536000
Location: https://www.apple.com/wss/fonts?families=SF+Pro,v1|SF+Pro+Icons,v1
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Expires: Fri, 30 Oct 2020 02:22:36 GMT

GET
H/1.1 200
OK app.css
appleid.cdn-apple.com/appleauth/static/cssj/N1985690059/widget/auth/ Frame BC8D 421 KB
40 KB 103ms
40ms Stylesheet
text/css 104.85.254.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/cssj/N1985690059/widget/auth/app.css

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/ic.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.85.254.167 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-85-254-167.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

46ca1da5b17e1be2c0e2091573a52558d1d3627339c4287b5ed416e42f669cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://iclloudu.com/ic.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 12 Dec 2019 17:27:42 GMT
Server: Apple
ETag: W/"431290-1576171662344"
Vary: accept-encoding
X-Cache: TCP_HIT from a88-221-214-103.deploy.akamaitechnologies.com (AkamaiGHost/10.2.0-30999382) (-)
Content-Type: text/css
Access-Control-Allow-Origin: https://idmsa.apple.com
Cache-Control: public, max-age=2592000
Date: Fri, 30 Oct 2020 02:22:36 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40152

GET
H/1.1 200
OK common-header.js Show response
appleid.cdn-apple.com/appleauth/static/jsj/N1382305660/ Frame BC8D 13 KB
6 KB 91ms
28ms Script
application/javascript 104.85.254.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsj/N1382305660/common-header.js

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/ic.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.85.254.167 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-85-254-167.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

5eaad8bd4e4f2f2a9d53d041f27bf6ed0f8a2df3d4e975a15d62f138639d0d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://iclloudu.com/ic.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 12 Dec 2019 17:27:42 GMT
Server: Apple
ETag: W/"12894-1576171662448"
Vary: accept-encoding
X-Cache: TCP_HIT from a88-221-214-103.deploy.akamaitechnologies.com (AkamaiGHost/10.2.0-30999382) (-)
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://idmsa.apple.com
Cache-Control: public, max-age=2592000
Date: Fri, 30 Oct 2020 02:22:36 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5135

GET
DATA 200
OK truncated
/ Frame BC8D 24 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c382f99f49158456a7b367b9a1a96fe0702e996b2cb5daec67cad7e1b8f5b02c

Request headers

Referer: http://iclloudu.com/ic.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK app.css Show response
appleid.cdn-apple.com/appleauth/static/cssj/N1985690059/widget/auth/ Frame BC8D 421 KB
40 KB 30ms
30ms Script
text/css 104.85.254.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/cssj/N1985690059/widget/auth/app.css

Requested by

Host: iclloudu.com
URL: http://iclloudu.com/ic.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.85.254.167 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-85-254-167.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

46ca1da5b17e1be2c0e2091573a52558d1d3627339c4287b5ed416e42f669cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://iclloudu.com/ic.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Thu, 12 Dec 2019 17:27:42 GMT
Server: Apple
ETag: W/"431290-1576171662344"
Vary: accept-encoding
X-Cache: TCP_MEM_HIT from a88-221-214-103.deploy.akamaitechnologies.com (AkamaiGHost/10.2.0-30999382) (-)
Content-Type: text/css
Access-Control-Allow-Origin: https://idmsa.apple.com
Cache-Control: public, max-age=2592000
Date: Fri, 30 Oct 2020 02:22:36 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40152

GET
H/1.1 404
Not Found main.css
www.icloud.com/system/cloudos2/1923Project57/vi-vi/ Frame BC8D 0
0 91ms
41ms Stylesheet
text/html 184.24.4.238
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.icloud.com/system/cloudos2/1923Project57/vi-vi/main.css
Requested by: Host: iclloudu.com
URL: http://iclloudu.com/ic.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.4.238 , United States, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-24-4-238.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: http://iclloudu.com/ic.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Expose-Headers: X-Apple-Request-UUID,Via

GET
H2 200 jquery-3.1.1.min.js Show response
code.jquery.com/ Frame BC8D 85 KB
30 KB 23ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: iclloudu.com
URL: http://iclloudu.com/ic.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer: http://iclloudu.com/ic.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 30 Oct 2020 02:22:36 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2016 22:32:34 GMT
server: nginx
status: 200
etag: W/"57e45c02-152b5"
vary: Accept-Encoding
x-hw: 1604024556.dop220.fr8.t,1604024556.cds246.fr8.hn,1604024556.cds012.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30070

GET
H/1.1 200
OK HR_gradient_dark.png
appleid.cdn-apple.com/appleauth/static/bin/cb1633718600/dist/assets/ Frame BC8D 1 KB
2 KB 27ms
27ms Image
image/png 104.85.254.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://appleid.cdn-apple.com/appleauth/static/bin/cb1633718600/dist/assets/HR_gradient_dark.png

Requested by

Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/appleauth/static/cssj/N1985690059/widget/auth/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.85.254.167 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-85-254-167.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

e39f78e3fd9428c8ad22060046d9cc07d65cf9fa784a16a3925b9acb52f35c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://appleid.cdn-apple.com/appleauth/static/cssj/N1985690059/widget/auth/app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 29 Sep 2020 21:10:28 GMT
Server: Apple
ETag: W/"1240-1601413828271"
Vary: accept-encoding
X-Cache: TCP_MEM_HIT from a88-221-214-103.deploy.akamaitechnologies.com (AkamaiGHost/10.2.0-30999382) (-)
Content-Type: image/png
Access-Control-Allow-Origin: https://idmsa.apple.com
Cache-Control: public, max-age=2592000
Date: Fri, 30 Oct 2020 02:22:36 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1263

GET
H/1.1 200
OK shared-icons.woff
appleid.cdn-apple.com/appleauth/static/bin/cb3432457731/dist/assets/ Frame BC8D 9 KB
10 KB 81ms
27ms Font
application/x-font-woff 104.85.254.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/bin/cb3432457731/dist/assets/shared-icons.woff

Requested by

Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/appleauth/static/cssj/N1985690059/widget/auth/app.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.85.254.167 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-85-254-167.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

6de3580fdeace0ff74927b2449e34587dd0b2a03c7711cf0087925e25429efe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: http://iclloudu.com
Referer: https://appleid.cdn-apple.com/appleauth/static/cssj/N1985690059/widget/auth/app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Last-Modified: Tue, 29 Sep 2020 21:10:28 GMT
Server: Apple
ETag: W/"9552-1601413828294"
Vary: accept-encoding
X-Cache: TCP_MEM_HIT from a88-221-214-103.deploy.akamaitechnologies.com (AkamaiGHost/10.2.0-30999382) (-)
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Date: Fri, 30 Oct 2020 02:22:36 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9476

POST
H/1.1 404
Not Found jslog Show response
iclloudu.com/appleauth/ Frame BC8D 1 KB
1 KB 231ms
231ms XHR
text/html 2606:4700:3032::681f:444c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://iclloudu.com/appleauth/jslog

Requested by

Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/appleauth/static/jsj/N1382305660/common-header.js

Protocol

HTTP/1.1

Server

2606:4700:3032::681f:444c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: http://iclloudu.com/ic.php
x-csrf-token
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
scnt
Content-type: application/json

Response headers

Pragma: no-cache
Date: Fri, 30 Oct 2020 02:22:36 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a9IcC%2BVXKvv%2FKNx3VTmZtZn7qeBFMsux0GxlJ9ZlGKMR2T5YxzMcW05l5iPSFrhnNdyl40gQ%2FUGO148S9igszTlGUh6OtyP%2ByW306%2BDIbpMJ2%2Fh96mBmYbE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Turbo-Charged-By: LiteSpeed
Connection: keep-alive
CF-RAY: 5ea1ab65cce3dfbf-FRA
cf-request-id: 0618e9739e0000dfbf05b83000000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.icloud.com
URL: blob:https://www.icloud.com/8b43f81d-0949-4fbe-924b-a6e1abbe7c79

Domain: www.icloud.com
URL: blob:https://www.icloud.com/e3a188a3-1f83-417f-831e-302fd2e3b256

Domain: www.icloud.com
URL: blob:https://www.icloud.com/af74e99a-d678-4174-bc5d-3c8f4811aa3a

Domain: www.icloud.com
URL: blob:https://www.icloud.com/b3e5d3ee-8c17-4ab1-a862-a92e2469cb45

Domain: www.icloud.com
URL: blob:https://www.icloud.com/f544fc7c-567c-4650-a22a-cad95e906bcb

Domain: www.icloud.com
URL: blob:https://www.icloud.com/d1ef8e3f-eb62-4c48-89fc-4e63bfa5dd69

Domain: www.icloud.com
URL: blob:https://www.icloud.com/8bbf29b2-616f-4025-9530-e33da2cf230d

Domain: www.icloud.com
URL: blob:https://www.icloud.com/2d2dfd08-dd0e-4777-bbd3-4b39b69e3c49

Domain: www.icloud.com
URL: blob:https://www.icloud.com/e2a2837e-52c5-482f-9285-54e72053ceda

Domain: www.icloud.com
URL: blob:https://www.icloud.com/1f2eb70d-8c0e-4509-9ebb-4e230d1b9e77

Domain: www.icloud.com
URL: blob:https://www.icloud.com/bf44da5b-c9f5-4a42-b284-74b199bad0c2

Domain: www.icloud.com
URL: blob:https://www.icloud.com/e85e9dfa-d953-4948-9404-3818d019e073

Domain: www.icloud.com
URL: blob:https://www.icloud.com/58ab5138-c73d-457c-acb6-43fc3254de9d

Domain: www.icloud.com
URL: blob:https://www.icloud.com/c1f13925-8f47-429f-9915-fc1dd889d5d5

Domain: www.icloud.com
URL: blob:https://www.icloud.com/a3a31876-961a-4cc6-bac6-d04a2bf7724f

Domain: www.icloud.com
URL: blob:https://www.icloud.com/86e4596d-a569-4eb9-bb18-7adb5370f369

Domain: www.icloud.com
URL: blob:https://www.icloud.com/9bc6e8b2-7798-4927-b9d0-b56f2cdb3f29

Domain: www.icloud.com
URL: blob:https://www.icloud.com/a10a38c1-053d-4eb6-ac3d-25ddcc8f998f

Domain: www.icloud.com
URL: blob:https://www.icloud.com/cd155b2d-2ecf-43ec-a037-29dece2b6347

Domain: www.icloud.com
URL: blob:https://www.icloud.com/fe004284-b8c6-4f77-a1ca-27c0949bcde0

Domain: www.icloud.com
URL: blob:https://www.icloud.com/fea585f4-285d-4d35-9959-39519d923fd5

Domain: www.icloud.com
URL: blob:https://www.icloud.com/a62d9b72-b84a-4941-95be-b2b36b35f508

Domain: www.icloud.com
URL: blob:https://www.icloud.com/7a86e9ea-743d-4a3c-b96a-4a1e42e4607c

Domain: www.icloud.com
URL: blob:https://www.icloud.com/afc4b035-4ec5-48c8-91f4-1d88bc67ee19

Domain: www.icloud.com
URL: blob:https://www.icloud.com/719c0af6-a130-4d40-b830-ae67874f462e

Domain: www.icloud.com
URL: blob:https://www.icloud.com/7a52d8c6-ee1d-49bb-81c3-276648273df6

Domain: www.icloud.com
URL: blob:https://www.icloud.com/917064a1-0854-45a2-9cb9-f9a408440617

Domain: www.icloud.com
URL: blob:https://www.icloud.com/e97eda6c-a919-4545-8064-15602e36fb11

Domain: www.icloud.com
URL: blob:https://www.icloud.com/9706508e-fdf3-49c4-a777-948d10d1a15c

Domain: www.icloud.com
URL: blob:https://www.icloud.com/66b45fca-2897-40ec-bf59-6ef466db1476

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.iclloudu.com/	1970-01-19 14:16:56	Name: __cfduid Value: db00dbcd0a7f3bd48138fa83ecc8a33b71604024553

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appleid.cdn-apple.com
code.jquery.com
iclloudu.com
www.apple.com
www.icloud.com
www.icloud.com
104.85.254.167
184.24.4.238
2001:4de0:ac19::1:b:3a
2606:4700:3032::681f:444c
2a02:26f0:6c00:185::1aca
0917abab1b1f4b5e88859cd9c0ff1bc0e327b5c11997610e9c18123457b417d8
35d69f83d3ffb5cdd8db9ba1aa43b23eeb0bd23da28722ce99fd1e8e9303d343
46ca1da5b17e1be2c0e2091573a52558d1d3627339c4287b5ed416e42f669cf0
4ee22025b7fa0ab145dfb088cfd171c0e1f6b2c83035350f94d43dac6a9c2f2c
5eaad8bd4e4f2f2a9d53d041f27bf6ed0f8a2df3d4e975a15d62f138639d0d13
614e9143ff2c5f77b75089ac3e7778bf624deb133f89038a759584e691f32089
6de3580fdeace0ff74927b2449e34587dd0b2a03c7711cf0087925e25429efe3
79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
c382f99f49158456a7b367b9a1a96fe0702e996b2cb5daec67cad7e1b8f5b02c
e39f78e3fd9428c8ad22060046d9cc07d65cf9fa784a16a3925b9acb52f35c3d

iclloudu.com Open in urlscan Pro 2606:4700:3032::681f:444c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

49 Requests

16 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

6 IPs

3 Countries

195 kBTransfer

1352 kBSize

1 Cookies

4 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

iclloudu.com Open in urlscan Pro
2606:4700:3032::681f:444c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

16 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

3
Countries

195 kB
Transfer

1352 kB
Size

1
Cookies

49 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!