urlscan.io logo urlscan.io
SecurityTrails logo

appleid-cdn-apple.itunessecuredlogin.su Open in urlscan Pro
94.103.91.219  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://appleid-cdn-apple.itunessecuredlogin.su/
Effective URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Submission: On October 25 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 34 HTTP transactions. The main IP is 94.103.91.219, located in Kremenki, Russian Federation and belongs to VDSINA-AS, RU. The main domain is appleid-cdn-apple.itunessecuredlogin.su.
TLS certificate: Issued by R3 on October 25th 2022. Valid for: 3 months.
This is the only time appleid-cdn-apple.itunessecuredlogin.su was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

IP Address AS Autonomous System
1 3 94.103.91.219 48282 (VDSINA-AS)
16 2a02:26f0:170... 20940 (AKAMAI-ASN1)
12 96.16.134.158 16625 (AKAMAI-AS)
1 17.32.194.6 714 (APPLE-ENG...)
34 5
Apex Domain
Subdomains		 Transfer
17 apple.com
www.apple.com — Cisco Umbrella Rank: 285
appleid.apple.com — Cisco Umbrella Rank: 7350 Failed
38 KB
12 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3191
1 MB
3 itunessecuredlogin.su
appleid-cdn-apple.itunessecuredlogin.su
132 KB
34 3
Domain Requested by
16 www.apple.com appleid-cdn-apple.itunessecuredlogin.su
www.apple.com
12 appleid.cdn-apple.com appleid-cdn-apple.itunessecuredlogin.su
appleid.cdn-apple.com
3 appleid-cdn-apple.itunessecuredlogin.su 1 redirects appleid.cdn-apple.com
1 appleid.apple.com appleid.cdn-apple.com
34 4

This site contains links to these domains. Also see Links.

Domain
www.apple.com
support.apple.com
appleid.apple.com
locate.apple.com
Subject Issuer Validity Valid
itunessecuredlogin.su
R3		 2022-10-25 -
2023-01-23		 3 months crt.sh
www.apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-19 -
2023-05-19		 a year crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-19 -
2023-05-19		 a year crt.sh
appleid.apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-23 -
2023-05-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://appleid-cdn-apple.itunessecuredlogin.su/
Frame ID: 94C0D4966B78633A34134C8BC40F2F4A
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Deine Apple-ID verwalten

Page URL History Show full URLs

  1. http://appleid-cdn-apple.itunessecuredlogin.su/ HTTP 302
    https://appleid-cdn-apple.itunessecuredlogin.su/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Bag

Page Statistics

34
Requests

91 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

5
IPs

3
Countries

1220 kB
Transfer

4170 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://appleid-cdn-apple.itunessecuredlogin.su/ HTTP 302
    https://appleid-cdn-apple.itunessecuredlogin.su/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
appleid-cdn-apple.itunessecuredlogin.su/
Redirect Chain
  • http://appleid-cdn-apple.itunessecuredlogin.su/
  • https://appleid-cdn-apple.itunessecuredlogin.su/
128 KB
130 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://appleid-cdn-apple.itunessecuredlogin.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU),
Reverse DNS
host-94-103-91-219.hosted-by-vdsina.ru
Software
Apple /
Resource Hash
814e5bf53aca54dfaa0daaa9aa96b7820a33699f891eef9c2679865f3b33550a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache no-store
Connection
close
Content-Language
de-DE-x-lvariant-DEU
Content-Type
text/html;charset=UTF-8
Date
Tue, 25 Oct 2022 15:16:09 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Host
appleid-apple.itunessecuredlogin.su
Pragma
no-cache
Referrer-Policy
origin
Scnt
AAAA-kM4RUI0NTYwRjI2OEI5M0IwQzc1NUNEMzc4NzczNTlDQzg5RjcwN0I2NDBERTFGQzEzNzc0NUM0RjgxQzEyMTE1QjBFQjExQ0FBOTNFM0QyQzI5RDg2OUMzMzNEMDMwRTNBMzhGQzI0NDE4NUE2QTBEMDFCQ0Q0MUU5NjBFMTE1RUUxRTBCMkQzRUQzM0Y0RDg1OEE4NTcxNjU5NTg1ODZDMDMxQzlGNTkzRjdENDM4RDdGMDgzRUREMEZEMDQ1QTg2QkRBQzZGRTdERTUwQjU5MzkxOUJCNEJEQjM2MkUxQUM0MTFBRTg1MTU5N0U3MHwxAAABhA_E_iLWpo2wx-QJGrMBAPjQCmHfAtN__3tJZw9yXpFowMLfkljG2I9TBZZ7ABeTcB84TOvGVsX7oHrxM8GlVggUAWxr-4q050lPYfblRT96irrwIg
Server
Apple
Transfer-Encoding
chunked
Vary
accept-encoding
X-Apple-I-Request-Id
f4212e7e-5477-11ed-98c2-97eb3ad91e44
X-Buildversion
R1_3

Redirect headers

Content-Length
71
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Oct 2022 15:16:08 GMT
Location
https://appleid-cdn-apple.itunessecuredlogin.su/
fonts
www.apple.com/wss/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/wss/fonts?families=SF+Pro,v3|SF+Pro+Icons,v3
Requested by
Host: appleid-cdn-apple.itunessecuredlogin.su
URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
ac-globalnav.built.css
www.apple.com/ac/globalnav/7/de_DE/styles/ 		114 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Requested by
Host: appleid-cdn-apple.itunessecuredlogin.su
URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
762e891d4317f934767740358a0b43a0bcbbc5b8d8f0d861f7bdc84a25d1c497
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:09 GMT
content-encoding
gzip
server
Apple
ntcoent-length
116295
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
cache-control
max-age=0
content-length
12698
x-xss-protection
1; mode=block
expires
Tue, 25 Oct 2022 15:16:09 GMT
ac-globalfooter.built.css
www.apple.com/ac/globalfooter/7/de_DE/styles/ 		44 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.apple.com/ac/globalfooter/7/de_DE/styles/ac-globalfooter.built.css
Requested by
Host: appleid-cdn-apple.itunessecuredlogin.su
URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
e4a3adf04876e5d257d8fb7b03df9250c65fba7dcda8408942e902fbb2e9d515
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:09 GMT
content-encoding
gzip
server
Apple
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
cache-control
max-age=0
content-length
5345
x-xss-protection
1; mode=block
expires
Tue, 25 Oct 2022 15:16:09 GMT
common-header.js
appleid.cdn-apple.com/static/jsj/N1303632466/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/static/jsj/N1303632466/common-header.js
Requested by
Host: appleid-cdn-apple.itunessecuredlogin.su
URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
b5a9bf072ade217ab958474521d73134e7c3520e2fb56722a8bf555769dbff72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:09 GMT
Last-Modified
Tue, 20 Sep 2022 16:48:28 GMT
Server
Apple
Host
appleid.apple.com
ETag
W/"45018-1663692508920"
Vary
accept-encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://appleid.apple.com
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14698
authService.latest.min.js
appleid.cdn-apple.com/appleauth/static/jsapi/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/authService.latest.min.js
Requested by
Host: appleid-cdn-apple.itunessecuredlogin.su
URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
637887c20d64107d15a953804d693d5587262aa3a3148bcd2e65eb870b6ec329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:09 GMT
Last-Modified
Tue, 18 Oct 2022 20:58:39 GMT
Server
Apple
ETag
W/"45564-1666126719259"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800,stale-while-revalidate=1800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13502
home-74bfcb65bcb543e98047.css
appleid.cdn-apple.com/static/module-assets/ 		710 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/static/module-assets/home-74bfcb65bcb543e98047.css
Requested by
Host: appleid-cdn-apple.itunessecuredlogin.su
URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
e792160860256ff4ace44d5834e527118f2ca6a72b1bf0f124c05543d8a2c756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:09 GMT
Last-Modified
Tue, 18 Oct 2022 20:11:48 GMT
Server
Apple
Host
appleid.apple.com
ETag
W/"726907-1666123908896"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
https://appleid.apple.com
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47560
runtime-dcd46a16fbf29006029a.js
appleid.cdn-apple.com/static/module-assets/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/static/module-assets/runtime-dcd46a16fbf29006029a.js
Requested by
Host: appleid-cdn-apple.itunessecuredlogin.su
URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
f05529706cf4b9d72bb812ccd70945813202f8077fdefc14de84b43377dff2ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:09 GMT
Last-Modified
Tue, 18 Oct 2022 20:11:56 GMT
Server
Apple
Host
appleid.apple.com
ETag
W/"4447-1666123916109"
Vary
accept-encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://appleid.apple.com
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2174
react-redux-kit-943919b2afa6eb55130f.js
appleid.cdn-apple.com/static/module-assets/ 		167 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/static/module-assets/react-redux-kit-943919b2afa6eb55130f.js
Requested by
Host: appleid-cdn-apple.itunessecuredlogin.su
URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
7baeb3a6bffdf472b5affd5bc6e31a598a7c357ea40d119324bbc6ce376b7413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:09 GMT
Last-Modified
Thu, 29 Sep 2022 18:33:57 GMT
Server
Apple
Host
appleid.apple.com
ETag
W/"171357-1664476437482"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://appleid.apple.com
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56660
home-297e36c6961e49393979.js
appleid.cdn-apple.com/static/module-assets/ 		834 KB
227 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/static/module-assets/home-297e36c6961e49393979.js
Requested by
Host: appleid-cdn-apple.itunessecuredlogin.su
URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
c8175b506720f91b147601006bd865d0f3397f8dd744990131985701b01e6a9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:09 GMT
Last-Modified
Tue, 18 Oct 2022 20:11:56 GMT
Server
Apple
Host
appleid.apple.com
ETag
W/"854139-1666123916699"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://appleid.apple.com
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
232354
263-4f9a0cf2820870acb890.js
appleid.cdn-apple.com/static/module-assets/ 		66 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/static/module-assets/263-4f9a0cf2820870acb890.js
Requested by
Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/static/module-assets/runtime-dcd46a16fbf29006029a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
4112559c8eca17ef382e333407e2b3c6ee9fb9d73b5fa63c65a1356adbb7c9fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:10 GMT
Last-Modified
Tue, 18 Oct 2022 20:11:48 GMT
Server
Apple
Host
appleid.apple.com
ETag
W/"67302-1666123908486"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://appleid.apple.com
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23754
78-b1ce7e924e41ab3814e3.js
appleid.cdn-apple.com/static/module-assets/ 		323 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/static/module-assets/78-b1ce7e924e41ab3814e3.js
Requested by
Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/static/module-assets/runtime-dcd46a16fbf29006029a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
7d86941e9260ae24a1ac06366003f5af22664436bb6612f9551eccf50b236d51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:10 GMT
Last-Modified
Thu, 29 Sep 2022 18:33:58 GMT
Server
Apple
Host
appleid.apple.com
ETag
W/"330354-1664476438006"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://appleid.apple.com
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
83811
757-e34657c34c16d8815536.css
appleid.cdn-apple.com/static/module-assets/ 		87 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/static/module-assets/757-e34657c34c16d8815536.css
Requested by
Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/static/module-assets/runtime-dcd46a16fbf29006029a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
5084061483f23a3bc4a574da4a9316b7db07bcd37c3a7e8042326ed1e1135d8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:10 GMT
Last-Modified
Tue, 18 Oct 2022 20:11:51 GMT
Server
Apple
Host
appleid.apple.com
ETag
W/"89415-1666123911508"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
https://appleid.apple.com
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4999
757-05fbe59f42ca2e41f362.js
appleid.cdn-apple.com/static/module-assets/ 		115 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/static/module-assets/757-05fbe59f42ca2e41f362.js
Requested by
Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/static/module-assets/runtime-dcd46a16fbf29006029a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
89b279bf88718f4b7e8c6d98a830b6bed0057cfbfcb38e0ba6531feed7cd86f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:10 GMT
Last-Modified
Tue, 18 Oct 2022 20:11:53 GMT
Server
Apple
Host
appleid.apple.com
ETag
W/"118033-1666123913085"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://appleid.apple.com
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29304
WebApp-03d2d506104af95e9403.css
appleid.cdn-apple.com/static/module-assets/ 		218 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/static/module-assets/WebApp-03d2d506104af95e9403.css
Requested by
Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/static/module-assets/runtime-dcd46a16fbf29006029a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
6f7e1e97c89aed7a829354d3ec4d89d4ac710edb4f1e104a33351dde37478657
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:10 GMT
Last-Modified
Thu, 29 Sep 2022 18:33:59 GMT
Server
Apple
Host
appleid.apple.com
ETag
W/"222855-1664476439787"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
https://appleid.apple.com
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15341
WebApp-c6305c1a141e7623288b.js
appleid.cdn-apple.com/static/module-assets/ 		735 KB
533 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/static/module-assets/WebApp-c6305c1a141e7623288b.js
Requested by
Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/static/module-assets/runtime-dcd46a16fbf29006029a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.16.134.158 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-134-158.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
154328d7407a0c175f26742d7f8033cc89b3e901d8c6b2b211f79ef04bed342a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:10 GMT
Last-Modified
Tue, 18 Oct 2022 20:11:56 GMT
Server
Apple
Host
appleid.apple.com
ETag
W/"753081-1666123916807"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
https://appleid.apple.com
Cache-Control
public, max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
545588
portal
appleid-cdn-apple.itunessecuredlogin.su/bootstrap/ 		337 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://appleid-cdn-apple.itunessecuredlogin.su/bootstrap/portal
Requested by
Host: appleid.cdn-apple.com
URL: https://appleid.cdn-apple.com/static/module-assets/home-297e36c6961e49393979.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
94.103.91.219 Kremenki, Russian Federation, ASN48282 (VDSINA-AS, RU),
Reverse DNS
host-94-103-91-219.hosted-by-vdsina.ru
Software
Apple /
Resource Hash
beca9ed81125c904ecbc8a9211b34dad3a67e2ecb3867a24c379f181851b6c85

Request headers

X-Apple-I-FD-Client-Info
{"U":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36","L":"en-US","Z":"GMT+00:00","V":"1.1","F":"7la44j1e3NlY5BNlY5BSmHACVZXnN9..8HkxdH1FrN.S9RdPQSzOy_Aw7UTlWY5Pv20NI_5DK1dLvojmVU_Wxv55BNlY5CGWY5BOgkLT0XxU..EO5"}
X-Apple-I-Request-Context
ca
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
X-Apple-I-TimeZone
Etc/Unknown

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 15:16:10 GMT
X-Apple-I-Request-Id
f4d7113d-5477-11ed-89e8-6d092e1b293c
Referrer-Policy
origin
Server
Apple
Host
appleid-apple.itunessecuredlogin.su
Transfer-Encoding
chunked
Vary
accept-encoding
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store
Connection
close
X-Buildversion
R1_3
Expires
Thu, 01 Jan 1970 00:00:00 GMT
token
appleid.apple.com/account/manage/gs/ws/ 		0
0
token
appleid.apple.com/account/manage/gs/ws/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://appleid.apple.com/account/manage/gs/ws/token
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
17.32.194.6 Maiden, United States, ASN714 (APPLE-ENGINEERING, US),
Reverse DNS
appleid-nc-s.apple.com
Software
Apple /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-apple-i-fd-client-info,x-apple-i-request-context,x-apple-i-timezone
Access-Control-Request-Method
GET
Origin
https://appleid-cdn-apple.itunessecuredlogin.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Date
Tue, 25 Oct 2022 15:16:11 GMT
Server
Apple
Transfer-Encoding
chunked
Vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
X-Apple-I-Request-ID
f563c0c0-5477-11ed-9163-3d2664aa15b9
globalnav_apple_image__b5er5ngrzxqq_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 		863 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_apple_image__b5er5ngrzxqq_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
185fef753937fdebf36104cf6481152e587d964a1b3496ab5d7623922a147a44
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-length
506
x-xss-protection
1; mode=block
last-modified
Sun, 24 Oct 2021 03:40:18 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=71
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:17:22 GMT
globalnav_links_store_image__c7jy08initqq_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_store_image__c7jy08initqq_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
55d7561df16af1de5799324be81a44754dad9dab88ff218332afe9f025d77cc6
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-length
962
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=70
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:17:21 GMT
globalnav_links_mac_image__dazlko3t9a6a_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_mac_image__dazlko3t9a6a_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
85b8c05e05b9e061cc54ea913585892d53a4a924e21ca56a5e8a157530fcadec
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-length
598
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=65
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:17:16 GMT
globalnav_links_ipad_image__fw9qyj9lloi2_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_ipad_image__fw9qyj9lloi2_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
31543acd0ac919c7d8f12cdc9e825b73a9e9ee49c6401a3b71eb56dc36610873
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-length
634
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=116
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:18:07 GMT
globalnav_links_iphone_image__ko7x4isga4ia_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_iphone_image__ko7x4isga4ia_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
1ef5ee6840f53e79a2d93d107829d6abfb11e1f9f2e0891bd320619ff5ce7799
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-length
692
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=94
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:17:45 GMT
globalnav_links_watch_image__gkoblojrlsqe_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_watch_image__gkoblojrlsqe_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
7889fed7ca01fa0705b734d8374be93aabe54474b7fb9879bd483b396465c22e
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-length
683
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=501
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:24:32 GMT
globalnav_links_airpods_image__f969s84ivmaa_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_airpods_image__f969s84ivmaa_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
e7f5e4bb2a9897973aad5732fa800bcf8609ce74f54b6d5621077e51d0cdd800
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-length
854
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=485
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:24:16 GMT
globalnav_links_tvhome_image__zb2ewyxbi6ae_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_tvhome_image__zb2ewyxbi6ae_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
a1a6667c2d48c2865744854bebc70c4c526d0060aaa841662c4bd16deac78f07
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-length
1072
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=90
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:17:41 GMT
globalnav_links_onlyonapple_image__c4t8k97tougm_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/9422a341-3665-5e39-8a85-b00740ac552a/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/9422a341-3665-5e39-8a85-b00740ac552a/globalnav_links_onlyonapple_image__c4t8k97tougm_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
bbee381074897523d65e0658ff8ae2999ce4e53553911b246aa8888f08228a1a
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
cneonction
close
content-length
1135
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=91
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:17:42 GMT
globalnav_links_accessories_image__edj0wqmfwxyu_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/9422a341-3665-5e39-8a85-b00740ac552a/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/9422a341-3665-5e39-8a85-b00740ac552a/globalnav_links_accessories_image__edj0wqmfwxyu_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
bd0a62b2cf7a37883567f72d61806bc783df9be8ae2246fffdbb503c422babca
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-length
940
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=228
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:19:59 GMT
globalnav_links_support_image__bw9kctll7u3m_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_links_support_image__bw9kctll7u3m_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
71392abcfe2eac44a408c9a10ee75abb8661fa50072880379cb00833142370b7
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' data: blob: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-length
869
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=139
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:18:30 GMT
globalnav_search_image__cbllq1gkias2_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 		541 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_search_image__cbllq1gkias2_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
a744871014431ff682fd7c87ed6fd05fb502dcd707c971b070cc88fc18f881d3
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-length
251
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=277
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:20:48 GMT
globalnav_bag_image__yzte50i47ciu_large.svg
www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/ 		477 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.apple.com/ac/globalnav/7/de_DE/images/be15095f-5a20-57d0-ad14-cf4c638e223a/globalnav_bag_image__yzte50i47ciu_large.svg
Requested by
Host: www.apple.com
URL: https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:38d::1aca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apple /
Resource Hash
9f86e7072e1441b16c4f9bb1dcde29f5e4f57409aa0e1f23462222ee7a0935af
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.apple.com/ac/globalnav/7/de_DE/styles/ac-globalnav.built.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains
content-security-policy
default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 15:16:11 GMT
content-encoding
gzip
x-cache
TCP_MEM_HIT from a184-86-102-16.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
nncoection
close
content-length
298
x-xss-protection
1; mode=block
last-modified
Thu, 14 Oct 2021 23:22:48 GMT
server
Apple
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=86
accept-ranges
bytes
expires
Tue, 25 Oct 2022 15:17:37 GMT
appleicons_text.woff
www.apple.com/ac/globalfooter/7/de_DE/assets/ac-footer/legacy/ 		0
0
truncated
/ 		516 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d2270dd987043f011aa4fd9b5b710f371716ae41f073a7080208a5c7f09632a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://appleid-cdn-apple.itunessecuredlogin.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
appleicons_text.ttf
www.apple.com/ac/globalfooter/7/de_DE/assets/ac-footer/legacy/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
appleid.apple.com
URL
https://appleid.apple.com/account/manage/gs/ws/token
Domain
www.apple.com
URL
https://www.apple.com/ac/globalfooter/7/de_DE/assets/ac-footer/legacy/appleicons_text.woff
Domain
www.apple.com
URL
https://www.apple.com/ac/globalfooter/7/de_DE/assets/ac-footer/legacy/appleicons_text.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| html5 object| Modernizr object| Detectizr object| AppleID object| idmsapis object| webpackChunk_idms_private_account_portal object| options object| appidmsparm object| dcHelper object| AC function| setPageFeature

2 Cookies

Domain/Path Name / Value
.itunessecuredlogin.su/ Name: dslang
Value: DE-DE
.itunessecuredlogin.su/ Name: site
Value: DEU

7 Console Messages

Source Level URL
Text
network error URL: https://www.apple.com/wss/fonts?families=SF+Pro,v3|SF+Pro+Icons,v3
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Message:
Access to XMLHttpRequest at 'https://appleid.apple.com/account/manage/gs/ws/token' from origin 'https://appleid-cdn-apple.itunessecuredlogin.su' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://appleid.apple.com/account/manage/gs/ws/token
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Message:
Access to font at 'https://www.apple.com/ac/globalfooter/7/de_DE/assets/ac-footer/legacy/appleicons_text.woff' from origin 'https://appleid-cdn-apple.itunessecuredlogin.su' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.apple.com/ac/globalfooter/7/de_DE/assets/ac-footer/legacy/appleicons_text.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://appleid-cdn-apple.itunessecuredlogin.su/
Message:
Access to font at 'https://www.apple.com/ac/globalfooter/7/de_DE/assets/ac-footer/legacy/appleicons_text.ttf' from origin 'https://appleid-cdn-apple.itunessecuredlogin.su' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.apple.com/ac/globalfooter/7/de_DE/assets/ac-footer/legacy/appleicons_text.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appleid-cdn-apple.itunessecuredlogin.su
appleid.apple.com
appleid.cdn-apple.com
www.apple.com
appleid.apple.com
www.apple.com
17.32.194.6
2a02:26f0:1700:38d::1aca
94.103.91.219
96.16.134.158
154328d7407a0c175f26742d7f8033cc89b3e901d8c6b2b211f79ef04bed342a
185fef753937fdebf36104cf6481152e587d964a1b3496ab5d7623922a147a44
1ef5ee6840f53e79a2d93d107829d6abfb11e1f9f2e0891bd320619ff5ce7799
31543acd0ac919c7d8f12cdc9e825b73a9e9ee49c6401a3b71eb56dc36610873
4112559c8eca17ef382e333407e2b3c6ee9fb9d73b5fa63c65a1356adbb7c9fa
5084061483f23a3bc4a574da4a9316b7db07bcd37c3a7e8042326ed1e1135d8f
55d7561df16af1de5799324be81a44754dad9dab88ff218332afe9f025d77cc6
5d2270dd987043f011aa4fd9b5b710f371716ae41f073a7080208a5c7f09632a
637887c20d64107d15a953804d693d5587262aa3a3148bcd2e65eb870b6ec329
6f7e1e97c89aed7a829354d3ec4d89d4ac710edb4f1e104a33351dde37478657
71392abcfe2eac44a408c9a10ee75abb8661fa50072880379cb00833142370b7
762e891d4317f934767740358a0b43a0bcbbc5b8d8f0d861f7bdc84a25d1c497
7889fed7ca01fa0705b734d8374be93aabe54474b7fb9879bd483b396465c22e
7baeb3a6bffdf472b5affd5bc6e31a598a7c357ea40d119324bbc6ce376b7413
7d86941e9260ae24a1ac06366003f5af22664436bb6612f9551eccf50b236d51
814e5bf53aca54dfaa0daaa9aa96b7820a33699f891eef9c2679865f3b33550a
85b8c05e05b9e061cc54ea913585892d53a4a924e21ca56a5e8a157530fcadec
89b279bf88718f4b7e8c6d98a830b6bed0057cfbfcb38e0ba6531feed7cd86f9
9f86e7072e1441b16c4f9bb1dcde29f5e4f57409aa0e1f23462222ee7a0935af
a1a6667c2d48c2865744854bebc70c4c526d0060aaa841662c4bd16deac78f07
a744871014431ff682fd7c87ed6fd05fb502dcd707c971b070cc88fc18f881d3
b5a9bf072ade217ab958474521d73134e7c3520e2fb56722a8bf555769dbff72
bbee381074897523d65e0658ff8ae2999ce4e53553911b246aa8888f08228a1a
bd0a62b2cf7a37883567f72d61806bc783df9be8ae2246fffdbb503c422babca
beca9ed81125c904ecbc8a9211b34dad3a67e2ecb3867a24c379f181851b6c85
c8175b506720f91b147601006bd865d0f3397f8dd744990131985701b01e6a9b
e4a3adf04876e5d257d8fb7b03df9250c65fba7dcda8408942e902fbb2e9d515
e792160860256ff4ace44d5834e527118f2ca6a72b1bf0f124c05543d8a2c756
e7f5e4bb2a9897973aad5732fa800bcf8609ce74f54b6d5621077e51d0cdd800
f05529706cf4b9d72bb812ccd70945813202f8077fdefc14de84b43377dff2ed