JemPH
commented
2 weeks ago The login credentials are not required for AAC downloading. They are not useful at the moment.
The script grabs media-user-token from cookie and doesn't have any suspicious activity. Feel free to use any intercept tools to monitor network activity.
Uploading minified and compressed code on a Source Code sharing website is very suspicious, especially since your code requires iCloud access credentials and you have code making requests to a non-apple server at 20.2.153.132.