Report - us-forgotios18.info/a.php/

Report Overview

Submitted URL
us-forgotios18.info/a.php/
IP
162.240.34.33
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2024-05-10 14:26:16
Access
public
Website Title
Find My iPhone
Final URL
us-forgotios18.info/a.php/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
us-forgotios18.info	unknown	unknown	No data	No data	4.1 kB	159 kB	162.240.34.33

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	us-forgotios18.info/a.php/	Apple Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	us-forgotios18.info/app/assets/js/heho.js	18 kB	2023-04-15	2024-05-15
Pretty URL us-forgotios18.info/app/assets/js/heho.js IP 162.240.34.33 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-15 21:44:37 Last Seen2024-05-15 20:11:05 Times Seen50 Hash 5e8a4e31efb8cb097aef5089d23bff57 a71b4d30b7f2cbce000c40b4d3abf51b36504e9e 86f482dfb6f637fb81589867aa15c7c5a43337786ddc27620ea9654bd930e3c8 Loading...

	us-forgotios18.info/a.php/	256 B	2023-03-08	2024-05-15
Pretty URL us-forgotios18.info/a.php/ IP 162.240.34.33 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 07:12:13 Last Seen2024-05-15 20:11:05 Times Seen18 Hash c7fcf450addc670278975ccdf266806c 2b1cbabd7ea258710fedfedc6afdae3108a9efc3 8b57f573ae6bb81fcc15d03f1e8dd088d7c0c96ecd51e366d6de4fcf96c22f80 Loading...

	us-forgotios18.info/a.php/	400 B	2023-03-08	2024-05-15
Pretty URL us-forgotios18.info/a.php/ IP 162.240.34.33 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 07:12:13 Last Seen2024-05-15 20:11:05 Times Seen33 Hash e9dd98d0fbd781a09bba5bd43cd4e5ef d503cd4d3483e60b92f133c80388ddc801392d29 4868f5ff26e0c87c10c58e758a301af66c9de10fe6a525b6804312a89cd3516c Loading...

	us-forgotios18.info/a.php/	6.4 kB	2024-05-10	2024-05-15
Pretty URL us-forgotios18.info/a.php/ IP 162.240.34.33 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 16:26:23 Last Seen2024-05-15 20:11:05 Times Seen11 Hash a820d1c9a197477be6e31b853df594d3 5a88527f5778d2a48a3c13948962ed6757e87946 6d52428af6ba9d6cd19876e9113fff43c645c3308cea62047a9cf27330dd6537 Loading...

HTTP Transactions (9)

URL IP Response Size

us-forgotios18.info/a.php/

162.240.34.33

200 OK

17 kB

URL User Request GET HTTP/1.1
us-forgotios18.info/a.php/
IP
162.240.34.33:443
ASN
#46606 UNIFIEDLAYER-AS-1

Certificate
IssuerLet's Encrypt
Subjectapple-account-findmy.us
Fingerprint18:A1:F2:A3:12:20:85:D2:86:86:2F:DD:9A:61:78:B8:D7:04:DB:EB
ValidityThu, 09 May 2024 14:34:26 GMT - Wed, 07 Aug 2024 14:34:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1547)
Size
17 kB (17447 bytes)
Hash
f0623288d943099ae2c09ec0b7c46972
bbd32f45d7f220339b3d349a9002fb1db6d5bf63
94475322ddb38e0831eb5af96df89b957a116903ffcf02d5504dc4c5f06bc824

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.

HTTP Headers

GET /a.php/ HTTP/1.1
Host: us-forgotios18.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 14:25:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

us-forgotios18.info/app/assets/js/heho.js

162.240.34.33

200 OK

18 kB

URL GET HTTP/1.1
us-forgotios18.info/app/assets/js/heho.js
IP
162.240.34.33:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://us-forgotios18.info/a.php/
Certificate
IssuerLet's Encrypt
Subjectapple-account-findmy.us
Fingerprint18:A1:F2:A3:12:20:85:D2:86:86:2F:DD:9A:61:78:B8:D7:04:DB:EB
ValidityThu, 09 May 2024 14:34:26 GMT - Wed, 07 Aug 2024 14:34:25 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
18 kB (17714 bytes)
Hash
754e99ea16d78b08e89b4cca14348dbd
7d890c6b957568b7c2caad90d9ecfbace5da9445
3ccc3ac302b53bc3cfd5c688b5679cef2d9c44e482ea9e796666d4cb917d79ee

HTTP Headers

GET /app/assets/js/heho.js HTTP/1.1
Host: us-forgotios18.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-forgotios18.info/a.php/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 14:25:51 GMT
Content-Type: application/javascript
Content-Length: 17714
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 20:20:06 GMT
Accept-Ranges: bytes

us-forgotios18.info/a.php/src/icloud_page/jquery-1.10.2.js

162.240.34.33

200 OK

17 kB

URL GET HTTP/1.1
us-forgotios18.info/a.php/src/icloud_page/jquery-1.10.2.js
IP
162.240.34.33:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://us-forgotios18.info/a.php/
Certificate
IssuerLet's Encrypt
Subjectapple-account-findmy.us
Fingerprint18:A1:F2:A3:12:20:85:D2:86:86:2F:DD:9A:61:78:B8:D7:04:DB:EB
ValidityThu, 09 May 2024 14:34:26 GMT - Wed, 07 Aug 2024 14:34:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1547)
Size
17 kB (17447 bytes)
Hash
f0623288d943099ae2c09ec0b7c46972
bbd32f45d7f220339b3d349a9002fb1db6d5bf63
94475322ddb38e0831eb5af96df89b957a116903ffcf02d5504dc4c5f06bc824

HTTP Headers

GET /a.php/src/icloud_page/jquery-1.10.2.js HTTP/1.1
Host: us-forgotios18.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-forgotios18.info/a.php/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 14:25:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

us-forgotios18.info/a.php/code.jquery.com/jquery-1.10.2.js

162.240.34.33

200 OK

17 kB

URL GET HTTP/1.1
us-forgotios18.info/a.php/code.jquery.com/jquery-1.10.2.js
IP
162.240.34.33:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://us-forgotios18.info/a.php/
Certificate
IssuerLet's Encrypt
Subjectapple-account-findmy.us
Fingerprint18:A1:F2:A3:12:20:85:D2:86:86:2F:DD:9A:61:78:B8:D7:04:DB:EB
ValidityThu, 09 May 2024 14:34:26 GMT - Wed, 07 Aug 2024 14:34:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1547)
Size
17 kB (17447 bytes)
Hash
f0623288d943099ae2c09ec0b7c46972
bbd32f45d7f220339b3d349a9002fb1db6d5bf63
94475322ddb38e0831eb5af96df89b957a116903ffcf02d5504dc4c5f06bc824

HTTP Headers

GET /a.php/code.jquery.com/jquery-1.10.2.js HTTP/1.1
Host: us-forgotios18.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-forgotios18.info/a.php/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 14:25:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

us-forgotios18.info/a.php/src/activation_lock/passcode.css

162.240.34.33

200 OK

17 kB

URL GET HTTP/1.1
us-forgotios18.info/a.php/src/activation_lock/passcode.css
IP
162.240.34.33:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://us-forgotios18.info/a.php/
Certificate
IssuerLet's Encrypt
Subjectapple-account-findmy.us
Fingerprint18:A1:F2:A3:12:20:85:D2:86:86:2F:DD:9A:61:78:B8:D7:04:DB:EB
ValidityThu, 09 May 2024 14:34:26 GMT - Wed, 07 Aug 2024 14:34:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1547)
Size
17 kB (17447 bytes)
Hash
f0623288d943099ae2c09ec0b7c46972
bbd32f45d7f220339b3d349a9002fb1db6d5bf63
94475322ddb38e0831eb5af96df89b957a116903ffcf02d5504dc4c5f06bc824

HTTP Headers

GET /a.php/src/activation_lock/passcode.css HTTP/1.1
Host: us-forgotios18.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-forgotios18.info/a.php/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 14:25:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

us-forgotios18.info/a.php/src/icloud_page_new/activity-indicator.js

162.240.34.33

200 OK

17 kB

URL GET HTTP/1.1
us-forgotios18.info/a.php/src/icloud_page_new/activity-indicator.js
IP
162.240.34.33:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://us-forgotios18.info/a.php/
Certificate
IssuerLet's Encrypt
Subjectapple-account-findmy.us
Fingerprint18:A1:F2:A3:12:20:85:D2:86:86:2F:DD:9A:61:78:B8:D7:04:DB:EB
ValidityThu, 09 May 2024 14:34:26 GMT - Wed, 07 Aug 2024 14:34:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1547)
Size
17 kB (17447 bytes)
Hash
f0623288d943099ae2c09ec0b7c46972
bbd32f45d7f220339b3d349a9002fb1db6d5bf63
94475322ddb38e0831eb5af96df89b957a116903ffcf02d5504dc4c5f06bc824

HTTP Headers

GET /a.php/src/icloud_page_new/activity-indicator.js HTTP/1.1
Host: us-forgotios18.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-forgotios18.info/a.php/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 14:25:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

us-forgotios18.info/a.php/code.jquery.com/ui/1.12.1/jquery-ui.js

162.240.34.33

200 OK

17 kB

URL GET HTTP/1.1
us-forgotios18.info/a.php/code.jquery.com/ui/1.12.1/jquery-ui.js
IP
162.240.34.33:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://us-forgotios18.info/a.php/
Certificate
IssuerLet's Encrypt
Subjectapple-account-findmy.us
Fingerprint18:A1:F2:A3:12:20:85:D2:86:86:2F:DD:9A:61:78:B8:D7:04:DB:EB
ValidityThu, 09 May 2024 14:34:26 GMT - Wed, 07 Aug 2024 14:34:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1547)
Size
17 kB (17447 bytes)
Hash
f0623288d943099ae2c09ec0b7c46972
bbd32f45d7f220339b3d349a9002fb1db6d5bf63
94475322ddb38e0831eb5af96df89b957a116903ffcf02d5504dc4c5f06bc824

HTTP Headers

GET /a.php/code.jquery.com/ui/1.12.1/jquery-ui.js HTTP/1.1
Host: us-forgotios18.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-forgotios18.info/a.php/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 14:25:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

us-forgotios18.info/a.php/src/activation_lock/next.png

162.240.34.33

200 OK

17 kB

URL GET HTTP/1.1
us-forgotios18.info/a.php/src/activation_lock/next.png
IP
162.240.34.33:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://us-forgotios18.info/a.php/
Certificate
IssuerLet's Encrypt
Subjectapple-account-findmy.us
Fingerprint18:A1:F2:A3:12:20:85:D2:86:86:2F:DD:9A:61:78:B8:D7:04:DB:EB
ValidityThu, 09 May 2024 14:34:26 GMT - Wed, 07 Aug 2024 14:34:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1547)
Size
17 kB (17447 bytes)
Hash
f0623288d943099ae2c09ec0b7c46972
bbd32f45d7f220339b3d349a9002fb1db6d5bf63
94475322ddb38e0831eb5af96df89b957a116903ffcf02d5504dc4c5f06bc824

HTTP Headers

GET /a.php/src/activation_lock/next.png HTTP/1.1
Host: us-forgotios18.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-forgotios18.info/a.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 14:25:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

us-forgotios18.info/a.php/favicon.ico

162.240.34.33

200 OK

17 kB

URL GET HTTP/1.1
us-forgotios18.info/a.php/favicon.ico
IP
162.240.34.33:443
ASN
#46606 UNIFIEDLAYER-AS-1

Requested by
https://us-forgotios18.info/a.php/
Certificate
IssuerLet's Encrypt
Subjectapple-account-findmy.us
Fingerprint18:A1:F2:A3:12:20:85:D2:86:86:2F:DD:9A:61:78:B8:D7:04:DB:EB
ValidityThu, 09 May 2024 14:34:26 GMT - Wed, 07 Aug 2024 14:34:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1547)
Size
17 kB (17447 bytes)
Hash
f0623288d943099ae2c09ec0b7c46972
bbd32f45d7f220339b3d349a9002fb1db6d5bf63
94475322ddb38e0831eb5af96df89b957a116903ffcf02d5504dc4c5f06bc824

HTTP Headers

GET /a.php/favicon.ico HTTP/1.1
Host: us-forgotios18.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-forgotios18.info/a.php/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 14:25:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (9)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size